Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Win 7 64bit: Windows-Update und Systemsteuerungsproblem (https://www.trojaner-board.de/150219-win-7-64bit-windows-update-systemsteuerungsproblem.html)

poldy-tec 24.02.2014 14:52
Win 7 64bit: Windows-Update und Systemsteuerungsproblem
 
Hallo!

Leider bin ich mal wieder auf eure Hilfe angewiesen.
Auf dem Rechner meines Vaters funktioniert Windows Update nicht mehr
(Fehlermeldung: "Code 800700C1: Unbekannter Fehler bei Windows Update")

und bei Systemsteuerung->System kommt die Meldung: "Die Seite konnte nicht geladen werden". Außerdem lässt sich MS Security Essentials nicht mehr Updaten.

Ich hab schonmal mit FRST gescannt, die Logs sind unten.

Danke schonmal das ihr euch mit meinem Problem beschäftigt.

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by Dieter (ATTENTION: The logged in user is not administrator) on MADISOGI-PC on 24-02-2014 12:46:40
Running from D:\Download
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(ZONER software) E:\Freeware\Photo Studio 15\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Windows7FirewallControl] - C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1143296 2013-04-16] (Sphinx Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3340963302-3071948555-2605324771-1003\...\Run: [Zoner Photo Studio Autoupdate] - E:\FREEWARE\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)

==================== Internet (Whitelisted) ====================

BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\80t86t7m.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Cookies Manager+ - C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\80t86t7m.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2013-12-01]
FF Extension: Adblock Plus - C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\80t86t7m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-27]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

==================== Services (Whitelisted) =================

R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [778752 2013-04-16] (Sphinx Software)
S2 FreemakeVideoCapture; "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 12:46 - 2014-02-24 12:46 - 00000000 ____D () C:\FRST
2014-02-24 11:58 - 2014-02-24 12:00 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-02-18 10:30 - 2014-02-18 10:30 - 00003022 _____ () C:\Users\Dieter\.recently-used.xbel
2014-02-17 11:37 - 2014-02-17 11:37 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-16 09:31 - 2014-02-16 09:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 18:36 - 2014-02-13 18:36 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-13 18:36 - 2014-02-13 18:36 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-10 16:54 - 2013-04-05 13:23 - 00000450 _____ () C:\Users\Dieter\Documents\indexfile.txt
2014-02-04 11:14 - 2014-02-04 11:14 - 00000218 _____ () C:\Users\Dieter\AppData\Local\recently-used.xbel
2014-01-31 19:30 - 2014-01-31 19:30 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.1.1.lnk
2014-01-25 16:41 - 2014-01-25 16:42 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\PhotoScape
2014-01-25 12:53 - 2014-01-25 12:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-25 11:15 - 2014-02-03 14:28 - 00001576 _____ () C:\Users\Dieter\Desktop\KeePass 2.24.lnk
2014-01-25 11:13 - 2014-02-10 11:08 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\KeePass

==================== One Month Modified Files and Folders =======

2014-02-24 12:46 - 2014-02-24 12:46 - 00000000 ____D () C:\FRST
2014-02-24 12:29 - 2012-10-26 13:10 - 01287185 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 12:14 - 2013-09-28 20:30 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 12:09 - 2013-04-14 16:12 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bilder
2014-02-24 12:00 - 2014-02-24 11:58 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-02-24 11:55 - 2013-01-11 10:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 09:44 - 2012-11-23 10:02 - 00000000 ____D () C:\Users\Dieter\AppData\Local\Paint.NET
2014-02-24 08:55 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-24 08:35 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 08:35 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 08:28 - 2013-09-28 20:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 08:27 - 2013-04-30 09:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-24 08:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 08:27 - 2009-07-14 05:51 - 00115422 _____ () C:\Windows\setupact.log
2014-02-21 14:57 - 2012-10-27 11:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 14:57 - 2012-10-27 11:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 10:48 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-21 10:48 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-21 10:48 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-18 10:30 - 2014-02-18 10:30 - 00003022 _____ () C:\Users\Dieter\.recently-used.xbel
2014-02-18 10:30 - 2012-10-27 08:09 - 00000000 ____D () C:\Users\Dieter
2014-02-17 11:37 - 2014-02-17 11:37 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-17 10:18 - 2012-10-26 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 09:32 - 2014-02-16 09:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 11:09 - 2012-10-28 18:18 - 00005956 _____ () C:\Users\Dieter\AppData\Roaming\wklnhst.dat
2014-02-13 18:36 - 2014-02-13 18:36 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-13 18:36 - 2014-02-13 18:36 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-12 11:32 - 2012-10-29 12:28 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Familienbande
2014-02-11 14:31 - 2012-11-20 12:51 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\gtk-2.0
2014-02-10 16:51 - 2013-08-07 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-10 11:08 - 2014-01-25 11:13 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\KeePass
2014-02-06 09:21 - 2013-11-17 11:59 - 00000000 ____D () C:\Users\Dieter\AppData\Local\gtk-2.0
2014-02-06 09:18 - 2012-11-02 14:04 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\XnView
2014-02-04 11:14 - 2014-02-04 11:14 - 00000218 _____ () C:\Users\Dieter\AppData\Local\recently-used.xbel
2014-02-03 14:28 - 2014-01-25 11:15 - 00001576 _____ () C:\Users\Dieter\Desktop\KeePass 2.24.lnk
2014-02-03 13:10 - 2013-04-26 09:58 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Mp3tag
2014-01-31 22:24 - 2012-10-27 12:36 - 00090648 _____ () C:\Users\Dieter\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-31 22:24 - 2009-07-14 05:45 - 00382936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-31 19:30 - 2014-01-31 19:30 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.1.1.lnk
2014-01-31 09:59 - 2014-01-20 14:58 - 00000820 _____ () C:\Users\Dieter\Desktop\Amanda Tour.lnk
2014-01-28 13:59 - 2013-08-16 09:08 - 00000000 ____D () C:\Program Files\Recuva
2014-01-26 09:33 - 2013-04-14 16:13 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools
2014-01-26 09:26 - 2012-11-03 12:11 - 00000000 ____D () C:\Users\Dieter\AppData\Local\Microsoft Games
2014-01-25 16:42 - 2014-01-25 16:41 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\PhotoScape
2014-01-25 15:19 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-25 12:53 - 2014-01-25 12:53 - 00000000 ____D () C:\Program Files\CCleaner

Some content of TEMP:
====================
C:\Users\Dieter\AppData\Local\Temp\DaxaKill.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2014 02
Ran by Dieter at 2014-02-24 12:47:18
Running from D:\Download
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Out of date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Out of date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Ant Movie Catalog (HKLM-x32\...\Ant Movie Catalog_is1) (Version: 4.1.2 - Ant Software)
BeCyIconGrabber (HKLM-x32\...\BeCyIconGrabber) (Version: 2.30.0 - Benjamin Bentmann)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Das Fussball Studio 8.5.2 (Beta) (HKLM-x32\...\{F804CEB4-747E-46D5-B8AB-C56E3BAF27D9}_is1) (Version: 8.5.2 - vmLOGIC - Volker Mallmann)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
DigiJay 1.414 (HKLM-x32\...\DigiJay_is1) (Version:  - MB Audio)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
EXPERTool v8.3 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.3.0.1 - Gainward Co. Ltd.)
Free Video Dub version 2.0.21.827 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.827 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.1 - Ellora Assets Corporation)
Genius PDF (HKLM-x32\...\{CF360EF6-65B1-47B3-AF23-5F8626108585}_is1) (Version: 2.1 - LiquidPsi Software)
Gnumeric Spreadsheet 1.10.16-20110616 (HKCU\...\Gnumeric) (Version: 1.10.16-20110616 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Idoswin Pro 5.7 (HKCU\...\Idoswin Pro_is1) (Version: 5.7 - Ingo Eckel)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl)
Kleinstadt (HKLM-x32\...\Kleinstadt) (Version:  - SIGNALSOFT Rail Consultancy Ltd.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MPC-HC 1.6.5.6366 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.5.6366 - MPC-HC Team)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Sweet Home 3D version 4.2 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows7FirewallControl (x64) 5.2.18.33 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.2.18.33 - Sphinx Software)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_DE_is1) (Version: 15.0.1.4 - ZONER software)
Zulu DJ-Software (HKCU\...\Zulu) (Version:  - NCH Software)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2014 11:19:08 PM) (Source: MsiInstaller) (User: MaDiSoGi-PC)
Description: Product: Paint.NET v3.5.11 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action _8FBBBB09_39E3_48BB_9E6C_620898EF3CD9, location: E:\Freeware\Paint.NET\SetupNgen.exe, command: /delete DESKTOPSHORTCUT= PDNUPDATING= SKIPCLEANUP= "PROGRAMSGROUP="  QUEUENGEN=

Error: (01/31/2014 11:17:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:17:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:16:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:13:48 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {5ea46a61-fc81-4028-a536-ee0017af24f2}

Error: (01/23/2014 09:03:50 AM) (Source: MsiInstaller) (User: MaDiSoGi-PC)
Description: Produkt: Google Earth -- Fehler 1730.Sie benötigen Administratorrechte, um diese Anwendung zu entfernen. Melden Sie sich zum Entfernen der Anwendung als Administrator an oder wenden Sie sich an den technischen Support.

Error: (01/23/2014 08:59:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x8c0
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 05:00:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x654
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 04:59:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x138
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 04:57:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/24/2014 09:00:06 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 09:00:06 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 08:57:52 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 08:33:10 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 08:30:22 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 08:30:22 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 08:28:03 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 08:27:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/23/2014 10:35:09 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %MaDiSoGi-PC60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %MaDiSoGi-PC51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %MaDiSoGi-PC602

        Aktualisierungstyp: %MaDiSoGi-PC604

        Benutzer: MaDiSoGi-PC\MaDiSoGi

        Aktuelle Modulversion: %MaDiSoGi-PC605

        Vorherige Modulversion: %MaDiSoGi-PC606

        Fehlercode: %MaDiSoGi-PC607

        Fehlerbeschreibung: %MaDiSoGi-PC608

Error: (02/23/2014 10:35:09 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %MaDiSoGi-PC60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %MaDiSoGi-PC51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %MaDiSoGi-PC602

        Aktualisierungstyp: %MaDiSoGi-PC604

        Benutzer: MaDiSoGi-PC\MaDiSoGi

        Aktuelle Modulversion: %MaDiSoGi-PC605

        Vorherige Modulversion: %MaDiSoGi-PC606

        Fehlercode: %MaDiSoGi-PC607

        Fehlerbeschreibung: %MaDiSoGi-PC608


Microsoft Office Sessions:
=========================
Error: (01/31/2014 11:19:08 PM) (Source: MsiInstaller)(User: MaDiSoGi-PC)
Description: Product: Paint.NET v3.5.11 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action _8FBBBB09_39E3_48BB_9E6C_620898EF3CD9, location: E:\Freeware\Paint.NET\SetupNgen.exe, command: /delete DESKTOPSHORTCUT= PDNUPDATING= SKIPCLEANUP= "PROGRAMSGROUP="  QUEUENGEN= (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/31/2014 11:17:26 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:17:09 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:16:58 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:13:48 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {5ea46a61-fc81-4028-a536-ee0017af24f2}

Error: (01/23/2014 09:03:50 AM) (Source: MsiInstaller)(User: MaDiSoGi-PC)
Description: Produkt: Google Earth -- Fehler 1730.Sie benötigen Administratorrechte, um diese Anwendung zu entfernen. Melden Sie sich zum Entfernen der Anwendung als Administrator an oder wenden Sie sich an den technischen Support.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/23/2014 08:59:15 AM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f8c001cf1810fcfc2c90C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dll40453d70-8404-11e3-9a02-001a92520b6c

Error: (01/20/2014 05:00:44 PM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f65401cf15f8c4df3970C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dll04581810-81ec-11e3-920a-001a92520b6c

Error: (01/20/2014 04:59:37 PM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f13801cf15f89a941370C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dlldc340830-81eb-11e3-920a-001a92520b6c

Error: (01/20/2014 04:57:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\Parken\esetsmartinstaller_enu.exe


==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 4094.55 MB
Available physical RAM: 2538.75 MB
Total Pagefile: 8187.29 MB
Available Pagefile: 6672.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:71.46 GB) (Free:26.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Dieter) (Fixed) (Total:14.65 GB) (Free:4.01 GB) NTFS
Drive e: (Programme) (Fixed) (Total:36.67 GB) (Free:32.02 GB) NTFS
Drive f: (Fotos) (Fixed) (Total:36.57 GB) (Free:7.57 GB) NTFS
Drive g: (Gast) (Fixed) (Total:12.21 GB) (Free:4.06 GB) NTFS
Drive h: (Bilder) (Fixed) (Total:14.65 GB) (Free:9.94 GB) NTFS
Drive i: (Audio) (Fixed) (Total:19.53 GB) (Free:7.45 GB) NTFS
Drive j: (Video) (Fixed) (Total:14.65 GB) (Free:2.05 GB) NTFS
Drive l: (MYLINUXLIVE) (Removable) (Total:14.89 GB) (Free:9.73 GB) FAT32
Drive m: (Recovery) (Fixed) (Total:5.17 GB) (Free:0.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive n: (SICHERUNG) (Removable) (Total:15.01 GB) (Free:8.56 GB) FAT32
Drive s: (Backup) (Fixed) (Total:4.88 GB) (Free:2.32 GB) NTFS
Drive t: (Test) (Fixed) (Total:2.44 GB) (Free:1.6 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

schrauber 24.02.2014 16:24
Hi,

FRST bitte nochmal, unsere Tools brauchen immer Adminrechte.

poldy-tec 24.02.2014 18:54
Ups, sorry.

Hier mit Admin Rechten:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by MaDiSoGi (administrator) on MADISOGI-PC on 24-02-2014 18:40:43
Running from C:\Users\MaDiSoGi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(ZONER software) E:\Freeware\Photo Studio 15\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Windows7FirewallControl] - C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1143296 2013-04-16] (Sphinx Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3340963302-3071948555-2605324771-1001\...\Run: [Zoner Photo Studio Autoupdate] - E:\Freeware\Photo Studio 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\MaDiSoGi\AppData\Roaming\Mozilla\Firefox\Profiles\d7ovc2xc.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\MaDiSoGi\AppData\Roaming\Mozilla\Firefox\Profiles\d7ovc2xc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-27]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [778752 2013-04-16] (Sphinx Software)
S2 FreemakeVideoCapture; "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 18:35 - 2014-02-24 18:40 - 00006749 _____ () C:\Users\MaDiSoGi\Desktop\FRST.txt
2014-02-24 18:34 - 2014-02-24 12:46 - 02155520 _____ (Farbar) C:\Users\MaDiSoGi\Desktop\FRST64.exe
2014-02-24 12:46 - 2014-02-24 18:40 - 00000000 ____D () C:\FRST
2014-02-24 11:58 - 2014-02-24 12:00 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-02-18 10:30 - 2014-02-18 10:30 - 00003022 _____ () C:\Users\Dieter\.recently-used.xbel
2014-02-17 11:37 - 2014-02-17 11:37 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-16 09:31 - 2014-02-16 09:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 18:36 - 2014-02-13 18:36 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-13 18:36 - 2014-02-13 18:36 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-10 16:54 - 2013-04-05 13:23 - 00000450 _____ () C:\Users\Dieter\Documents\indexfile.txt
2014-02-09 10:37 - 2014-02-09 10:37 - 00002237 _____ () C:\Users\MaDiSoGi\Desktop\Google Earth.lnk
2014-02-09 10:37 - 2014-02-09 10:37 - 00001195 _____ () C:\Users\MaDiSoGi\Desktop\Microsoft Works-Start.lnk
2014-02-04 11:14 - 2014-02-04 11:14 - 00000218 _____ () C:\Users\Dieter\AppData\Local\recently-used.xbel
2014-01-31 19:30 - 2014-01-31 19:30 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.1.1.lnk
2014-01-25 16:41 - 2014-01-25 16:42 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\PhotoScape
2014-01-25 12:53 - 2014-01-25 12:53 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-25 12:53 - 2014-01-25 12:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-25 11:15 - 2014-02-03 14:28 - 00001576 _____ () C:\Users\Dieter\Desktop\KeePass 2.24.lnk
2014-01-25 11:13 - 2014-02-10 11:08 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\KeePass
2014-01-25 11:12 - 2014-01-25 12:21 - 00000442 _____ () C:\Users\MaDiSoGi\Desktop\KeePass 2.lnk

==================== One Month Modified Files and Folders =======

2014-02-24 18:40 - 2014-02-24 18:35 - 00006749 _____ () C:\Users\MaDiSoGi\Desktop\FRST.txt
2014-02-24 18:40 - 2014-02-24 12:46 - 00000000 ____D () C:\FRST
2014-02-24 18:39 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 18:39 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 18:33 - 2013-09-28 20:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 18:32 - 2012-10-26 13:10 - 01338869 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 18:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 18:31 - 2013-04-30 09:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-24 18:31 - 2009-07-14 05:51 - 00115534 _____ () C:\Windows\setupact.log
2014-02-24 15:14 - 2013-09-28 20:30 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 14:55 - 2013-01-11 10:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 12:46 - 2014-02-24 18:34 - 02155520 _____ (Farbar) C:\Users\MaDiSoGi\Desktop\FRST64.exe
2014-02-24 12:09 - 2013-04-14 16:12 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bilder
2014-02-24 12:00 - 2014-02-24 11:58 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-02-24 09:44 - 2012-11-23 10:02 - 00000000 ____D () C:\Users\Dieter\AppData\Local\Paint.NET
2014-02-24 08:55 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-21 14:57 - 2013-01-11 10:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 14:57 - 2012-10-27 11:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 14:57 - 2012-10-27 11:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 10:48 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-21 10:48 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-21 10:48 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-18 10:30 - 2014-02-18 10:30 - 00003022 _____ () C:\Users\Dieter\.recently-used.xbel
2014-02-18 10:30 - 2012-10-27 08:09 - 00000000 ____D () C:\Users\Dieter
2014-02-17 11:37 - 2014-02-17 11:37 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-17 10:18 - 2012-10-26 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 15:09 - 2013-09-28 20:30 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 15:09 - 2013-09-28 20:30 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 09:32 - 2014-02-16 09:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 11:09 - 2012-10-28 18:18 - 00005956 _____ () C:\Users\Dieter\AppData\Roaming\wklnhst.dat
2014-02-13 18:36 - 2014-02-13 18:36 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-13 18:36 - 2014-02-13 18:36 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-12 11:32 - 2012-10-29 12:28 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Familienbande
2014-02-11 14:31 - 2012-11-20 12:51 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\gtk-2.0
2014-02-10 16:51 - 2013-08-07 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-10 11:08 - 2014-01-25 11:13 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\KeePass
2014-02-09 10:37 - 2014-02-09 10:37 - 00002237 _____ () C:\Users\MaDiSoGi\Desktop\Google Earth.lnk
2014-02-09 10:37 - 2014-02-09 10:37 - 00001195 _____ () C:\Users\MaDiSoGi\Desktop\Microsoft Works-Start.lnk
2014-02-09 10:34 - 2012-10-26 15:23 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Local\Mozilla
2014-02-06 09:21 - 2013-11-17 11:59 - 00000000 ____D () C:\Users\Dieter\AppData\Local\gtk-2.0
2014-02-06 09:18 - 2012-11-02 14:04 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\XnView
2014-02-04 11:14 - 2014-02-04 11:14 - 00000218 _____ () C:\Users\Dieter\AppData\Local\recently-used.xbel
2014-02-03 14:28 - 2014-01-25 11:15 - 00001576 _____ () C:\Users\Dieter\Desktop\KeePass 2.24.lnk
2014-02-03 13:10 - 2013-04-26 09:58 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Mp3tag
2014-01-31 23:13 - 2012-11-23 10:00 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Local\Paint.NET
2014-01-31 23:13 - 2012-10-27 11:50 - 00090648 _____ () C:\Users\MaDiSoGi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-31 22:24 - 2012-10-27 12:36 - 00090648 _____ () C:\Users\Dieter\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-31 22:24 - 2009-07-14 05:45 - 00382936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-31 19:30 - 2014-01-31 19:30 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.1.1.lnk
2014-01-31 09:59 - 2014-01-20 14:58 - 00000820 _____ () C:\Users\Dieter\Desktop\Amanda Tour.lnk
2014-01-28 13:59 - 2013-08-16 09:08 - 00000000 ____D () C:\Program Files\Recuva
2014-01-26 09:33 - 2013-04-14 16:13 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools
2014-01-26 09:26 - 2012-11-03 12:11 - 00000000 ____D () C:\Users\Dieter\AppData\Local\Microsoft Games
2014-01-25 16:42 - 2014-01-25 16:41 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\PhotoScape
2014-01-25 15:19 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-25 12:53 - 2014-01-25 12:53 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-25 12:53 - 2014-01-25 12:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-25 12:21 - 2014-01-25 11:12 - 00000442 _____ () C:\Users\MaDiSoGi\Desktop\KeePass 2.lnk

Some content of TEMP:
====================
C:\Users\Dieter\AppData\Local\Temp\DaxaKill.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\FreemakeVideoConverter_4.0.0.1.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\FreemakeVideoConverter_4.0.1.0.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\FreemakeVideoConverter_4.0.1.7.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\FreemakeVideoConverter_4.1.1.0.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\FreemakeVideoDownloader_3.5.0.4.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\FreemakeVideoDownloader_3.5.0.7.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\FreemakeVideoDownloader_3.6.1.0.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\gert0.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\iv_uninstall.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\MSETUP4.EXE
C:\Users\MaDiSoGi\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\MaDiSoGi\AppData\Local\Temp\nvStInst.exe
C:\Users\MaDiSoGi\AppData\Local\Temp\un29739.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 10:48

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2014 02
Ran by MaDiSoGi at 2014-02-24 18:41:11
Running from C:\Users\MaDiSoGi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Ant Movie Catalog (HKLM-x32\...\Ant Movie Catalog_is1) (Version: 4.1.2 - Ant Software)
BeCyIconGrabber (HKLM-x32\...\BeCyIconGrabber) (Version: 2.30.0 - Benjamin Bentmann)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Das Fussball Studio 8.5.2 (Beta) (HKLM-x32\...\{F804CEB4-747E-46D5-B8AB-C56E3BAF27D9}_is1) (Version: 8.5.2 - vmLOGIC - Volker Mallmann)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
DigiJay 1.414 (HKLM-x32\...\DigiJay_is1) (Version:  - MB Audio)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
EXPERTool v8.3 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.3.0.1 - Gainward Co. Ltd.)
Free Video Dub version 2.0.21.827 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.827 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.1 - Ellora Assets Corporation)
Genius PDF (HKLM-x32\...\{CF360EF6-65B1-47B3-AF23-5F8626108585}_is1) (Version: 2.1 - LiquidPsi Software)
Gnumeric Spreadsheet 1.10.16-20110616 (HKCU\...\Gnumeric) (Version: 1.10.16-20110616 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl)
Kleinstadt (HKLM-x32\...\Kleinstadt) (Version:  - SIGNALSOFT Rail Consultancy Ltd.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MPC-HC 1.6.5.6366 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.5.6366 - MPC-HC Team)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Sweet Home 3D version 4.2 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows7FirewallControl (x64) 5.2.18.33 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.2.18.33 - Sphinx Software)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_DE_is1) (Version: 15.0.1.4 - ZONER software)

==================== Restore Points  =========================

16-02-2014 08:47:55 Geplanter Prüfpunkt
24-02-2014 10:56:06 Installed LibreOffice 4.2.1.1

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04621756-89EE-4FF7-9DB5-CAA2858521AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-28] (Google Inc.)
Task: {4F6EE3E5-82BB-467D-B2AE-71FA667FBA79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {A7515B5A-A2DD-49F0-9954-FEC601058169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-28] (Google Inc.)
Task: {CDD4788F-8757-4E1B-A56B-EBC16736615E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {D2A1D840-3D8C-4454-961A-60F6B2D01946} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-30 09:05 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-16 09:31 - 2014-02-16 09:31 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2014 11:19:08 PM) (Source: MsiInstaller) (User: MaDiSoGi-PC)
Description: Product: Paint.NET v3.5.11 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action _8FBBBB09_39E3_48BB_9E6C_620898EF3CD9, location: E:\Freeware\Paint.NET\SetupNgen.exe, command: /delete DESKTOPSHORTCUT= PDNUPDATING= SKIPCLEANUP= "PROGRAMSGROUP="  QUEUENGEN=

Error: (01/31/2014 11:17:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:17:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:16:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:13:48 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {5ea46a61-fc81-4028-a536-ee0017af24f2}

Error: (01/23/2014 09:03:50 AM) (Source: MsiInstaller) (User: MaDiSoGi-PC)
Description: Produkt: Google Earth -- Fehler 1730.Sie benötigen Administratorrechte, um diese Anwendung zu entfernen. Melden Sie sich zum Entfernen der Anwendung als Administrator an oder wenden Sie sich an den technischen Support.

Error: (01/23/2014 08:59:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x8c0
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 05:00:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x654
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 04:59:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x138
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 04:57:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/24/2014 06:34:37 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 06:34:37 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 06:32:14 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 06:32:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/24/2014 02:56:24 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 02:56:24 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 02:54:08 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 02:51:20 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %MaDiSoGi-PC60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %MaDiSoGi-PC51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %MaDiSoGi-PC602

        Aktualisierungstyp: %MaDiSoGi-PC604

        Benutzer: MaDiSoGi-PC\Dieter

        Aktuelle Modulversion: %MaDiSoGi-PC605

        Vorherige Modulversion: %MaDiSoGi-PC606

        Fehlercode: %MaDiSoGi-PC607

        Fehlerbeschreibung: %MaDiSoGi-PC608

Error: (02/24/2014 02:51:20 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %MaDiSoGi-PC60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %MaDiSoGi-PC51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %MaDiSoGi-PC602

        Aktualisierungstyp: %MaDiSoGi-PC604

        Benutzer: MaDiSoGi-PC\Dieter

        Aktuelle Modulversion: %MaDiSoGi-PC605

        Vorherige Modulversion: %MaDiSoGi-PC606

        Fehlercode: %MaDiSoGi-PC607

        Fehlerbeschreibung: %MaDiSoGi-PC608

Error: (02/24/2014 02:49:02 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office Sessions:
=========================
Error: (01/31/2014 11:19:08 PM) (Source: MsiInstaller)(User: MaDiSoGi-PC)
Description: Product: Paint.NET v3.5.11 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action _8FBBBB09_39E3_48BB_9E6C_620898EF3CD9, location: E:\Freeware\Paint.NET\SetupNgen.exe, command: /delete DESKTOPSHORTCUT= PDNUPDATING= SKIPCLEANUP= "PROGRAMSGROUP="  QUEUENGEN= (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/31/2014 11:17:26 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:17:09 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:16:58 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:13:48 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {5ea46a61-fc81-4028-a536-ee0017af24f2}

Error: (01/23/2014 09:03:50 AM) (Source: MsiInstaller)(User: MaDiSoGi-PC)
Description: Produkt: Google Earth -- Fehler 1730.Sie benötigen Administratorrechte, um diese Anwendung zu entfernen. Melden Sie sich zum Entfernen der Anwendung als Administrator an oder wenden Sie sich an den technischen Support.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/23/2014 08:59:15 AM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f8c001cf1810fcfc2c90C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dll40453d70-8404-11e3-9a02-001a92520b6c

Error: (01/20/2014 05:00:44 PM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f65401cf15f8c4df3970C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dll04581810-81ec-11e3-920a-001a92520b6c

Error: (01/20/2014 04:59:37 PM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f13801cf15f89a941370C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dlldc340830-81eb-11e3-920a-001a92520b6c

Error: (01/20/2014 04:57:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\Parken\esetsmartinstaller_enu.exe


==================== Memory info ===========================

Percentage of memory in use: 31%
Total physical RAM: 4094.55 MB
Available physical RAM: 2794.63 MB
Total Pagefile: 8187.29 MB
Available Pagefile: 6869.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:71.46 GB) (Free:25.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Dieter) (Fixed) (Total:14.65 GB) (Free:4.01 GB) NTFS
Drive e: (Programme) (Fixed) (Total:36.67 GB) (Free:32.02 GB) NTFS
Drive f: (Fotos) (Fixed) (Total:36.57 GB) (Free:7.57 GB) NTFS
Drive g: (Gast) (Fixed) (Total:12.21 GB) (Free:4.06 GB) NTFS
Drive h: (Bilder) (Fixed) (Total:14.65 GB) (Free:9.94 GB) NTFS
Drive i: (Audio) (Fixed) (Total:19.53 GB) (Free:7.45 GB) NTFS
Drive j: (Video) (Fixed) (Total:14.65 GB) (Free:2.05 GB) NTFS
Drive l: (MYLINUXLIVE) (Removable) (Total:14.89 GB) (Free:9.73 GB) FAT32
Drive m: (Recovery) (Fixed) (Total:5.17 GB) (Free:0.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive n: (SICHERUNG) (Removable) (Total:15.01 GB) (Free:8.56 GB) FAT32
Drive s: (Backup) (Fixed) (Total:4.88 GB) (Free:2.32 GB) NTFS
Drive t: (Test) (Fixed) (Total:2.44 GB) (Free:1.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=142 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 6 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 25.02.2014 17:21
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

poldy-tec 25.02.2014 19:35
Done
Code:
ComboFix 14-02-24.02 - MaDiSoGi 25.02.2014  17:49:10.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4095.2924 [GMT 1:00]
ausgeführt von:: c:\users\MaDiSoGi\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\WindowsUpdate.log . . . . Nicht in der Lage zu löschen
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-01-25 bis 2014-02-25  ))))))))))))))))))))))))))))))
.
.
2014-02-25 16:57 . 2014-02-25 16:57        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2014-02-25 16:57 . 2014-02-25 16:57        --------        d-----w-        c:\users\Dieter\AppData\Local\temp
2014-02-24 11:46 . 2014-02-24 17:41        --------        d-----w-        C:\FRST
2014-02-24 10:58 . 2014-02-24 11:00        --------        d-----w-        c:\program files (x86)\LibreOffice 4
2014-02-23 09:17 . 2014-02-17 12:30        1031560        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{64178821-A30F-4D5A-AC0E-EA0B7485501D}\gapaengine.dll
2014-02-17 10:37 . 2014-02-17 10:37        --------        d-----w-        c:\program files\Defraggler
2014-02-16 09:39 . 2013-12-04 03:28        10315576        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{37120D05-3324-4682-8F4F-6A4FDCB1892A}\mpengine.dll
2014-02-13 17:36 . 2014-02-13 17:36        773968        ----a-w-        c:\windows\SysWow64\msvcr100.dll
2014-02-13 17:36 . 2014-02-13 17:36        421200        ----a-w-        c:\windows\SysWow64\msvcp100.dll
2014-02-09 11:38 . 2013-12-04 03:28        10315576        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-06 16:08 . 2014-02-17 16:08        --------        d-----w-        c:\users\Dieter\AppData\Local\Diagnostics
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 13:57 . 2012-10-27 10:17        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 13:57 . 2012-10-27 10:17        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-18 20:09 . 2014-01-16 18:56        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-13 17:55 . 2012-10-26 13:53        90708896        ----a-w-        c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="e:\freeware\Photo Studio 15\Program32\ZPSTRAY.EXE" [2012-12-04 773728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 Windows7FirewallService;Windows7FirewallService;c:\program files\Windows7FirewallControl\Windows7FirewallService.exe;c:\program files\Windows7FirewallControl\Windows7FirewallService.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-27 13:57]
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-28 19:30]
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-28 19:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"Windows7FirewallControl"="c:\program files\Windows7FirewallControl\Windows7FirewallControl.exe" [2013-04-16 1143296]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\MaDiSoGi\AppData\Roaming\Mozilla\Firefox\Profiles\d7ovc2xc.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-02-25  18:10:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-02-25 17:10
.
Vor Suchlauf: 10 Verzeichnis(se), 27.569.197.056 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 29.549.854.720 Bytes frei
.
- - End Of File - - D80E079D4F5DDC57C9D30DA739415FC0
A36C5E4F47E84449FF07ED3517B43A31

schrauber 26.02.2014 14:34
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

poldy-tec 26.02.2014 18:27
Done
Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.26.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
MaDiSoGi :: MADISOGI-PC [Administrator]

Schutz: Aktiviert

26.02.2014 17:16:17
mbam-log-2014-02-26 (17-16-17).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 266514
Laufzeit: 4 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 4
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\3CA294E6E1FA4EAC98213826D8C54BD4 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\7FB877052D50469FB1029A9F4481BB41 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\B8D0147086E344988FB40FF5B9F7B4E1 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 7
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\3CA294E6E1FA4EAC98213826D8C54BD4\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\B8D0147086E344988FB40FF5B9F7B4E1\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\3CA294E6E1FA4EAC98213826D8C54BD4\Deltabar_p1v6.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\7FB877052D50469FB1029A9F4481BB41\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\7FB877052D50469FB1029A9F4481BB41\OCBrowserHelper_1.0.6.124.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\7FB877052D50469FB1029A9F4481BB41\RAWinstaller.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MaDiSoGi\AppData\Roaming\OpenCandy\B8D0147086E344988FB40FF5B9F7B4E1\Deltabar_p1v2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Code:
# AdwCleaner v3.019 - Bericht erstellt am 26/02/2014 um 17:34:33
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : MaDiSoGi - MADISOGI-PC
# Gestartet von : C:\Users\MaDiSoGi\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Users\Dieter\AppData\Roaming\NCH Software
Datei Gelöscht : C:\Windows\System32\Tasks\NCH Software

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASMANCS
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\systweak

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\MaDiSoGi\AppData\Roaming\Mozilla\Firefox\Profiles\d7ovc2xc.default\prefs.js ]


[ Datei : C:\Users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\80t86t7m.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2159 octets] - [26/02/2014 17:33:20]
AdwCleaner[S0].txt - [2032 octets] - [26/02/2014 17:34:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2092 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by MaDiSoGi on 26.02.2014 at 17:44:14,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\MaDiSoGi\AppData\Roaming\mozilla\firefox\profiles\d7ovc2xc.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.02.2014 at 17:53:03,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by MaDiSoGi (administrator) on MADISOGI-PC on 26-02-2014 17:54:57
Running from C:\Users\MaDiSoGi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ZONER software) E:\Freeware\Photo Studio 15\Program32\ZPSTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Windows7FirewallControl] - C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1143296 2013-04-16] (Sphinx Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3340963302-3071948555-2605324771-1001\...\Run: [Zoner Photo Studio Autoupdate] - E:\Freeware\Photo Studio 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\MaDiSoGi\AppData\Roaming\Mozilla\Firefox\Profiles\d7ovc2xc.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\MaDiSoGi\AppData\Roaming\Mozilla\Firefox\Profiles\d7ovc2xc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-27]

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [778752 2013-04-16] (Sphinx Software)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-26 17:53 - 2014-02-26 17:53 - 00000762 _____ () C:\Users\MaDiSoGi\Desktop\JRT.txt
2014-02-26 17:44 - 2014-02-26 17:44 - 00000000 ____D () C:\Windows\ERUNT
2014-02-26 17:43 - 2014-02-26 17:43 - 01037734 _____ (Thisisu) C:\Users\MaDiSoGi\Desktop\JRT.exe
2014-02-26 17:37 - 2014-02-26 17:37 - 00002180 _____ () C:\Users\MaDiSoGi\Documents\AdwCleaner[S0].txt
2014-02-26 17:33 - 2014-02-26 17:34 - 00000000 ____D () C:\AdwCleaner
2014-02-26 17:32 - 2014-02-26 17:31 - 01241834 _____ () C:\Users\MaDiSoGi\Desktop\adwcleaner.exe
2014-02-26 17:10 - 2014-02-26 17:10 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Roaming\Malwarebytes
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 17:10 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-26 10:22 - 2014-02-26 10:22 - 00003022 _____ () C:\Users\Dieter\.recently-used.xbel
2014-02-25 18:10 - 2014-02-25 18:10 - 00011135 _____ () C:\ComboFix.txt
2014-02-25 17:46 - 2014-02-25 18:10 - 00000000 ____D () C:\Qoobox
2014-02-25 17:46 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-25 17:46 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-25 17:46 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-25 17:45 - 2014-02-25 18:08 - 00000000 ____D () C:\Windows\erdnt
2014-02-25 17:37 - 2014-02-25 17:37 - 05185084 ____R (Swearware) C:\Users\MaDiSoGi\Desktop\ComboFix.exe
2014-02-24 18:41 - 2014-02-24 18:41 - 00027049 _____ () C:\Users\MaDiSoGi\Desktop\Addition.txt
2014-02-24 18:35 - 2014-02-26 17:55 - 00006971 _____ () C:\Users\MaDiSoGi\Desktop\FRST.txt
2014-02-24 18:34 - 2014-02-24 12:46 - 02155520 _____ (Farbar) C:\Users\MaDiSoGi\Desktop\FRST64.exe
2014-02-24 12:46 - 2014-02-26 17:54 - 00000000 ____D () C:\FRST
2014-02-24 11:58 - 2014-02-24 12:00 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-02-17 11:37 - 2014-02-17 11:37 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-16 09:31 - 2014-02-16 09:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 18:36 - 2014-02-13 18:36 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-13 18:36 - 2014-02-13 18:36 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-10 16:54 - 2013-04-05 13:23 - 00000450 _____ () C:\Users\Dieter\Documents\indexfile.txt
2014-02-09 10:37 - 2014-02-09 10:37 - 00002237 _____ () C:\Users\MaDiSoGi\Desktop\Google Earth.lnk
2014-02-09 10:37 - 2014-02-09 10:37 - 00001195 _____ () C:\Users\MaDiSoGi\Desktop\Microsoft Works-Start.lnk
2014-02-04 11:14 - 2014-02-04 11:14 - 00000218 _____ () C:\Users\Dieter\AppData\Local\recently-used.xbel
2014-01-31 19:30 - 2014-01-31 19:30 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.1.1.lnk

==================== One Month Modified Files and Folders =======

2014-02-26 17:55 - 2014-02-24 18:35 - 00006971 _____ () C:\Users\MaDiSoGi\Desktop\FRST.txt
2014-02-26 17:55 - 2013-01-11 10:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 17:54 - 2014-02-24 12:46 - 00000000 ____D () C:\FRST
2014-02-26 17:53 - 2014-02-26 17:53 - 00000762 _____ () C:\Users\MaDiSoGi\Desktop\JRT.txt
2014-02-26 17:44 - 2014-02-26 17:44 - 00000000 ____D () C:\Windows\ERUNT
2014-02-26 17:43 - 2014-02-26 17:43 - 01037734 _____ (Thisisu) C:\Users\MaDiSoGi\Desktop\JRT.exe
2014-02-26 17:43 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-26 17:43 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-26 17:37 - 2014-02-26 17:37 - 00002180 _____ () C:\Users\MaDiSoGi\Documents\AdwCleaner[S0].txt
2014-02-26 17:37 - 2012-10-26 13:10 - 01577183 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 17:36 - 2013-09-28 20:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-26 17:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-26 17:35 - 2013-04-30 09:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-26 17:35 - 2009-07-14 05:51 - 00116150 _____ () C:\Windows\setupact.log
2014-02-26 17:34 - 2014-02-26 17:33 - 00000000 ____D () C:\AdwCleaner
2014-02-26 17:31 - 2014-02-26 17:32 - 01241834 _____ () C:\Users\MaDiSoGi\Desktop\adwcleaner.exe
2014-02-26 17:24 - 2012-10-27 08:52 - 00174826 _____ () C:\Windows\PFRO.log
2014-02-26 17:14 - 2013-09-28 20:30 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-26 17:10 - 2014-02-26 17:10 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Roaming\Malwarebytes
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 10:22 - 2014-02-26 10:22 - 00003022 _____ () C:\Users\Dieter\.recently-used.xbel
2014-02-26 10:22 - 2012-10-27 08:09 - 00000000 ____D () C:\Users\Dieter
2014-02-26 09:10 - 2012-10-26 13:17 - 00000000 ____D () C:\Users\MaDiSoGi
2014-02-25 18:10 - 2014-02-25 18:10 - 00011135 _____ () C:\ComboFix.txt
2014-02-25 18:10 - 2014-02-25 17:46 - 00000000 ____D () C:\Qoobox
2014-02-25 18:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-25 18:08 - 2014-02-25 17:45 - 00000000 ____D () C:\Windows\erdnt
2014-02-25 18:05 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-25 17:57 - 2009-07-14 03:34 - 59506688 _____ () C:\Windows\system32\config\software.bak
2014-02-25 17:57 - 2009-07-14 03:34 - 19922944 _____ () C:\Windows\system32\config\system.bak
2014-02-25 17:57 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-02-25 17:57 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-02-25 17:57 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\default.bak
2014-02-25 17:37 - 2014-02-25 17:37 - 05185084 ____R (Swearware) C:\Users\MaDiSoGi\Desktop\ComboFix.exe
2014-02-24 18:41 - 2014-02-24 18:41 - 00027049 _____ () C:\Users\MaDiSoGi\Desktop\Addition.txt
2014-02-24 12:46 - 2014-02-24 18:34 - 02155520 _____ (Farbar) C:\Users\MaDiSoGi\Desktop\FRST64.exe
2014-02-24 12:09 - 2013-04-14 16:12 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bilder
2014-02-24 12:00 - 2014-02-24 11:58 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-02-24 09:44 - 2012-11-23 10:02 - 00000000 ____D () C:\Users\Dieter\AppData\Local\Paint.NET
2014-02-24 08:55 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-21 14:57 - 2013-01-11 10:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 14:57 - 2012-10-27 11:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 14:57 - 2012-10-27 11:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 10:48 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-21 10:48 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-21 10:48 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-17 11:37 - 2014-02-17 11:37 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-17 10:18 - 2012-10-26 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 15:09 - 2013-09-28 20:30 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 15:09 - 2013-09-28 20:30 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 09:32 - 2014-02-16 09:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 11:09 - 2012-10-28 18:18 - 00005956 _____ () C:\Users\Dieter\AppData\Roaming\wklnhst.dat
2014-02-13 18:36 - 2014-02-13 18:36 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-13 18:36 - 2014-02-13 18:36 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-12 11:32 - 2012-10-29 12:28 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Familienbande
2014-02-11 14:31 - 2012-11-20 12:51 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\gtk-2.0
2014-02-10 16:51 - 2013-08-07 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-10 11:08 - 2014-01-25 11:13 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\KeePass
2014-02-09 10:37 - 2014-02-09 10:37 - 00002237 _____ () C:\Users\MaDiSoGi\Desktop\Google Earth.lnk
2014-02-09 10:37 - 2014-02-09 10:37 - 00001195 _____ () C:\Users\MaDiSoGi\Desktop\Microsoft Works-Start.lnk
2014-02-09 10:34 - 2012-10-26 15:23 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Local\Mozilla
2014-02-06 09:21 - 2013-11-17 11:59 - 00000000 ____D () C:\Users\Dieter\AppData\Local\gtk-2.0
2014-02-06 09:18 - 2012-11-02 14:04 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\XnView
2014-02-04 11:14 - 2014-02-04 11:14 - 00000218 _____ () C:\Users\Dieter\AppData\Local\recently-used.xbel
2014-02-03 14:28 - 2014-01-25 11:15 - 00001576 _____ () C:\Users\Dieter\Desktop\KeePass 2.24.lnk
2014-02-03 13:10 - 2013-04-26 09:58 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Mp3tag
2014-01-31 23:13 - 2012-11-23 10:00 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Local\Paint.NET
2014-01-31 23:13 - 2012-10-27 11:50 - 00090648 _____ () C:\Users\MaDiSoGi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-31 22:24 - 2012-10-27 12:36 - 00090648 _____ () C:\Users\Dieter\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-31 22:24 - 2009-07-14 05:45 - 00382936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-31 19:30 - 2014-01-31 19:30 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.1.1.lnk
2014-01-31 09:59 - 2014-01-20 14:58 - 00000820 _____ () C:\Users\Dieter\Desktop\Amanda Tour.lnk
2014-01-28 13:59 - 2013-08-16 09:08 - 00000000 ____D () C:\Program Files\Recuva

Some content of TEMP:
====================
C:\Users\MaDiSoGi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 10:48

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2014 02
Ran by MaDiSoGi at 2014-02-24 18:41:11
Running from C:\Users\MaDiSoGi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Ant Movie Catalog (HKLM-x32\...\Ant Movie Catalog_is1) (Version: 4.1.2 - Ant Software)
BeCyIconGrabber (HKLM-x32\...\BeCyIconGrabber) (Version: 2.30.0 - Benjamin Bentmann)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Das Fussball Studio 8.5.2 (Beta) (HKLM-x32\...\{F804CEB4-747E-46D5-B8AB-C56E3BAF27D9}_is1) (Version: 8.5.2 - vmLOGIC - Volker Mallmann)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
DigiJay 1.414 (HKLM-x32\...\DigiJay_is1) (Version:  - MB Audio)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
EXPERTool v8.3 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.3.0.1 - Gainward Co. Ltd.)
Free Video Dub version 2.0.21.827 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.827 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.1 - Ellora Assets Corporation)
Genius PDF (HKLM-x32\...\{CF360EF6-65B1-47B3-AF23-5F8626108585}_is1) (Version: 2.1 - LiquidPsi Software)
Gnumeric Spreadsheet 1.10.16-20110616 (HKCU\...\Gnumeric) (Version: 1.10.16-20110616 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl)
Kleinstadt (HKLM-x32\...\Kleinstadt) (Version:  - SIGNALSOFT Rail Consultancy Ltd.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MPC-HC 1.6.5.6366 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.5.6366 - MPC-HC Team)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Sweet Home 3D version 4.2 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows7FirewallControl (x64) 5.2.18.33 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.2.18.33 - Sphinx Software)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_DE_is1) (Version: 15.0.1.4 - ZONER software)

==================== Restore Points  =========================

16-02-2014 08:47:55 Geplanter Prüfpunkt
24-02-2014 10:56:06 Installed LibreOffice 4.2.1.1

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04621756-89EE-4FF7-9DB5-CAA2858521AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-28] (Google Inc.)
Task: {4F6EE3E5-82BB-467D-B2AE-71FA667FBA79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {A7515B5A-A2DD-49F0-9954-FEC601058169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-28] (Google Inc.)
Task: {CDD4788F-8757-4E1B-A56B-EBC16736615E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {D2A1D840-3D8C-4454-961A-60F6B2D01946} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-30 09:05 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-16 09:31 - 2014-02-16 09:31 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2014 11:19:08 PM) (Source: MsiInstaller) (User: MaDiSoGi-PC)
Description: Product: Paint.NET v3.5.11 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action _8FBBBB09_39E3_48BB_9E6C_620898EF3CD9, location: E:\Freeware\Paint.NET\SetupNgen.exe, command: /delete DESKTOPSHORTCUT= PDNUPDATING= SKIPCLEANUP= "PROGRAMSGROUP="  QUEUENGEN=

Error: (01/31/2014 11:17:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:17:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:16:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PaintDotNet.exe, Version: 3.511.4977.23448, Zeitstempel: 0x520fe4b1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPaintDotNet.exe0
Pfad der fehlerhaften Anwendung: PaintDotNet.exe1
Pfad des fehlerhaften Moduls: PaintDotNet.exe2
Berichtskennung: PaintDotNet.exe3

Error: (01/31/2014 11:13:48 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {5ea46a61-fc81-4028-a536-ee0017af24f2}

Error: (01/23/2014 09:03:50 AM) (Source: MsiInstaller) (User: MaDiSoGi-PC)
Description: Produkt: Google Earth -- Fehler 1730.Sie benötigen Administratorrechte, um diese Anwendung zu entfernen. Melden Sie sich zum Entfernen der Anwendung als Administrator an oder wenden Sie sich an den technischen Support.

Error: (01/23/2014 08:59:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x8c0
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 05:00:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x654
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 04:59:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: googleearth.exe, Version: 7.1.2.2041, Zeitstempel: 0x525310f1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x138
Startzeit der fehlerhaften Anwendung: 0xgoogleearth.exe0
Pfad der fehlerhaften Anwendung: googleearth.exe1
Pfad des fehlerhaften Moduls: googleearth.exe2
Berichtskennung: googleearth.exe3

Error: (01/20/2014 04:57:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/24/2014 06:34:37 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 06:34:37 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 06:32:14 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 06:32:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (02/24/2014 02:56:24 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 02:56:24 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 02:54:08 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/24/2014 02:51:20 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %MaDiSoGi-PC60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %MaDiSoGi-PC51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %MaDiSoGi-PC602

        Aktualisierungstyp: %MaDiSoGi-PC604

        Benutzer: MaDiSoGi-PC\Dieter

        Aktuelle Modulversion: %MaDiSoGi-PC605

        Vorherige Modulversion: %MaDiSoGi-PC606

        Fehlercode: %MaDiSoGi-PC607

        Fehlerbeschreibung: %MaDiSoGi-PC608

Error: (02/24/2014 02:51:20 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %MaDiSoGi-PC60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %MaDiSoGi-PC51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %MaDiSoGi-PC602

        Aktualisierungstyp: %MaDiSoGi-PC604

        Benutzer: MaDiSoGi-PC\Dieter

        Aktuelle Modulversion: %MaDiSoGi-PC605

        Vorherige Modulversion: %MaDiSoGi-PC606

        Fehlercode: %MaDiSoGi-PC607

        Fehlerbeschreibung: %MaDiSoGi-PC608

Error: (02/24/2014 02:49:02 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office Sessions:
=========================
Error: (01/31/2014 11:19:08 PM) (Source: MsiInstaller)(User: MaDiSoGi-PC)
Description: Product: Paint.NET v3.5.11 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action _8FBBBB09_39E3_48BB_9E6C_620898EF3CD9, location: E:\Freeware\Paint.NET\SetupNgen.exe, command: /delete DESKTOPSHORTCUT= PDNUPDATING= SKIPCLEANUP= "PROGRAMSGROUP="  QUEUENGEN= (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/31/2014 11:17:26 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:17:09 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:16:58 PM) (Source: Application Error)(User: )
Description: PaintDotNet.exe3.511.4977.23448520fe4b1KERNELBASE.dll6.1.7601.1822951fb1677e0434f4d000000000000940d

Error: (01/31/2014 11:13:48 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {5ea46a61-fc81-4028-a536-ee0017af24f2}

Error: (01/23/2014 09:03:50 AM) (Source: MsiInstaller)(User: MaDiSoGi-PC)
Description: Produkt: Google Earth -- Fehler 1730.Sie benötigen Administratorrechte, um diese Anwendung zu entfernen. Melden Sie sich zum Entfernen der Anwendung als Administrator an oder wenden Sie sich an den technischen Support.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/23/2014 08:59:15 AM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f8c001cf1810fcfc2c90C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dll40453d70-8404-11e3-9a02-001a92520b6c

Error: (01/20/2014 05:00:44 PM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f65401cf15f8c4df3970C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dll04581810-81ec-11e3-920a-001a92520b6c

Error: (01/20/2014 04:59:37 PM) (Source: Application Error)(User: )
Description: googleearth.exe7.1.2.2041525310f1KERNELBASE.dll6.1.7601.1822951fb1116c06d007e0000c41f13801cf15f89a941370C:\Program Files (x86)\Google\Google Earth\client\googleearth.exeC:\Windows\syswow64\KERNELBASE.dlldc340830-81eb-11e3-920a-001a92520b6c

Error: (01/20/2014 04:57:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\Parken\esetsmartinstaller_enu.exe
Greetz poldy

schrauber 27.02.2014 15:18

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

poldy-tec 28.02.2014 17:59
Done:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f3a98d6a7c352947a73797b77125d236
# engine=17256
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-28 12:35:49
# local_time=2014-02-28 01:35:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 20014409 145177599 0 0
# scanned=326031
# found=0
# cleaned=0
# scan_time=12358
Code:
Results of screen317's Security Check version 0.99.79 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials 
  (On Access scanning disabled!)
 Error obtaining update status for antivirus! 
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java 7 Update 51 
 Adobe Flash Player 10 Flash Player out of Date!
  Adobe Flash Player 12.0.0.70 Flash Player out of Date! 
 Mozilla Firefox (27.0.1)
 Mozilla Thunderbird (24.3.0)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe 
 Windows7FirewallControl Windows7FirewallService.exe 
 Windows7FirewallControl Windows7FirewallControl.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by MaDiSoGi (administrator) on MADISOGI-PC on 28-02-2014 09:48:03
Running from C:\Users\MaDiSoGi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(ZONER software) E:\Freeware\Photo Studio 15\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Windows7FirewallControl] - C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1143296 2013-04-16] (Sphinx Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3340963302-3071948555-2605324771-1001\...\Run: [Zoner Photo Studio Autoupdate] - E:\FREEWARE\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\MaDiSoGi\AppData\Roaming\Mozilla\Firefox\Profiles\d7ovc2xc.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\MaDiSoGi\AppData\Roaming\Mozilla\Firefox\Profiles\d7ovc2xc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-27]

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [778752 2013-04-16] (Sphinx Software)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-28 09:48 - 2014-02-28 09:48 - 00007059 _____ () C:\Users\MaDiSoGi\Desktop\FRST.txt
2014-02-28 09:47 - 2014-02-28 09:45 - 00001299 _____ () C:\Users\MaDiSoGi\Documents\checkup.txt
2014-02-28 09:45 - 2014-02-28 09:45 - 00001299 _____ () C:\Users\MaDiSoGi\Desktop\checkup.txt
2014-02-28 09:41 - 2014-02-26 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\MaDiSoGi\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-28 09:40 - 2014-02-28 09:40 - 00987425 _____ () C:\Users\MaDiSoGi\Desktop\SecurityCheck.exe
2014-02-27 18:16 - 2014-02-27 18:16 - 00000000 ____D () C:\Users\MaDiSoGi\Documents\ZPS15
2014-02-27 16:42 - 2014-02-27 16:42 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-27 12:08 - 2014-02-27 12:11 - 24490112 _____ (Mozilla) C:\Users\Dieter\Downloads\firefox_setup_27.0.1.exe
2014-02-26 21:48 - 2014-02-26 21:48 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Malwarebytes
2014-02-26 17:58 - 2014-02-26 17:56 - 00018822 _____ () C:\Users\MaDiSoGi\Documents\FRST_26-02-2014_17-56-20.txt
2014-02-26 17:58 - 2014-02-24 18:41 - 00024967 _____ () C:\Users\MaDiSoGi\Documents\Addition_26-02-2014_17-56-05.txt
2014-02-26 17:57 - 2014-02-26 17:57 - 00000762 _____ () C:\Users\MaDiSoGi\Documents\JRT.txt
2014-02-26 17:53 - 2014-02-26 17:53 - 00000762 _____ () C:\Users\MaDiSoGi\Desktop\JRT.txt
2014-02-26 17:44 - 2014-02-26 17:44 - 00000000 ____D () C:\Windows\ERUNT
2014-02-26 17:43 - 2014-02-26 17:43 - 01037734 _____ (Thisisu) C:\Users\MaDiSoGi\Desktop\JRT.exe
2014-02-26 17:37 - 2014-02-26 17:37 - 00002180 _____ () C:\Users\MaDiSoGi\Documents\AdwCleaner[S0].txt
2014-02-26 17:33 - 2014-02-26 17:34 - 00000000 ____D () C:\AdwCleaner
2014-02-26 17:32 - 2014-02-26 17:31 - 01241834 _____ () C:\Users\MaDiSoGi\Desktop\adwcleaner.exe
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Roaming\Malwarebytes
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 17:10 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-26 10:22 - 2014-02-26 10:22 - 00003022 _____ () C:\Users\Dieter\.recently-used.xbel
2014-02-25 18:10 - 2014-02-25 18:10 - 00011135 _____ () C:\ComboFix.txt
2014-02-25 17:46 - 2014-02-25 18:10 - 00000000 ____D () C:\Qoobox
2014-02-25 17:46 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-25 17:46 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-25 17:46 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-25 17:46 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-25 17:45 - 2014-02-25 18:08 - 00000000 ____D () C:\Windows\erdnt
2014-02-25 17:37 - 2014-02-25 17:37 - 05185084 ____R (Swearware) C:\Users\MaDiSoGi\Desktop\ComboFix.exe
2014-02-24 18:41 - 2014-02-26 17:56 - 00013222 _____ () C:\Users\MaDiSoGi\Desktop\Addition_1.txt
2014-02-24 18:35 - 2014-02-26 17:56 - 00018822 _____ () C:\Users\MaDiSoGi\Desktop\FRST_1.txt
2014-02-24 18:34 - 2014-02-24 12:46 - 02155520 _____ (Farbar) C:\Users\MaDiSoGi\Desktop\FRST64.exe
2014-02-24 12:46 - 2014-02-28 09:48 - 00000000 ____D () C:\FRST
2014-02-24 11:58 - 2014-02-24 12:00 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-02-17 11:37 - 2014-02-17 11:37 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-16 09:31 - 2014-02-16 09:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 18:36 - 2014-02-13 18:36 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-13 18:36 - 2014-02-13 18:36 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-10 16:54 - 2013-04-05 13:23 - 00000450 _____ () C:\Users\Dieter\Documents\indexfile.txt
2014-02-09 10:37 - 2014-02-09 10:37 - 00002237 _____ () C:\Users\MaDiSoGi\Desktop\Google Earth.lnk
2014-02-09 10:37 - 2014-02-09 10:37 - 00001195 _____ () C:\Users\MaDiSoGi\Desktop\Microsoft Works-Start.lnk
2014-02-04 11:14 - 2014-02-04 11:14 - 00000218 _____ () C:\Users\Dieter\AppData\Local\recently-used.xbel
2014-01-31 19:30 - 2014-01-31 19:30 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.1.1.lnk

==================== One Month Modified Files and Folders =======

2014-02-28 09:48 - 2014-02-28 09:48 - 00007059 _____ () C:\Users\MaDiSoGi\Desktop\FRST.txt
2014-02-28 09:48 - 2014-02-24 12:46 - 00000000 ____D () C:\FRST
2014-02-28 09:45 - 2014-02-28 09:47 - 00001299 _____ () C:\Users\MaDiSoGi\Documents\checkup.txt
2014-02-28 09:45 - 2014-02-28 09:45 - 00001299 _____ () C:\Users\MaDiSoGi\Desktop\checkup.txt
2014-02-28 09:40 - 2014-02-28 09:40 - 00987425 _____ () C:\Users\MaDiSoGi\Desktop\SecurityCheck.exe
2014-02-28 09:38 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-28 09:38 - 2009-07-14 05:45 - 00022368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-28 09:37 - 2013-09-28 20:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-28 09:33 - 2012-10-26 13:10 - 01682811 _____ () C:\Windows\WindowsUpdate.log
2014-02-28 09:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-28 09:31 - 2009-07-14 05:51 - 00116318 _____ () C:\Windows\setupact.log
2014-02-28 09:30 - 2013-04-30 09:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-28 09:30 - 2012-10-27 08:52 - 00175360 _____ () C:\Windows\PFRO.log
2014-02-28 02:14 - 2013-09-28 20:30 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 01:55 - 2013-01-11 10:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-27 18:18 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-27 18:18 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-27 18:18 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 18:16 - 2014-02-27 18:16 - 00000000 ____D () C:\Users\MaDiSoGi\Documents\ZPS15
2014-02-27 18:16 - 2013-11-20 13:53 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Roaming\Zoner
2014-02-27 17:52 - 2013-11-20 13:53 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Local\Zoner
2014-02-27 16:42 - 2014-02-27 16:42 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-27 12:11 - 2014-02-27 12:08 - 24490112 _____ (Mozilla) C:\Users\Dieter\Downloads\firefox_setup_27.0.1.exe
2014-02-26 21:48 - 2014-02-26 21:48 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Malwarebytes
2014-02-26 17:57 - 2014-02-26 17:57 - 00000762 _____ () C:\Users\MaDiSoGi\Documents\JRT.txt
2014-02-26 17:56 - 2014-02-26 17:58 - 00018822 _____ () C:\Users\MaDiSoGi\Documents\FRST_26-02-2014_17-56-20.txt
2014-02-26 17:56 - 2014-02-24 18:41 - 00013222 _____ () C:\Users\MaDiSoGi\Desktop\Addition_1.txt
2014-02-26 17:56 - 2014-02-24 18:35 - 00018822 _____ () C:\Users\MaDiSoGi\Desktop\FRST_1.txt
2014-02-26 17:53 - 2014-02-26 17:53 - 00000762 _____ () C:\Users\MaDiSoGi\Desktop\JRT.txt
2014-02-26 17:44 - 2014-02-26 17:44 - 00000000 ____D () C:\Windows\ERUNT
2014-02-26 17:43 - 2014-02-26 17:43 - 01037734 _____ (Thisisu) C:\Users\MaDiSoGi\Desktop\JRT.exe
2014-02-26 17:37 - 2014-02-26 17:37 - 00002180 _____ () C:\Users\MaDiSoGi\Documents\AdwCleaner[S0].txt
2014-02-26 17:34 - 2014-02-26 17:33 - 00000000 ____D () C:\AdwCleaner
2014-02-26 17:31 - 2014-02-26 17:32 - 01241834 _____ () C:\Users\MaDiSoGi\Desktop\adwcleaner.exe
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Roaming\Malwarebytes
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 17:10 - 2014-02-26 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 17:09 - 2014-02-28 09:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\MaDiSoGi\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-26 10:22 - 2014-02-26 10:22 - 00003022 _____ () C:\Users\Dieter\.recently-used.xbel
2014-02-26 10:22 - 2012-10-27 08:09 - 00000000 ____D () C:\Users\Dieter
2014-02-26 09:10 - 2012-10-26 13:17 - 00000000 ____D () C:\Users\MaDiSoGi
2014-02-25 18:10 - 2014-02-25 18:10 - 00011135 _____ () C:\ComboFix.txt
2014-02-25 18:10 - 2014-02-25 17:46 - 00000000 ____D () C:\Qoobox
2014-02-25 18:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-25 18:08 - 2014-02-25 17:45 - 00000000 ____D () C:\Windows\erdnt
2014-02-25 18:05 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-25 17:57 - 2009-07-14 03:34 - 59506688 _____ () C:\Windows\system32\config\software.bak
2014-02-25 17:57 - 2009-07-14 03:34 - 19922944 _____ () C:\Windows\system32\config\system.bak
2014-02-25 17:57 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-02-25 17:57 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-02-25 17:57 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\default.bak
2014-02-25 17:37 - 2014-02-25 17:37 - 05185084 ____R (Swearware) C:\Users\MaDiSoGi\Desktop\ComboFix.exe
2014-02-24 18:41 - 2014-02-26 17:58 - 00024967 _____ () C:\Users\MaDiSoGi\Documents\Addition_26-02-2014_17-56-05.txt
2014-02-24 12:46 - 2014-02-24 18:34 - 02155520 _____ (Farbar) C:\Users\MaDiSoGi\Desktop\FRST64.exe
2014-02-24 12:09 - 2013-04-14 16:12 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bilder
2014-02-24 12:00 - 2014-02-24 11:58 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-02-24 09:44 - 2012-11-23 10:02 - 00000000 ____D () C:\Users\Dieter\AppData\Local\Paint.NET
2014-02-24 08:55 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-21 14:57 - 2013-01-11 10:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 14:57 - 2012-10-27 11:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 14:57 - 2012-10-27 11:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 11:37 - 2014-02-17 11:37 - 00000000 ____D () C:\Program Files\Defraggler
2014-02-17 10:18 - 2012-10-26 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 15:09 - 2013-09-28 20:30 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 15:09 - 2013-09-28 20:30 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 09:32 - 2014-02-16 09:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 11:09 - 2012-10-28 18:18 - 00005956 _____ () C:\Users\Dieter\AppData\Roaming\wklnhst.dat
2014-02-13 18:36 - 2014-02-13 18:36 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-02-13 18:36 - 2014-02-13 18:36 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-02-12 11:32 - 2012-10-29 12:28 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Familienbande
2014-02-11 14:31 - 2012-11-20 12:51 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\gtk-2.0
2014-02-10 16:51 - 2013-08-07 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-10 11:08 - 2014-01-25 11:13 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\KeePass
2014-02-09 10:37 - 2014-02-09 10:37 - 00002237 _____ () C:\Users\MaDiSoGi\Desktop\Google Earth.lnk
2014-02-09 10:37 - 2014-02-09 10:37 - 00001195 _____ () C:\Users\MaDiSoGi\Desktop\Microsoft Works-Start.lnk
2014-02-09 10:34 - 2012-10-26 15:23 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Local\Mozilla
2014-02-06 09:21 - 2013-11-17 11:59 - 00000000 ____D () C:\Users\Dieter\AppData\Local\gtk-2.0
2014-02-06 09:18 - 2012-11-02 14:04 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\XnView
2014-02-04 11:14 - 2014-02-04 11:14 - 00000218 _____ () C:\Users\Dieter\AppData\Local\recently-used.xbel
2014-02-03 14:28 - 2014-01-25 11:15 - 00001576 _____ () C:\Users\Dieter\Desktop\KeePass 2.24.lnk
2014-02-03 13:10 - 2013-04-26 09:58 - 00000000 ____D () C:\Users\Dieter\AppData\Roaming\Mp3tag
2014-01-31 23:13 - 2012-11-23 10:00 - 00000000 ____D () C:\Users\MaDiSoGi\AppData\Local\Paint.NET
2014-01-31 23:13 - 2012-10-27 11:50 - 00090648 _____ () C:\Users\MaDiSoGi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-31 22:24 - 2012-10-27 12:36 - 00090648 _____ () C:\Users\Dieter\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-31 22:24 - 2009-07-14 05:45 - 00382936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-31 19:30 - 2014-01-31 19:30 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.1.1.lnk
2014-01-31 09:59 - 2014-01-20 14:58 - 00000820 _____ () C:\Users\Dieter\Desktop\Amanda Tour.lnk

Some content of TEMP:
====================
C:\Users\MaDiSoGi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 02:08

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2014 02
Ran by MaDiSoGi at 2014-02-28 09:49:07
Running from C:\Users\MaDiSoGi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Ant Movie Catalog (HKLM-x32\...\Ant Movie Catalog_is1) (Version: 4.1.2 - Ant Software)
BeCyIconGrabber (HKLM-x32\...\BeCyIconGrabber) (Version: 2.30.0 - Benjamin Bentmann)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Das Fussball Studio 8.5.2 (Beta) (HKLM-x32\...\{F804CEB4-747E-46D5-B8AB-C56E3BAF27D9}_is1) (Version: 8.5.2 - vmLOGIC - Volker Mallmann)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
DigiJay 1.414 (HKLM-x32\...\DigiJay_is1) (Version:  - MB Audio)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EXPERTool v8.3 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.3.0.1 - Gainward Co. Ltd.)
Free Video Dub version 2.0.21.827 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.827 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.1 - Ellora Assets Corporation)
Genius PDF (HKLM-x32\...\{CF360EF6-65B1-47B3-AF23-5F8626108585}_is1) (Version: 2.1 - LiquidPsi Software)
Gnumeric Spreadsheet 1.10.16-20110616 (HKCU\...\Gnumeric) (Version: 1.10.16-20110616 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl)
Kleinstadt (HKLM-x32\...\Kleinstadt) (Version:  - SIGNALSOFT Rail Consultancy Ltd.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MPC-HC 1.6.5.6366 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.5.6366 - MPC-HC Team)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Sweet Home 3D version 4.2 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows7FirewallControl (x64) 5.2.18.33 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.2.18.33 - Sphinx Software)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_DE_is1) (Version: 15.0.1.4 - ZONER software)

==================== Restore Points  =========================

16-02-2014 08:47:55 Geplanter Prüfpunkt
24-02-2014 10:56:06 Installed LibreOffice 4.2.1.1

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-02-25 18:05 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {04621756-89EE-4FF7-9DB5-CAA2858521AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-28] (Google Inc.)
Task: {4F6EE3E5-82BB-467D-B2AE-71FA667FBA79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {A7515B5A-A2DD-49F0-9954-FEC601058169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-28] (Google Inc.)
Task: {CDD4788F-8757-4E1B-A56B-EBC16736615E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {D2A1D840-3D8C-4454-961A-60F6B2D01946} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-30 09:05 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-16 09:31 - 2014-02-16 09:31 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2014 02:14:36 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 10:00:29 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 10:00:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 09:53:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 06:19:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 06:19:17 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 05:51:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 05:51:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 04:43:14 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/27/2014 04:43:12 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/28/2014 09:34:08 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/28/2014 09:34:08 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/28/2014 09:31:28 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/27/2014 05:06:31 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/27/2014 05:06:31 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/27/2014 05:04:12 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/27/2014 04:36:46 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/27/2014 04:36:46 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/27/2014 04:34:24 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/27/2014 00:07:24 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.165.4181.0

        Aktualisierungsquelle: %NT-AUTORITÄT51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\NETZWERKDIENST

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office Sessions:
=========================
Error: (02/28/2014 02:14:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/27/2014 10:00:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\esetsmartinstaller_enu.exe

Error: (02/27/2014 10:00:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\esetsmartinstaller_enu.exe

Error: (02/27/2014 09:53:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (02/27/2014 06:19:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\esetsmartinstaller_enu.exe

Error: (02/27/2014 06:19:17 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\esetsmartinstaller_enu.exe

Error: (02/27/2014 05:51:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\esetsmartinstaller_enu.exe

Error: (02/27/2014 05:51:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\esetsmartinstaller_enu.exe

Error: (02/27/2014 04:43:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\esetsmartinstaller_enu.exe

Error: (02/27/2014 04:43:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Download\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-02-25 17:56:43.398
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-25 17:56:43.101
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 4094.55 MB
Available physical RAM: 2606.88 MB
Total Pagefile: 8187.29 MB
Available Pagefile: 6474.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:71.46 GB) (Free:25.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Dieter) (Fixed) (Total:14.65 GB) (Free:3.99 GB) NTFS
Drive e: (Programme) (Fixed) (Total:36.67 GB) (Free:32.03 GB) NTFS
Drive f: (Fotos) (Fixed) (Total:36.57 GB) (Free:7.57 GB) NTFS
Drive g: (Gast) (Fixed) (Total:12.21 GB) (Free:4.06 GB) NTFS
Drive h: (Bilder) (Fixed) (Total:14.65 GB) (Free:9.94 GB) NTFS
Drive i: (Audio) (Fixed) (Total:19.53 GB) (Free:7.45 GB) NTFS
Drive j: (Video) (Fixed) (Total:14.65 GB) (Free:2.05 GB) NTFS
Drive l: (MYLINUXLIVE) (Removable) (Total:14.89 GB) (Free:9.73 GB) FAT32
Drive m: (Recovery) (Fixed) (Total:5.17 GB) (Free:0.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive n: (SICHERUNG) (Removable) (Total:15.01 GB) (Free:8.56 GB) FAT32
Drive s: (Backup) (Fixed) (Total:4.88 GB) (Free:2.32 GB) NTFS
Drive t: (Test) (Fixed) (Total:2.44 GB) (Free:1.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=142 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 6 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
Probleme: Alle wie anfänglich beschrieben noch vorhanden.
Security Essentials lässt sich nicht updaten
Win 7 lässt sich nicht updaten
Zugriff auf Systemsteuerung/System schlägt fehl.

Zusätzlich jetzt erst aufgetreten:
Beim Firefox lässt sich keine Startseite mehr einstellen. Es kommen bei jedem Start die beiden Mozilla Begrüßungsseiten, so als wenn man Firefox das erste mal nach der installation startet.

Gruß poldy

schrauber 01.03.2014 12:19
Downloade dir bitte Windows Repair (All In One) von hier.

poldy-tec 08.03.2014 14:49
Hallo!

Sorry das ich mich erst jetzt melde, aber gesundheitliche Probleme sind dazwischen gekommen.

Wir haben das Programm wie gewünscht durchlaufen lassen.

Leider haben sich keine Verbesserungen ergeben. Die Probleme sind noch unverändert vorhanden.

Gruß poldy

schrauber 09.03.2014 07:50
Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Windows DVD da?

poldy-tec 09.03.2014 16:58
Done

Log 1:
Code:
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.09.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
MaDiSoGi :: MADISOGI-PC [administrator]

09.03.2014 11:12:36
mbar-log-2014-03-09 (11-12-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 284670
Time elapsed: 11 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Die beiden Logfiles von TDSSKiller sind zu groß laut der Forensoftware.
Soll ich die packen und dann anhängen?

Zu diesem System gibt es eine Update-DVD von Vista -> Win 7
Aber eine Original Win 7 von einem anderen System währe auch vorhanden.

Gruß poldy

schrauber 10.03.2014 13:55
Nee Log bitte in Stücke teilen und posten.

poldy-tec 10.03.2014 15:48
Teil 1.1

Code:
11:32:18.0024 3384  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:32:25.0031 3384  ============================================================
11:32:25.0032 3384  Current date / time: 2014/03/09 11:32:25.0031
11:32:25.0032 3384  SystemInfo:
11:32:25.0032 3384 
11:32:25.0032 3384  OS Version: 6.1.7601 ServicePack: 1.0
11:32:25.0032 3384  Product type: Workstation
11:32:25.0032 3384  ComputerName: MADISOGI-PC
11:32:25.0033 3384  UserName: MaDiSoGi
11:32:25.0033 3384  Windows directory: C:\Windows
11:32:25.0033 3384  System windows directory: C:\Windows
11:32:25.0033 3384  Running under WOW64
11:32:25.0033 3384  Processor architecture: Intel x64
11:32:25.0033 3384  Number of processors: 2
11:32:25.0033 3384  Page size: 0x1000
11:32:25.0033 3384  Boot type: Normal boot
11:32:25.0033 3384  ============================================================
11:32:25.0458 3384  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
11:32:25.0461 3384  Drive \Device\Harddisk1\DR1 - Size: 0x3BA300000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:32:25.0477 3384  ============================================================
11:32:25.0477 3384  \Device\Harddisk0\DR0:
11:32:25.0478 3384  MBR partitions:
11:32:25.0478 3384  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8EED5C1
11:32:25.0478 3384  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x8EED800, BlocksNum 0x1D4C000
11:32:25.0492 3384  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAC3A000, BlocksNum 0x2710000
11:32:25.0502 3384  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xD34A800, BlocksNum 0x1D4C000
11:32:25.0512 3384  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0xF097000, BlocksNum 0x9C3800
11:32:25.0520 3384  \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0xFA5B000, BlocksNum 0x186A000
11:32:25.0536 3384  \Device\Harddisk0\DR0\Partition7: MBR, Type 0x7, StartLBA 0x112C5800, BlocksNum 0x4E1800
11:32:25.0549 3384  \Device\Harddisk0\DR0\Partition8: MBR, Type 0x7, StartLBA 0x117A7800, BlocksNum 0x1D4C000
11:32:25.0563 3384  \Device\Harddisk0\DR0\Partition9: MBR, Type 0x7, StartLBA 0x134F4000, BlocksNum 0x4957000
11:32:25.0572 3384  \Device\Harddisk0\DR0\Partition10: MBR, Type 0x7, StartLBA 0x17E4B800, BlocksNum 0x4921800
11:32:25.0572 3384  \Device\Harddisk0\DR0\Partition11: MBR, Type 0x7, StartLBA 0x1C76D600, BlocksNum 0xA56BD0
11:32:25.0572 3384  \Device\Harddisk1\DR1:
11:32:25.0573 3384  MBR partitions:
11:32:25.0573 3384  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0
11:32:25.0573 3384  ============================================================
11:32:25.0613 3384  C: <-> \Device\Harddisk0\DR0\Partition1
11:32:25.0651 3384  G: <-> \Device\Harddisk0\DR0\Partition6
11:32:25.0692 3384  M: <-> \Device\Harddisk0\DR0\Partition11
11:32:25.0736 3384  S: <-> \Device\Harddisk0\DR0\Partition5
11:32:25.0763 3384  T: <-> \Device\Harddisk0\DR0\Partition7
11:32:25.0807 3384  F: <-> \Device\Harddisk0\DR0\Partition10
11:32:25.0847 3384  D: <-> \Device\Harddisk0\DR0\Partition2
11:32:25.0887 3384  E: <-> \Device\Harddisk0\DR0\Partition9
11:32:25.0921 3384  J: <-> \Device\Harddisk0\DR0\Partition8
11:32:25.0962 3384  I: <-> \Device\Harddisk0\DR0\Partition3
11:32:26.0005 3384  H: <-> \Device\Harddisk0\DR0\Partition4
11:32:26.0006 3384  ============================================================
11:32:26.0006 3384  Initialize success
11:32:26.0006 3384  ============================================================
11:32:52.0347 2768  ============================================================
11:32:52.0347 2768  Scan started
11:32:52.0347 2768  Mode: Manual; SigCheck; TDLFS;
11:32:52.0347 2768  ============================================================
11:32:53.0288 2768  ================ Scan system memory ========================
11:32:53.0288 2768  System memory - ok
11:32:53.0289 2768  ================ Scan services =============================
11:32:53.0510 2768  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:32:53.0602 2768  1394ohci - ok
11:32:53.0638 2768  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:32:53.0660 2768  ACPI - ok
11:32:53.0689 2768  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
11:32:53.0780 2768  AcpiPmi - ok
11:32:53.0959 2768  [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:32:53.0993 2768  AdobeFlashPlayerUpdateSvc - ok
11:32:54.0043 2768  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
11:32:54.0070 2768  adp94xx - ok
11:32:54.0093 2768  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
11:32:54.0116 2768  adpahci - ok
11:32:54.0132 2768  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
11:32:54.0150 2768  adpu320 - ok
11:32:54.0179 2768  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
11:32:54.0235 2768  AeLookupSvc - ok
11:32:54.0289 2768  [ 79059559E89D06E8B80CE2944BE20228 ] AFD            C:\Windows\system32\drivers\afd.sys
11:32:54.0376 2768  AFD - ok
11:32:54.0415 2768  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:32:54.0429 2768  agp440 - ok
11:32:54.0449 2768  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
11:32:54.0491 2768  ALG - ok
11:32:54.0535 2768  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:32:54.0549 2768  aliide - ok
11:32:54.0558 2768  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:32:54.0571 2768  amdide - ok
11:32:54.0610 2768  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
11:32:54.0670 2768  AmdK8 - ok
11:32:54.0680 2768  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:32:54.0695 2768  AmdPPM - ok
11:32:54.0716 2768  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
11:32:54.0732 2768  amdsata - ok
11:32:54.0773 2768  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:32:54.0792 2768  amdsbs - ok
11:32:54.0812 2768  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
11:32:54.0825 2768  amdxata - ok
11:32:54.0870 2768  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
11:32:55.0029 2768  AppID - ok
11:32:55.0058 2768  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:32:55.0107 2768  AppIDSvc - ok
11:32:55.0142 2768  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo        C:\Windows\System32\appinfo.dll
11:32:55.0201 2768  Appinfo - ok
11:32:55.0255 2768  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
11:32:55.0270 2768  arc - ok
11:32:55.0277 2768  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:32:55.0292 2768  arcsas - ok
11:32:55.0400 2768  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:32:55.0421 2768  aspnet_state - ok
11:32:55.0452 2768  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:32:55.0546 2768  AsyncMac - ok
11:32:55.0608 2768  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
11:32:55.0624 2768  atapi - ok
11:32:55.0670 2768  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:32:55.0733 2768  AudioEndpointBuilder - ok
11:32:55.0748 2768  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:32:55.0795 2768  AudioSrv - ok
11:32:55.0842 2768  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:32:55.0873 2768  AxInstSV - ok
11:32:55.0920 2768  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
11:32:55.0951 2768  b06bdrv - ok
11:32:55.0982 2768  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:32:56.0045 2768  b57nd60a - ok
11:32:56.0107 2768  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:32:56.0138 2768  BDESVC - ok
11:32:56.0154 2768  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:32:56.0216 2768  Beep - ok
11:32:56.0279 2768  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
11:32:56.0341 2768  BFE - ok
11:32:56.0388 2768  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:32:56.0466 2768  BITS - ok
11:32:56.0497 2768  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:32:56.0528 2768  blbdrive - ok
11:32:56.0560 2768  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:32:56.0606 2768  bowser - ok
11:32:56.0622 2768  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:32:56.0700 2768  BrFiltLo - ok
11:32:56.0731 2768  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:32:56.0778 2768  BrFiltUp - ok
11:32:56.0794 2768  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:32:56.0856 2768  BridgeMP - ok
11:32:56.0903 2768  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
11:32:56.0934 2768  Browser - ok
11:32:56.0965 2768  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
11:32:57.0012 2768  Brserid - ok
11:32:57.0028 2768  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:32:57.0059 2768  BrSerWdm - ok
11:32:57.0074 2768  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:32:57.0106 2768  BrUsbMdm - ok
11:32:57.0121 2768  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:32:57.0152 2768  BrUsbSer - ok
11:32:57.0168 2768  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:32:57.0199 2768  BTHMODEM - ok
11:32:57.0230 2768  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
11:32:57.0277 2768  bthserv - ok
11:32:57.0308 2768  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:32:57.0371 2768  cdfs - ok
11:32:57.0402 2768  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\drivers\cdrom.sys
11:32:57.0433 2768  cdrom - ok
11:32:57.0480 2768  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
11:32:57.0527 2768  CertPropSvc - ok
11:32:57.0542 2768  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:32:57.0574 2768  circlass - ok
11:32:57.0620 2768  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:32:57.0667 2768  CLFS - ok
11:32:57.0745 2768  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:32:57.0776 2768  clr_optimization_v2.0.50727_32 - ok
11:32:57.0808 2768  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:32:57.0823 2768  clr_optimization_v2.0.50727_64 - ok
11:32:57.0901 2768  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:32:57.0917 2768  clr_optimization_v4.0.30319_32 - ok
11:32:57.0932 2768  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:32:57.0964 2768  clr_optimization_v4.0.30319_64 - ok
11:32:57.0979 2768  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:32:58.0026 2768  CmBatt - ok
11:32:58.0042 2768  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:32:58.0057 2768  cmdide - ok
11:32:58.0104 2768  [ EBF28856F69CF094A902F884CF989706 ] CNG            C:\Windows\system32\Drivers\cng.sys
11:32:58.0182 2768  CNG - ok
11:32:58.0213 2768  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:32:58.0229 2768  Compbatt - ok
11:32:58.0260 2768  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:32:58.0291 2768  CompositeBus - ok
11:32:58.0322 2768  COMSysApp - ok
11:32:58.0338 2768  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
11:32:58.0354 2768  crcdisk - ok
11:32:58.0400 2768  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:32:58.0432 2768  CryptSvc - ok
11:32:58.0478 2768  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:32:58.0541 2768  DcomLaunch - ok
11:32:58.0588 2768  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
11:32:58.0634 2768  defragsvc - ok
11:32:58.0666 2768  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:32:58.0759 2768  DfsC - ok
11:32:58.0806 2768  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:32:58.0837 2768  Dhcp - ok
11:32:58.0868 2768  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:32:58.0931 2768  discache - ok
11:32:58.0962 2768  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:32:58.0978 2768  Disk - ok
11:32:59.0009 2768  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:32:59.0056 2768  Dnscache - ok
11:32:59.0087 2768  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
11:32:59.0149 2768  dot3svc - ok
11:32:59.0180 2768  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
11:32:59.0258 2768  DPS - ok
11:32:59.0305 2768  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
11:32:59.0321 2768  drmkaud - ok
11:32:59.0368 2768  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
11:32:59.0414 2768  DXGKrnl - ok
11:32:59.0430 2768  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
11:32:59.0492 2768  EapHost - ok
11:32:59.0586 2768  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
11:32:59.0680 2768  ebdrv - ok
11:32:59.0711 2768  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS            C:\Windows\System32\lsass.exe
11:32:59.0742 2768  EFS - ok
11:32:59.0820 2768  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
11:32:59.0882 2768  ehRecvr - ok
11:32:59.0929 2768  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
11:32:59.0960 2768  ehSched - ok
11:33:00.0023 2768  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
11:33:00.0054 2768  elxstor - ok
11:33:00.0070 2768  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:33:00.0101 2768  ErrDev - ok
11:33:00.0163 2768  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
11:33:00.0210 2768  EventSystem - ok
11:33:00.0241 2768  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
11:33:00.0288 2768  exfat - ok
11:33:00.0319 2768  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
11:33:00.0382 2768  fastfat - ok
11:33:00.0413 2768  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
11:33:00.0475 2768  Fax - ok
11:33:00.0506 2768  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
11:33:00.0538 2768  fdc - ok
11:33:00.0569 2768  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
11:33:00.0631 2768  fdPHost - ok
11:33:00.0631 2768  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:33:00.0694 2768  FDResPub - ok
11:33:00.0709 2768  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:33:00.0725 2768  FileInfo - ok
11:33:00.0740 2768  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
11:33:00.0818 2768  Filetrace - ok
11:33:00.0818 2768  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:33:00.0850 2768  flpydisk - ok
11:33:00.0881 2768  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:33:00.0928 2768  FltMgr - ok
11:33:01.0006 2768  [ C4C183E6551084039EC862DA1C945E3D ] FontCache      C:\Windows\system32\FntCache.dll
11:33:01.0068 2768  FontCache - ok
11:33:01.0130 2768  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:33:01.0130 2768  FontCache3.0.0.0 - ok
11:33:01.0162 2768  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
11:33:01.0162 2768  FsDepends - ok
11:33:01.0193 2768  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:33:01.0208 2768  Fs_Rec - ok
11:33:01.0255 2768  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:33:01.0271 2768  fvevol - ok
11:33:01.0286 2768  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:33:01.0302 2768  gagp30kx - ok
11:33:01.0349 2768  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
11:33:01.0427 2768  gpsvc - ok
11:33:01.0552 2768  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:33:01.0567 2768  gupdate - ok
11:33:01.0614 2768  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:33:01.0614 2768  gupdatem - ok
11:33:01.0630 2768  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:33:01.0661 2768  hcw85cir - ok
11:33:01.0708 2768  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:33:01.0754 2768  HdAudAddService - ok
11:33:01.0786 2768  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:33:01.0817 2768  HDAudBus - ok
11:33:01.0832 2768  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
11:33:01.0895 2768  HidBatt - ok
11:33:01.0910 2768  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:33:01.0957 2768  HidBth - ok
11:33:01.0988 2768  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
11:33:02.0020 2768  HidIr - ok
11:33:02.0035 2768  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\System32\hidserv.dll
11:33:02.0098 2768  hidserv - ok
11:33:02.0144 2768  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:33:02.0176 2768  HidUsb - ok
11:33:02.0207 2768  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:33:02.0269 2768  hkmsvc - ok
11:33:02.0300 2768  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:33:02.0332 2768  HomeGroupListener - ok
11:33:02.0363 2768  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:33:02.0410 2768  HomeGroupProvider - ok
11:33:02.0441 2768  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:33:02.0456 2768  HpSAMD - ok
11:33:02.0519 2768  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:33:02.0581 2768  HTTP - ok
11:33:02.0612 2768  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:33:02.0612 2768  hwpolicy - ok
11:33:02.0659 2768  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:33:02.0690 2768  i8042prt - ok
11:33:02.0737 2768  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
11:33:02.0768 2768  iaStorV - ok
11:33:02.0831 2768  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:33:02.0862 2768  idsvc - ok
11:33:02.0909 2768  IEEtwCollectorService - ok
11:33:02.0940 2768  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
11:33:02.0940 2768  iirsp - ok
11:33:02.0987 2768  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:33:03.0018 2768  IKEEXT - ok
11:33:03.0112 2768  [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:33:03.0236 2768  IntcAzAudAddService - ok
11:33:03.0268 2768  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:33:03.0283 2768  intelide - ok
11:33:03.0299 2768  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:33:03.0330 2768  intelppm - ok
11:33:03.0377 2768  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
11:33:03.0424 2768  IPBusEnum - ok
11:33:03.0455 2768  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:33:03.0517 2768  IpFilterDriver - ok
11:33:03.0548 2768  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:33:03.0595 2768  iphlpsvc - ok
11:33:03.0626 2768  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
11:33:03.0658 2768  IPMIDRV - ok
11:33:03.0673 2768  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
11:33:03.0704 2768  IPNAT - ok
11:33:03.0736 2768  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:33:03.0814 2768  IRENUM - ok
11:33:03.0845 2768  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:33:03.0860 2768  isapnp - ok
11:33:03.0892 2768  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:33:03.0907 2768  iScsiPrt - ok
11:33:03.0954 2768  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:33:03.0970 2768  kbdclass - ok
11:33:03.0985 2768  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:33:04.0001 2768  kbdhid - ok
11:33:04.0016 2768  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
11:33:04.0032 2768  KeyIso - ok
11:33:04.0079 2768  [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
11:33:04.0094 2768  KMWDFILTER - ok
11:33:04.0126 2768  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:33:04.0141 2768  KSecDD - ok
11:33:04.0157 2768  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
11:33:04.0188 2768  KSecPkg - ok
11:33:04.0204 2768  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
11:33:04.0250 2768  ksthunk - ok
11:33:04.0282 2768  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
11:33:04.0360 2768  KtmRm - ok
11:33:04.0406 2768  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:33:04.0453 2768  LanmanServer - ok
11:33:04.0484 2768  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:33:04.0547 2768  LanmanWorkstation - ok
11:33:04.0578 2768  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:33:04.0640 2768  lltdio - ok
11:33:04.0656 2768  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
11:33:04.0718 2768  lltdsvc - ok
11:33:04.0750 2768  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
11:33:04.0796 2768  lmhosts - ok
11:33:04.0828 2768  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:33:04.0843 2768  LSI_FC - ok
11:33:04.0859 2768  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
11:33:04.0874 2768  LSI_SAS - ok
11:33:04.0890 2768  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:33:04.0906 2768  LSI_SAS2 - ok
11:33:04.0906 2768  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:33:04.0921 2768  LSI_SCSI - ok
11:33:04.0952 2768  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
11:33:05.0015 2768  luafv - ok
11:33:05.0030 2768  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
11:33:05.0062 2768  Mcx2Svc - ok
11:33:05.0077 2768  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
11:33:05.0093 2768  megasas - ok
11:33:05.0108 2768  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:33:05.0140 2768  MegaSR - ok
11:33:05.0155 2768  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
11:33:05.0218 2768  MMCSS - ok
11:33:05.0233 2768  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
11:33:05.0296 2768  Modem - ok
11:33:05.0342 2768  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
11:33:05.0389 2768  monitor - ok
11:33:05.0405 2768  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:33:05.0436 2768  mouclass - ok
11:33:05.0452 2768  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:33:05.0483 2768  mouhid - ok
11:33:05.0514 2768  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:33:05.0530 2768  mountmgr - ok
11:33:05.0576 2768  [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:33:05.0592 2768  MozillaMaintenance - ok
11:33:05.0654 2768  [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:33:05.0670 2768  MpFilter - ok
11:33:05.0701 2768  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:33:05.0717 2768  mpio - ok
11:33:05.0732 2768  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:33:05.0779 2768  mpsdrv - ok
11:33:05.0826 2768  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:33:05.0904 2768  MpsSvc - ok
11:33:05.0920 2768  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:33:05.0966 2768  MRxDAV - ok
11:33:05.0998 2768  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:33:06.0029 2768  mrxsmb - ok
11:33:06.0060 2768  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:33:06.0091 2768  mrxsmb10 - ok
11:33:06.0122 2768  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:33:06.0154 2768  mrxsmb20 - ok
11:33:06.0185 2768  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:33:06.0200 2768  msahci - ok
11:33:06.0216 2768  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
11:33:06.0232 2768  msdsm - ok
11:33:06.0247 2768  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
11:33:06.0294 2768  MSDTC - ok
11:33:06.0325 2768  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:33:06.0372 2768  Msfs - ok
11:33:06.0388 2768  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
11:33:06.0434 2768  mshidkmdf - ok
11:33:06.0466 2768  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:33:06.0497 2768  msisadrv - ok
11:33:06.0559 2768  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
11:33:06.0637 2768  MSiSCSI - ok
11:33:06.0637 2768  msiserver - ok
11:33:06.0668 2768  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
11:33:06.0731 2768  MSKSSRV - ok
11:33:06.0840 2768  [ 7675E15D1B2180745E4DA4D26AAD7385 ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:33:06.0856 2768  MsMpSvc - ok
11:33:06.0887 2768  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:33:06.0949 2768  MSPCLOCK - ok
11:33:06.0965 2768  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
11:33:07.0012 2768  MSPQM - ok
11:33:07.0043 2768  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
11:33:07.0058 2768  MsRPC - ok
11:33:07.0090 2768  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:33:07.0105 2768  mssmbios - ok
11:33:07.0105 2768  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
11:33:07.0168 2768  MSTEE - ok
11:33:07.0183 2768  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:33:07.0183 2768  MTConfig - ok
11:33:07.0214 2768  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
11:33:07.0230 2768  Mup - ok
11:33:07.0261 2768  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:33:07.0339 2768  napagent - ok
11:33:07.0386 2768  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
11:33:07.0417 2768  NativeWifiP - ok
11:33:07.0464 2768  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:33:07.0526 2768  NDIS - ok
11:33:07.0542 2768  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
11:33:07.0620 2768  NdisCap - ok
11:33:07.0651 2768  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:33:07.0698 2768  NdisTapi - ok
11:33:07.0745 2768  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
11:33:07.0792 2768  Ndisuio - ok
11:33:07.0838 2768  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
11:33:07.0885 2768  NdisWan - ok
11:33:07.0916 2768  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
11:33:07.0979 2768  NDProxy - ok
11:33:07.0994 2768  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
11:33:08.0041 2768  NetBIOS - ok
11:33:08.0072 2768  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
11:33:08.0119 2768  NetBT - ok
11:33:08.0150 2768  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
11:33:08.0166 2768  Netlogon - ok
11:33:08.0197 2768  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:33:08.0275 2768  Netman - ok
11:33:08.0306 2768  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:08.0322 2768  NetMsmqActivator - ok
11:33:08.0338 2768  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:08.0353 2768  NetPipeActivator - ok
11:33:08.0384 2768  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:33:08.0447 2768  netprofm - ok
11:33:08.0462 2768  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:08.0478 2768  NetTcpActivator - ok
11:33:08.0478 2768  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:08.0494 2768  NetTcpPortSharing - ok
11:33:08.0525 2768  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
11:33:08.0540 2768  nfrd960 - ok
11:33:08.0634 2768  [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:33:08.0665 2768  NisDrv - ok
11:33:08.0712 2768  [ 6247E8B31ED0A9D6BC5A26276E49BEB3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
11:33:08.0743 2768  NisSrv - ok
11:33:08.0790 2768  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:33:08.0837 2768  NlaSvc - ok
11:33:08.0868 2768  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:33:08.0915 2768  Npfs - ok
11:33:08.0946 2768  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
11:33:09.0008 2768  nsi - ok
11:33:09.0040 2768  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:33:09.0086 2768  nsiproxy - ok
11:33:09.0164 2768  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:33:09.0242 2768  Ntfs - ok
11:33:09.0274 2768  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:33:09.0336 2768  Null - ok
11:33:09.0367 2768  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
11:33:09.0398 2768  NVENETFD - ok
11:33:09.0445 2768  [ 554964B900AE2954B8B589B6287034AC ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
11:33:09.0476 2768  NVHDA - ok
11:33:09.0820 2768  [ E71E299FF15390E585BACF2C18F55078 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:33:10.0241 2768  nvlddmkm - ok
11:33:10.0288 2768  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:33:10.0303 2768  nvraid - ok
11:33:10.0334 2768  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:33:10.0350 2768  nvstor - ok
11:33:10.0381 2768  [ 0996A440D510904B79935A91155B0E4C ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
11:33:10.0397 2768  nvstor64 - ok
11:33:10.0475 2768  [ 415695F5A54E91E869EEBFEA261361A6 ] nvsvc          C:\Windows\system32\nvvsvc.exe
11:33:10.0522 2768  nvsvc - ok
11:33:10.0615 2768  [ AA130938A27BB80A8B6438EF83232275 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:33:10.0662 2768  nvUpdatusService - ok
11:33:10.0693 2768  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:33:10.0709 2768  nv_agp - ok
11:33:10.0724 2768  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:33:10.0771 2768  ohci1394 - ok
11:33:10.0818 2768  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:33:10.0849 2768  p2pimsvc - ok
11:33:10.0865 2768  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:33:10.0912 2768  p2psvc - ok
11:33:10.0927 2768  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
11:33:10.0943 2768  Parport - ok
11:33:10.0974 2768  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
11:33:10.0990 2768  partmgr - ok
11:33:11.0005 2768  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:33:11.0036 2768  PcaSvc - ok
11:33:11.0068 2768  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
11:33:11.0083 2768  pci - ok
11:33:11.0114 2768  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:33:11.0130 2768  pciide - ok
11:33:11.0146 2768  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:33:11.0161 2768  pcmcia - ok
11:33:11.0177 2768  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
11:33:11.0192 2768  pcw - ok
11:33:11.0208 2768  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:33:11.0286 2768  PEAUTH - ok
11:33:11.0380 2768  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:33:11.0426 2768  PerfHost - ok
11:33:11.0504 2768  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
11:33:11.0582 2768  pla - ok
11:33:11.0645 2768  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:33:11.0676 2768  PlugPlay - ok
11:33:11.0707 2768  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
11:33:11.0723 2768  PNRPAutoReg - ok
11:33:11.0754 2768  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
11:33:11.0770 2768  PNRPsvc - ok
11:33:11.0801 2768  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
11:33:11.0879 2768  PolicyAgent - ok
11:33:11.0910 2768  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
11:33:11.0957 2768  Power - ok
11:33:12.0004 2768  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:33:12.0050 2768  PptpMiniport - ok
11:33:12.0066 2768  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
11:33:12.0082 2768  Processor - ok
11:33:12.0128 2768  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
11:33:12.0144 2768  ProfSvc - ok
11:33:12.0160 2768  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
11:33:12.0175 2768  ProtectedStorage - ok
11:33:12.0206 2768  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:33:12.0253 2768  Psched - ok
11:33:12.0300 2768  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:33:12.0394 2768  ql2300 - ok
11:33:12.0409 2768  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:33:12.0425 2768  ql40xx - ok
11:33:12.0456 2768  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
11:33:12.0487 2768  QWAVE - ok
11:33:12.0503 2768  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:33:12.0534 2768  QWAVEdrv - ok
11:33:12.0550 2768  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:33:12.0596 2768  RasAcd - ok
11:33:12.0628 2768  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
11:33:12.0690 2768  RasAgileVpn - ok
11:33:12.0706 2768  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
11:33:12.0768 2768  RasAuto - ok
11:33:12.0799 2768  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
11:33:12.0877 2768  Rasl2tp - ok
11:33:12.0924 2768  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:33:12.0971 2768  RasMan - ok
11:33:13.0002 2768  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:33:13.0049 2768  RasPppoe - ok
11:33:13.0080 2768  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
11:33:13.0142 2768  RasSstp - ok
11:33:13.0174 2768  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
11:33:13.0220 2768  rdbss - ok
11:33:13.0236 2768  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:33:13.0267 2768  rdpbus - ok
11:33:13.0283 2768  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:33:13.0345 2768  RDPCDD - ok
11:33:13.0361 2768  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:33:13.0423 2768  RDPENCDD - ok
11:33:13.0439 2768  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:33:13.0486 2768  RDPREFMP - ok
11:33:13.0564 2768  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:33:13.0595 2768  RdpVideoMiniport - ok
11:33:13.0626 2768  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
11:33:13.0657 2768  RDPWD - ok
11:33:13.0688 2768  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:33:13.0704 2768  rdyboost - ok
11:33:13.0735 2768  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:33:13.0798 2768  RemoteAccess - ok
11:33:13.0829 2768  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:33:13.0891 2768  RemoteRegistry - ok
11:33:13.0907 2768  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:33:13.0954 2768  RpcEptMapper - ok
11:33:13.0985 2768  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:33:14.0000 2768  RpcLocator - ok
11:33:14.0032 2768  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
11:33:14.0078 2768  RpcSs - ok
11:33:14.0110 2768  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:33:14.0156 2768  rspndr - ok
11:33:14.0172 2768  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs          C:\Windows\system32\lsass.exe
11:33:14.0188 2768  SamSs - ok
11:33:14.0234 2768  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:33:14.0250 2768  sbp2port - ok
11:33:14.0281 2768  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:33:14.0328 2768  SCardSvr - ok
11:33:14.0359 2768  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:33:14.0453 2768  scfilter - ok
11:33:14.0500 2768  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:33:14.0546 2768  Schedule - ok
11:33:14.0578 2768  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
11:33:14.0624 2768  SCPolicySvc - ok
11:33:14.0656 2768  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:33:14.0687 2768  SDRSVC - ok
11:33:14.0718 2768  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:33:14.0765 2768  secdrv - ok
11:33:14.0796 2768  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:33:14.0858 2768  seclogon - ok
11:33:14.0890 2768  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:33:14.0952 2768  SENS - ok
11:33:14.0968 2768  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:33:15.0014 2768  SensrSvc - ok
11:33:15.0030 2768  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
11:33:15.0061 2768  Serenum - ok
11:33:15.0092 2768  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:33:15.0118 2768  Serial - ok
11:33:15.0148 2768  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:33:15.0178 2768  sermouse - ok
11:33:15.0218 2768  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:33:15.0278 2768  SessionEnv - ok
11:33:15.0298 2768  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
11:33:15.0318 2768  sffdisk - ok
11:33:15.0328 2768  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:33:15.0358 2768  sffp_mmc - ok
11:33:15.0378 2768  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
11:33:15.0398 2768  sffp_sd - ok
11:33:15.0418 2768  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
11:33:15.0448 2768  sfloppy - ok
11:33:15.0488 2768  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:33:15.0538 2768  SharedAccess - ok
11:33:15.0558 2768  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:33:15.0638 2768  ShellHWDetection - ok
11:33:15.0658 2768  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:33:15.0678 2768  SiSRaid2 - ok
11:33:15.0694 2768  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:33:15.0709 2768  SiSRaid4 - ok
11:33:15.0725 2768  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
11:33:15.0787 2768  Smb - ok
11:33:15.0818 2768  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:33:15.0865 2768  SNMPTRAP - ok
11:33:15.0881 2768  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
11:33:15.0896 2768  spldr - ok
11:33:15.0943 2768  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
11:33:15.0974 2768  Spooler - ok
11:33:16.0099 2768  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:33:16.0240 2768  sppsvc - ok
11:33:16.0271 2768  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
11:33:16.0333 2768  sppuinotify - ok
11:33:16.0364 2768  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
11:33:16.0411 2768  srv - ok
11:33:16.0442 2768  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:33:16.0474 2768  srv2 - ok
11:33:16.0505 2768  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:33:16.0520 2768  srvnet - ok
11:33:16.0552 2768  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
11:33:16.0614 2768  SSDPSRV - ok
11:33:16.0630 2768  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
11:33:16.0692 2768  SstpSvc - ok
11:33:16.0770 2768  [ A9D26626BEADF5A0641BF6B5095EF309 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:33:16.0801 2768  Stereo Service - ok
11:33:16.0832 2768  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:33:16.0848 2768  stexstor - ok
11:33:16.0910 2768  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:33:16.0988 2768  stisvc - ok
11:33:17.0020 2768  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:33:17.0035 2768  swenum - ok
11:33:17.0082 2768  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
11:33:17.0144 2768  swprv - ok
11:33:17.0207 2768  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
11:33:17.0269 2768  SysMain - ok
11:33:17.0300 2768  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:33:17.0332 2768  TabletInputService - ok
11:33:17.0363 2768  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
11:33:17.0410 2768  TapiSrv - ok
11:33:17.0441 2768  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
11:33:17.0503 2768  TBS - ok
11:33:17.0597 2768  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
11:33:17.0675 2768  Tcpip - ok
11:33:17.0737 2768  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:33:17.0784 2768  TCPIP6 - ok
11:33:17.0815 2768  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:33:17.0846 2768  tcpipreg - ok
11:33:17.0893 2768  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:33:17.0909 2768  TDPIPE - ok
11:33:17.0940 2768  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
11:33:17.0956 2768  TDTCP - ok
11:33:17.0987 2768  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
11:33:18.0049 2768  tdx - ok
11:33:18.0065 2768  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:33:18.0080 2768  TermDD - ok
11:33:18.0127 2768  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
11:33:18.0190 2768  TermService - ok
11:33:18.0221 2768  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:33:18.0252 2768  Themes - ok
11:33:18.0268 2768  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
11:33:18.0314 2768  THREADORDER - ok
11:33:18.0330 2768  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:33:18.0377 2768  TrkWks - ok
11:33:18.0424 2768  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:33:18.0517 2768  TrustedInstaller - ok
11:33:18.0548 2768  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:33:18.0564 2768  tssecsrv - ok
11:33:18.0611 2768  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:33:18.0642 2768  TsUsbFlt - ok
11:33:18.0689 2768  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:33:18.0736 2768  tunnel - ok
11:33:18.0767 2768  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:33:18.0782 2768  uagp35 - ok
11:33:18.0814 2768  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:33:18.0876 2768  udfs - ok
11:33:18.0907 2768  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
11:33:18.0938 2768  UI0Detect - ok
11:33:18.0970 2768  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:33:18.0985 2768  uliagpkx - ok
11:33:19.0016 2768  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\drivers\umbus.sys
11:33:19.0048 2768  umbus - ok
11:33:19.0063 2768  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:33:19.0063 2768  UmPass - ok
11:33:19.0094 2768  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:33:19.0157 2768  upnphost - ok
11:33:19.0188 2768  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
11:33:19.0188 2768  usbccgp - ok
11:33:19.0235 2768  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:33:19.0266 2768  usbcir - ok
11:33:19.0282 2768  [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
11:33:19.0328 2768  usbehci - ok
11:33:19.0391 2768  [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:33:19.0422 2768  usbhub - ok
11:33:19.0422 2768  [ 9406D801042FAF859CF81B2C886413DC ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
11:33:19.0453 2768  usbohci - ok
11:33:19.0484 2768  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:33:19.0500 2768  usbprint - ok
11:33:19.0562 2768  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan        C:\Windows\system32\drivers\usbscan.sys
11:33:19.0562 2768  usbscan - ok
11:33:19.0594 2768  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:33:19.0625 2768  USBSTOR - ok
11:33:19.0656 2768  [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
11:33:19.0687 2768  usbuhci - ok
11:33:19.0734 2768  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
11:33:19.0828 2768  UxSms - ok
11:33:19.0843 2768  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
11:33:19.0859 2768  VaultSvc - ok
11:33:19.0890 2768  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:33:19.0906 2768  vdrvroot - ok
11:33:19.0952 2768  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
11:33:19.0999 2768  vds - ok
11:33:20.0030 2768  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
11:33:20.0062 2768  vga - ok
11:33:20.0077 2768  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
11:33:20.0140 2768  VgaSave - ok
11:33:20.0171 2768  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
11:33:20.0218 2768  vhdmp - ok
11:33:20.0249 2768  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:33:20.0280 2768  viaide - ok
11:33:20.0296 2768  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:33:20.0311 2768  volmgr - ok
11:33:20.0342 2768  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
11:33:20.0374 2768  volmgrx - ok
11:33:20.0389 2768  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
11:33:20.0405 2768  volsnap - ok
11:33:20.0436 2768  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
11:33:20.0452 2768  vsmraid - ok
11:33:20.0514 2768  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
11:33:20.0592 2768  VSS - ok
11:33:20.0623 2768  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:33:20.0654 2768  vwifibus - ok
11:33:20.0686 2768  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
11:33:20.0748 2768  W32Time - ok
11:33:20.0764 2768  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:33:20.0779 2768  WacomPen - ok
11:33:20.0842 2768  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:33:20.0935 2768  WANARP - ok
11:33:20.0935 2768  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:33:20.0982 2768  Wanarpv6 - ok
11:33:21.0029 2768  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:33:21.0076 2768  wbengine - ok
11:33:21.0107 2768  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:33:21.0138 2768  WbioSrvc - ok
11:33:21.0169 2768  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
11:33:21.0200 2768  wcncsvc - ok
11:33:21.0216 2768  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:33:21.0247 2768  WcsPlugInService - ok
11:33:21.0278 2768  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:33:21.0294 2768  Wd - ok
11:33:21.0325 2768  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:33:21.0372 2768  Wdf01000 - ok
11:33:21.0388 2768  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:33:21.0419 2768  WdiServiceHost - ok
11:33:21.0434 2768  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
11:33:21.0450 2768  WdiSystemHost - ok
11:33:21.0497 2768  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient      C:\Windows\System32\webclnt.dll
11:33:21.0512 2768  WebClient - ok
11:33:21.0544 2768  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:33:21.0606 2768  Wecsvc - ok
11:33:21.0637 2768  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
11:33:21.0684 2768  wercplsupport - ok
11:33:21.0715 2768  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:33:21.0762 2768  WerSvc - ok
11:33:21.0809 2768  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:33:21.0856 2768  WfpLwf - ok
11:33:21.0871 2768  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:33:21.0887 2768  WIMMount - ok
11:33:21.0918 2768  WinDefend - ok
11:33:22.0043 2768  [ 0F35DFA67833ECA9B4AC97BF7D1ADEF5 ] Windows7FirewallService C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
11:33:22.0074 2768  Windows7FirewallService ( UnsignedFile.Multi.Generic ) - warning
11:33:22.0074 2768  Windows7FirewallService - detected UnsignedFile.Multi.Generic (1)
11:33:22.0090 2768  WinHttpAutoProxySvc - ok
11:33:22.0168 2768  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
11:33:22.0214 2768  Winmgmt - ok
11:33:22.0277 2768  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
11:33:22.0370 2768  WinRM - ok
11:33:22.0448 2768  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:33:22.0464 2768  WinUsb - ok
11:33:22.0495 2768  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
11:33:22.0558 2768  Wlansvc - ok
11:33:22.0573 2768  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
11:33:22.0589 2768  WmiAcpi - ok
11:33:22.0636 2768  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:33:22.0667 2768  wmiApSrv - ok
11:33:22.0682 2768  WMPNetworkSvc - ok
11:33:22.0698 2768  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:33:22.0714 2768  WPCSvc - ok
11:33:22.0745 2768  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:33:22.0776 2768  WPDBusEnum - ok
11:33:22.0823 2768  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
11:33:22.0885 2768  ws2ifsl - ok
11:33:22.0901 2768  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:33:22.0932 2768  wscsvc - ok
11:33:22.0948 2768  WSearch - ok
11:33:23.0026 2768  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:33:23.0088 2768  wuauserv - ok
11:33:23.0119 2768  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:33:23.0135 2768  WudfPf - ok
11:33:23.0166 2768  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:33:23.0182 2768  WUDFRd - ok
11:33:23.0182 2768  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
11:33:23.0197 2768  wudfsvc - ok
11:33:23.0228 2768  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc        C:\Windows\System32\wwansvc.dll
11:33:23.0260 2768  WwanSvc - ok
11:33:23.0275 2768  ================ Scan global ===============================
11:33:23.0291 2768  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:33:23.0338 2768  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:33:23.0353 2768  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:33:23.0384 2768  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:33:23.0416 2768  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:33:23.0416 2768  [Global] - ok
11:33:23.0416 2768  ================ Scan MBR ==================================
11:33:23.0431 2768  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:33:23.0837 2768  \Device\Harddisk0\DR0 - ok
11:33:23.0852 2768  [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1
11:33:24.0024 2768  \Device\Harddisk1\DR1 - ok

poldy-tec 10.03.2014 15:59
Teil 1.2

Code:
11:33:24.0024 2768  ================ Scan VBR ==================================
11:33:24.0055 2768  [ A1CED21C79CC3018B65E126A1E554F8C ] \Device\Harddisk0\DR0\Partition1
11:33:24.0055 2768  \Device\Harddisk0\DR0\Partition1 - ok
11:33:24.0071 2768  [ E2994EEE07253B815B84DE66CEDF8AC9 ] \Device\Harddisk0\DR0\Partition2
11:33:24.0071 2768  \Device\Harddisk0\DR0\Partition2 - ok
11:33:24.0086 2768  [ B5E291356670736E26BE5FE8B769E2D7 ] \Device\Harddisk0\DR0\Partition3
11:33:24.0086 2768  \Device\Harddisk0\DR0\Partition3 - ok
11:33:24.0102 2768  [ 6B18545A95599789DA173F088EB39A50 ] \Device\Harddisk0\DR0\Partition4
11:33:24.0102 2768  \Device\Harddisk0\DR0\Partition4 - ok
11:33:24.0118 2768  [ 213ECF172197D37F08806CA1EE86A795 ] \Device\Harddisk0\DR0\Partition5
11:33:24.0118 2768  \Device\Harddisk0\DR0\Partition5 - ok
11:33:24.0133 2768  [ 3DE815EFDC18CBF968B6F6AA716196D9 ] \Device\Harddisk0\DR0\Partition6
11:33:24.0133 2768  \Device\Harddisk0\DR0\Partition6 - ok
11:33:24.0149 2768  [ 1B49449C5C4F17C9F5971B2E7FACB24B ] \Device\Harddisk0\DR0\Partition7
11:33:24.0149 2768  \Device\Harddisk0\DR0\Partition7 - ok
11:33:24.0164 2768  [ ED4B58E19F467B4BE5870857DD64CCAB ] \Device\Harddisk0\DR0\Partition8
11:33:24.0164 2768  \Device\Harddisk0\DR0\Partition8 - ok
11:33:24.0180 2768  [ E3299617E7DCB89EA916A2D40EC9C045 ] \Device\Harddisk0\DR0\Partition9
11:33:24.0180 2768  \Device\Harddisk0\DR0\Partition9 - ok
11:33:24.0196 2768  [ 861DA4F0E6906FE0AB9720BEB94123C1 ] \Device\Harddisk0\DR0\Partition10
11:33:24.0196 2768  \Device\Harddisk0\DR0\Partition10 - ok
11:33:24.0227 2768  [ 64E2588E67E5491E7BBC4642886E6E57 ] \Device\Harddisk0\DR0\Partition11
11:33:24.0227 2768  \Device\Harddisk0\DR0\Partition11 - ok
11:33:24.0227 2768  [ 173CC67E33A9753E7073F4C531D04FF2 ] \Device\Harddisk1\DR1\Partition1
11:33:24.0227 2768  \Device\Harddisk1\DR1\Partition1 - ok
11:33:24.0227 2768  ============================================================
11:33:24.0227 2768  Scan finished
11:33:24.0227 2768  ============================================================
11:33:24.0242 2548  Detected object count: 1
11:33:24.0242 2548  Actual detected object count: 1
11:34:34.0162 2548  Windows7FirewallService ( UnsignedFile.Multi.Generic ) - skipped by user
11:34:34.0162 2548  Windows7FirewallService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:03.0770 0644  ============================================================
11:35:03.0770 0644  Scan started
11:35:03.0770 0644  Mode: Manual; SigCheck; TDLFS;
11:35:03.0770 0644  ============================================================
11:35:04.0301 0644  ================ Scan system memory ========================
11:35:04.0301 0644  System memory - ok
11:35:04.0301 0644  ================ Scan services =============================
11:35:04.0488 0644  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:35:04.0519 0644  1394ohci - ok
11:35:04.0550 0644  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:35:04.0582 0644  ACPI - ok
11:35:04.0597 0644  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
11:35:04.0613 0644  AcpiPmi - ok
11:35:04.0706 0644  [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:35:04.0753 0644  AdobeFlashPlayerUpdateSvc - ok
11:35:04.0784 0644  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
11:35:04.0816 0644  adp94xx - ok
11:35:04.0831 0644  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
11:35:04.0847 0644  adpahci - ok
11:35:04.0862 0644  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
11:35:04.0878 0644  adpu320 - ok
11:35:04.0909 0644  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
11:35:04.0956 0644  AeLookupSvc - ok
11:35:04.0987 0644  [ 79059559E89D06E8B80CE2944BE20228 ] AFD            C:\Windows\system32\drivers\afd.sys
11:35:05.0018 0644  AFD - ok
11:35:05.0034 0644  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:35:05.0050 0644  agp440 - ok
11:35:05.0065 0644  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
11:35:05.0081 0644  ALG - ok
11:35:05.0112 0644  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:35:05.0128 0644  aliide - ok
11:35:05.0143 0644  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:35:05.0159 0644  amdide - ok
11:35:05.0174 0644  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
11:35:05.0190 0644  AmdK8 - ok
11:35:05.0206 0644  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:35:05.0221 0644  AmdPPM - ok
11:35:05.0237 0644  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
11:35:05.0252 0644  amdsata - ok
11:35:05.0252 0644  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:35:05.0268 0644  amdsbs - ok
11:35:05.0299 0644  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
11:35:05.0299 0644  amdxata - ok
11:35:05.0330 0644  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
11:35:05.0377 0644  AppID - ok
11:35:05.0393 0644  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:35:05.0440 0644  AppIDSvc - ok
11:35:05.0471 0644  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo        C:\Windows\System32\appinfo.dll
11:35:05.0486 0644  Appinfo - ok
11:35:05.0486 0644  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
11:35:05.0502 0644  arc - ok
11:35:05.0518 0644  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:35:05.0533 0644  arcsas - ok
11:35:05.0642 0644  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:35:05.0674 0644  aspnet_state - ok
11:35:05.0689 0644  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:35:05.0736 0644  AsyncMac - ok
11:35:05.0752 0644  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
11:35:05.0767 0644  atapi - ok
11:35:05.0814 0644  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:35:05.0861 0644  AudioEndpointBuilder - ok
11:35:05.0876 0644  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:35:05.0923 0644  AudioSrv - ok
11:35:05.0954 0644  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:35:05.0970 0644  AxInstSV - ok
11:35:06.0001 0644  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
11:35:06.0017 0644  b06bdrv - ok
11:35:06.0048 0644  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:35:06.0064 0644  b57nd60a - ok
11:35:06.0095 0644  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:35:06.0095 0644  BDESVC - ok
11:35:06.0126 0644  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:35:06.0173 0644  Beep - ok
11:35:06.0220 0644  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
11:35:06.0235 0644  BFE - ok
11:35:06.0266 0644  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:35:06.0313 0644  BITS - ok
11:35:06.0329 0644  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:35:06.0344 0644  blbdrive - ok
11:35:06.0376 0644  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:35:06.0391 0644  bowser - ok
11:35:06.0407 0644  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:35:06.0422 0644  BrFiltLo - ok
11:35:06.0438 0644  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:35:06.0454 0644  BrFiltUp - ok
11:35:06.0454 0644  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:35:06.0500 0644  BridgeMP - ok
11:35:06.0547 0644  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
11:35:06.0563 0644  Browser - ok
11:35:06.0578 0644  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
11:35:06.0594 0644  Brserid - ok
11:35:06.0610 0644  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:35:06.0625 0644  BrSerWdm - ok
11:35:06.0641 0644  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:35:06.0656 0644  BrUsbMdm - ok
11:35:06.0656 0644  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:35:06.0672 0644  BrUsbSer - ok
11:35:06.0688 0644  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:35:06.0703 0644  BTHMODEM - ok
11:35:06.0734 0644  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
11:35:06.0781 0644  bthserv - ok
11:35:06.0797 0644  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:35:06.0844 0644  cdfs - ok
11:35:06.0875 0644  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\drivers\cdrom.sys
11:35:06.0890 0644  cdrom - ok
11:35:06.0922 0644  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
11:35:06.0953 0644  CertPropSvc - ok
11:35:06.0968 0644  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:35:06.0984 0644  circlass - ok
11:35:07.0031 0644  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:35:07.0046 0644  CLFS - ok
11:35:07.0124 0644  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:07.0156 0644  clr_optimization_v2.0.50727_32 - ok
11:35:07.0202 0644  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:35:07.0234 0644  clr_optimization_v2.0.50727_64 - ok
11:35:07.0280 0644  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:35:07.0296 0644  clr_optimization_v4.0.30319_32 - ok
11:35:07.0312 0644  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:35:07.0343 0644  clr_optimization_v4.0.30319_64 - ok
11:35:07.0358 0644  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:35:07.0374 0644  CmBatt - ok
11:35:07.0390 0644  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:35:07.0405 0644  cmdide - ok
11:35:07.0452 0644  [ EBF28856F69CF094A902F884CF989706 ] CNG            C:\Windows\system32\Drivers\cng.sys
11:35:07.0483 0644  CNG - ok
11:35:07.0499 0644  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:35:07.0514 0644  Compbatt - ok
11:35:07.0530 0644  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:35:07.0546 0644  CompositeBus - ok
11:35:07.0561 0644  COMSysApp - ok
11:35:07.0577 0644  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
11:35:07.0592 0644  crcdisk - ok
11:35:07.0624 0644  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:35:07.0639 0644  CryptSvc - ok
11:35:07.0686 0644  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:35:07.0733 0644  DcomLaunch - ok
11:35:07.0764 0644  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
11:35:07.0811 0644  defragsvc - ok
11:35:07.0842 0644  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:35:07.0889 0644  DfsC - ok
11:35:07.0920 0644  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:35:07.0936 0644  Dhcp - ok
11:35:07.0951 0644  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:35:07.0998 0644  discache - ok
11:35:08.0014 0644  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:35:08.0029 0644  Disk - ok
11:35:08.0060 0644  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:35:08.0076 0644  Dnscache - ok
11:35:08.0123 0644  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
11:35:08.0216 0644  dot3svc - ok
11:35:08.0232 0644  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
11:35:08.0279 0644  DPS - ok
11:35:08.0310 0644  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
11:35:08.0326 0644  drmkaud - ok
11:35:08.0372 0644  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
11:35:08.0404 0644  DXGKrnl - ok
11:35:08.0450 0644  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
11:35:08.0497 0644  EapHost - ok
11:35:08.0591 0644  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
11:35:08.0669 0644  ebdrv - ok
11:35:08.0716 0644  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS            C:\Windows\System32\lsass.exe
11:35:08.0731 0644  EFS - ok
11:35:08.0809 0644  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
11:35:08.0825 0644  ehRecvr - ok
11:35:08.0856 0644  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
11:35:08.0872 0644  ehSched - ok
11:35:08.0903 0644  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
11:35:08.0934 0644  elxstor - ok
11:35:08.0950 0644  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:35:08.0965 0644  ErrDev - ok
11:35:09.0012 0644  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
11:35:09.0059 0644  EventSystem - ok
11:35:09.0074 0644  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
11:35:09.0121 0644  exfat - ok
11:35:09.0152 0644  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
11:35:09.0199 0644  fastfat - ok
11:35:09.0230 0644  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
11:35:09.0262 0644  Fax - ok
11:35:09.0277 0644  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
11:35:09.0293 0644  fdc - ok
11:35:09.0308 0644  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
11:35:09.0355 0644  fdPHost - ok
11:35:09.0355 0644  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:35:09.0402 0644  FDResPub - ok
11:35:09.0418 0644  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:35:09.0433 0644  FileInfo - ok
11:35:09.0433 0644  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
11:35:09.0480 0644  Filetrace - ok
11:35:09.0496 0644  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:35:09.0511 0644  flpydisk - ok
11:35:09.0527 0644  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:35:09.0542 0644  FltMgr - ok
11:35:09.0605 0644  [ C4C183E6551084039EC862DA1C945E3D ] FontCache      C:\Windows\system32\FntCache.dll
11:35:09.0667 0644  FontCache - ok
11:35:09.0730 0644  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:35:09.0730 0644  FontCache3.0.0.0 - ok
11:35:09.0745 0644  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
11:35:09.0761 0644  FsDepends - ok
11:35:09.0792 0644  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:35:09.0808 0644  Fs_Rec - ok
11:35:09.0839 0644  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:35:09.0854 0644  fvevol - ok
11:35:09.0870 0644  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:35:09.0886 0644  gagp30kx - ok
11:35:09.0948 0644  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
11:35:09.0995 0644  gpsvc - ok
11:35:10.0088 0644  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:35:10.0120 0644  gupdate - ok
11:35:10.0135 0644  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:35:10.0151 0644  gupdatem - ok
11:35:10.0166 0644  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:35:10.0166 0644  hcw85cir - ok
11:35:10.0213 0644  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:35:10.0229 0644  HdAudAddService - ok
11:35:10.0244 0644  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:35:10.0260 0644  HDAudBus - ok
11:35:10.0276 0644  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
11:35:10.0291 0644  HidBatt - ok
11:35:10.0307 0644  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:35:10.0338 0644  HidBth - ok
11:35:10.0354 0644  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
11:35:10.0369 0644  HidIr - ok
11:35:10.0400 0644  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\System32\hidserv.dll
11:35:10.0432 0644  hidserv - ok
11:35:10.0478 0644  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:35:10.0494 0644  HidUsb - ok
11:35:10.0525 0644  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:35:10.0556 0644  hkmsvc - ok
11:35:10.0603 0644  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:35:10.0619 0644  HomeGroupListener - ok
11:35:10.0650 0644  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:35:10.0666 0644  HomeGroupProvider - ok
11:35:10.0681 0644  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:35:10.0697 0644  HpSAMD - ok
11:35:10.0744 0644  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:35:10.0837 0644  HTTP - ok
11:35:10.0853 0644  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:35:10.0868 0644  hwpolicy - ok
11:35:10.0900 0644  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:35:10.0915 0644  i8042prt - ok
11:35:10.0946 0644  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
11:35:10.0962 0644  iaStorV - ok
11:35:11.0009 0644  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:35:11.0040 0644  idsvc - ok
11:35:11.0040 0644  IEEtwCollectorService - ok
11:35:11.0071 0644  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
11:35:11.0087 0644  iirsp - ok
11:35:11.0134 0644  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:35:11.0196 0644  IKEEXT - ok
11:35:11.0274 0644  [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:35:11.0321 0644  IntcAzAudAddService - ok
11:35:11.0352 0644  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:35:11.0368 0644  intelide - ok
11:35:11.0383 0644  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:35:11.0399 0644  intelppm - ok
11:35:11.0414 0644  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
11:35:11.0461 0644  IPBusEnum - ok
11:35:11.0492 0644  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:35:11.0539 0644  IpFilterDriver - ok
11:35:11.0570 0644  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:35:11.0586 0644  iphlpsvc - ok
11:35:11.0617 0644  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
11:35:11.0633 0644  IPMIDRV - ok
11:35:11.0648 0644  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
11:35:11.0695 0644  IPNAT - ok
11:35:11.0711 0644  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:35:11.0726 0644  IRENUM - ok
11:35:11.0742 0644  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:35:11.0758 0644  isapnp - ok
11:35:11.0789 0644  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:35:11.0804 0644  iScsiPrt - ok
11:35:11.0820 0644  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:35:11.0836 0644  kbdclass - ok
11:35:11.0867 0644  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:35:11.0867 0644  kbdhid - ok
11:35:11.0898 0644  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
11:35:11.0898 0644  KeyIso - ok
11:35:11.0945 0644  [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
11:35:11.0960 0644  KMWDFILTER - ok
11:35:11.0992 0644  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:35:12.0007 0644  KSecDD - ok
11:35:12.0038 0644  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
11:35:12.0054 0644  KSecPkg - ok
11:35:12.0070 0644  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
11:35:12.0101 0644  ksthunk - ok
11:35:12.0132 0644  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
11:35:12.0179 0644  KtmRm - ok
11:35:12.0226 0644  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:35:12.0257 0644  LanmanServer - ok
11:35:12.0304 0644  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:35:12.0335 0644  LanmanWorkstation - ok
11:35:12.0382 0644  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:35:12.0413 0644  lltdio - ok
11:35:12.0444 0644  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
11:35:12.0491 0644  lltdsvc - ok
11:35:12.0506 0644  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
11:35:12.0553 0644  lmhosts - ok
11:35:12.0569 0644  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:35:12.0584 0644  LSI_FC - ok
11:35:12.0600 0644  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
11:35:12.0616 0644  LSI_SAS - ok
11:35:12.0631 0644  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:35:12.0647 0644  LSI_SAS2 - ok
11:35:12.0647 0644  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:35:12.0662 0644  LSI_SCSI - ok
11:35:12.0694 0644  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
11:35:12.0725 0644  luafv - ok
11:35:12.0756 0644  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
11:35:12.0772 0644  Mcx2Svc - ok
11:35:12.0803 0644  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
11:35:12.0818 0644  megasas - ok
11:35:12.0834 0644  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:35:12.0850 0644  MegaSR - ok
11:35:12.0865 0644  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
11:35:12.0912 0644  MMCSS - ok
11:35:12.0928 0644  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
11:35:12.0974 0644  Modem - ok
11:35:12.0990 0644  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
11:35:13.0006 0644  monitor - ok
11:35:13.0021 0644  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:35:13.0037 0644  mouclass - ok
11:35:13.0037 0644  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:35:13.0052 0644  mouhid - ok
11:35:13.0084 0644  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:35:13.0099 0644  mountmgr - ok
11:35:13.0130 0644  [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:35:13.0146 0644  MozillaMaintenance - ok
11:35:13.0177 0644  [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:35:13.0193 0644  MpFilter - ok
11:35:13.0240 0644  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:35:13.0255 0644  mpio - ok
11:35:13.0286 0644  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:35:13.0318 0644  mpsdrv - ok
11:35:13.0380 0644  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:35:13.0474 0644  MpsSvc - ok
11:35:13.0520 0644  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:35:13.0536 0644  MRxDAV - ok
11:35:13.0567 0644  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:35:13.0583 0644  mrxsmb - ok
11:35:13.0598 0644  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:35:13.0614 0644  mrxsmb10 - ok
11:35:13.0630 0644  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:35:13.0645 0644  mrxsmb20 - ok
11:35:13.0676 0644  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:35:13.0692 0644  msahci - ok
11:35:13.0708 0644  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
11:35:13.0723 0644  msdsm - ok
11:35:13.0754 0644  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
11:35:13.0770 0644  MSDTC - ok
11:35:13.0801 0644  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:35:13.0848 0644  Msfs - ok
11:35:13.0848 0644  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
11:35:13.0895 0644  mshidkmdf - ok
11:35:13.0926 0644  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:35:13.0942 0644  msisadrv - ok
11:35:13.0957 0644  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
11:35:14.0004 0644  MSiSCSI - ok
11:35:14.0020 0644  msiserver - ok
11:35:14.0035 0644  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
11:35:14.0082 0644  MSKSSRV - ok
11:35:14.0160 0644  [ 7675E15D1B2180745E4DA4D26AAD7385 ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:35:14.0191 0644  MsMpSvc - ok
11:35:14.0207 0644  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:35:14.0269 0644  MSPCLOCK - ok
11:35:14.0285 0644  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
11:35:14.0316 0644  MSPQM - ok
11:35:14.0347 0644  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
11:35:14.0363 0644  MsRPC - ok
11:35:14.0394 0644  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:35:14.0394 0644  mssmbios - ok
11:35:14.0410 0644  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
11:35:14.0441 0644  MSTEE - ok
11:35:14.0488 0644  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:35:14.0488 0644  MTConfig - ok
11:35:14.0519 0644  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
11:35:14.0534 0644  Mup - ok
11:35:14.0566 0644  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:35:14.0612 0644  napagent - ok
11:35:14.0644 0644  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
11:35:14.0675 0644  NativeWifiP - ok
11:35:14.0722 0644  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:35:14.0784 0644  NDIS - ok
11:35:14.0815 0644  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
11:35:14.0846 0644  NdisCap - ok
11:35:14.0878 0644  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:35:14.0909 0644  NdisTapi - ok
11:35:14.0940 0644  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
11:35:14.0987 0644  Ndisuio - ok
11:35:15.0018 0644  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
11:35:15.0049 0644  NdisWan - ok
11:35:15.0080 0644  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
11:35:15.0112 0644  NDProxy - ok
11:35:15.0127 0644  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
11:35:15.0158 0644  NetBIOS - ok
11:35:15.0205 0644  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
11:35:15.0252 0644  NetBT - ok
11:35:15.0252 0644  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
11:35:15.0268 0644  Netlogon - ok
11:35:15.0299 0644  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:35:15.0346 0644  Netman - ok
11:35:15.0392 0644  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:15.0408 0644  NetMsmqActivator - ok
11:35:15.0408 0644  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:15.0439 0644  NetPipeActivator - ok
11:35:15.0455 0644  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:35:15.0517 0644  netprofm - ok
11:35:15.0517 0644  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:15.0533 0644  NetTcpActivator - ok
11:35:15.0548 0644  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:15.0564 0644  NetTcpPortSharing - ok
11:35:15.0580 0644  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
11:35:15.0595 0644  nfrd960 - ok
11:35:15.0626 0644  [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:35:15.0642 0644  NisDrv - ok
11:35:15.0689 0644  [ 6247E8B31ED0A9D6BC5A26276E49BEB3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
11:35:15.0751 0644  NisSrv - ok
11:35:15.0782 0644  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:35:15.0814 0644  NlaSvc - ok
11:35:15.0845 0644  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:35:15.0892 0644  Npfs - ok
11:35:15.0907 0644  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
11:35:15.0954 0644  nsi - ok
11:35:15.0970 0644  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:35:16.0016 0644  nsiproxy - ok
11:35:16.0079 0644  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:35:16.0126 0644  Ntfs - ok
11:35:16.0141 0644  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:35:16.0188 0644  Null - ok
11:35:16.0219 0644  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
11:35:16.0250 0644  NVENETFD - ok
11:35:16.0282 0644  [ 554964B900AE2954B8B589B6287034AC ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
11:35:16.0297 0644  NVHDA - ok
11:35:16.0640 0644  [ E71E299FF15390E585BACF2C18F55078 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:35:16.0874 0644  nvlddmkm - ok
11:35:16.0921 0644  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:35:16.0952 0644  nvraid - ok
11:35:16.0968 0644  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:35:16.0999 0644  nvstor - ok
11:35:17.0030 0644  [ 0996A440D510904B79935A91155B0E4C ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
11:35:17.0046 0644  nvstor64 - ok
11:35:17.0093 0644  [ 415695F5A54E91E869EEBFEA261361A6 ] nvsvc          C:\Windows\system32\nvvsvc.exe
11:35:17.0124 0644  nvsvc - ok
11:35:17.0218 0644  [ AA130938A27BB80A8B6438EF83232275 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:35:17.0249 0644  nvUpdatusService - ok
11:35:17.0264 0644  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:35:17.0280 0644  nv_agp - ok
11:35:17.0311 0644  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:35:17.0311 0644  ohci1394 - ok
11:35:17.0358 0644  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:35:17.0374 0644  p2pimsvc - ok
11:35:17.0405 0644  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:35:17.0420 0644  p2psvc - ok
11:35:17.0452 0644  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
11:35:17.0467 0644  Parport - ok
11:35:17.0483 0644  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
11:35:17.0498 0644  partmgr - ok
11:35:17.0514 0644  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:35:17.0545 0644  PcaSvc - ok
11:35:17.0561 0644  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
11:35:17.0576 0644  pci - ok
11:35:17.0608 0644  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:35:17.0608 0644  pciide - ok
11:35:17.0623 0644  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:35:17.0639 0644  pcmcia - ok
11:35:17.0654 0644  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
11:35:17.0670 0644  pcw - ok
11:35:17.0701 0644  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:35:17.0748 0644  PEAUTH - ok
11:35:17.0842 0644  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:35:17.0873 0644  PerfHost - ok
11:35:17.0951 0644  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
11:35:18.0013 0644  pla - ok
11:35:18.0060 0644  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:35:18.0076 0644  PlugPlay - ok
11:35:18.0091 0644  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
11:35:18.0107 0644  PNRPAutoReg - ok
11:35:18.0138 0644  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
11:35:18.0154 0644  PNRPsvc - ok
11:35:18.0185 0644  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
11:35:18.0232 0644  PolicyAgent - ok
11:35:18.0263 0644  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
11:35:18.0310 0644  Power - ok
11:35:18.0341 0644  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:35:18.0388 0644  PptpMiniport - ok
11:35:18.0403 0644  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
11:35:18.0419 0644  Processor - ok
11:35:18.0450 0644  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
11:35:18.0466 0644  ProfSvc - ok
11:35:18.0481 0644  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
11:35:18.0497 0644  ProtectedStorage - ok
11:35:18.0544 0644  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:35:18.0622 0644  Psched - ok
11:35:18.0668 0644  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:35:18.0700 0644  ql2300 - ok
11:35:18.0715 0644  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:35:18.0731 0644  ql40xx - ok
11:35:18.0762 0644  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
11:35:18.0793 0644  QWAVE - ok
11:35:18.0809 0644  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:35:18.0824 0644  QWAVEdrv - ok
11:35:18.0840 0644  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:35:18.0887 0644  RasAcd - ok
11:35:18.0902 0644  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:18.0949 0644  RasAgileVpn - ok
11:35:18.0965 0644  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
11:35:18.0996 0644  RasAuto - ok
11:35:19.0043 0644  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:19.0121 0644  Rasl2tp - ok
11:35:19.0168 0644  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:35:19.0214 0644  RasMan - ok
11:35:19.0230 0644  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:19.0261 0644  RasPppoe - ok
11:35:19.0277 0644  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
11:35:19.0324 0644  RasSstp - ok
11:35:19.0355 0644  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
11:35:19.0402 0644  rdbss - ok
11:35:19.0417 0644  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:35:19.0433 0644  rdpbus - ok
11:35:19.0448 0644  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:35:19.0495 0644  RDPCDD - ok
11:35:19.0495 0644  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:35:19.0542 0644  RDPENCDD - ok
11:35:19.0558 0644  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:35:19.0589 0644  RDPREFMP - ok
11:35:19.0620 0644  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:35:19.0636 0644  RdpVideoMiniport - ok
11:35:19.0667 0644  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
11:35:19.0682 0644  RDPWD - ok
11:35:19.0698 0644  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:35:19.0714 0644  rdyboost - ok
11:35:19.0745 0644  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:35:19.0776 0644  RemoteAccess - ok
11:35:19.0807 0644  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:35:19.0854 0644  RemoteRegistry - ok
11:35:19.0870 0644  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:35:19.0916 0644  RpcEptMapper - ok
11:35:19.0932 0644  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:35:19.0948 0644  RpcLocator - ok
11:35:19.0994 0644  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
11:35:20.0041 0644  RpcSs - ok
11:35:20.0057 0644  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:35:20.0104 0644  rspndr - ok
11:35:20.0104 0644  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs          C:\Windows\system32\lsass.exe
11:35:20.0119 0644  SamSs - ok
11:35:20.0150 0644  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:35:20.0166 0644  sbp2port - ok
11:35:20.0197 0644  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:35:20.0244 0644  SCardSvr - ok
11:35:20.0275 0644  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:35:20.0322 0644  scfilter - ok
11:35:20.0384 0644  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:35:20.0478 0644  Schedule - ok
11:35:20.0509 0644  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
11:35:20.0556 0644  SCPolicySvc - ok
11:35:20.0587 0644  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:35:20.0603 0644  SDRSVC - ok
11:35:20.0618 0644  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:35:20.0650 0644  secdrv - ok
11:35:20.0665 0644  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:35:20.0712 0644  seclogon - ok
11:35:20.0728 0644  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:35:20.0774 0644  SENS - ok
11:35:20.0790 0644  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:35:20.0806 0644  SensrSvc - ok
11:35:20.0821 0644  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
11:35:20.0837 0644  Serenum - ok
11:35:20.0837 0644  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:35:20.0852 0644  Serial - ok
11:35:20.0884 0644  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:35:20.0899 0644  sermouse - ok
11:35:20.0930 0644  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:35:20.0977 0644  SessionEnv - ok
11:35:20.0993 0644  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
11:35:21.0008 0644  sffdisk - ok
11:35:21.0008 0644  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:35:21.0024 0644  sffp_mmc - ok
11:35:21.0040 0644  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
11:35:21.0055 0644  sffp_sd - ok
11:35:21.0071 0644  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
11:35:21.0086 0644  sfloppy - ok
11:35:21.0118 0644  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:35:21.0164 0644  SharedAccess - ok
11:35:21.0211 0644  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:35:21.0289 0644  ShellHWDetection - ok
11:35:21.0305 0644  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:35:21.0320 0644  SiSRaid2 - ok
11:35:21.0320 0644  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:35:21.0336 0644  SiSRaid4 - ok
11:35:21.0352 0644  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
11:35:21.0398 0644  Smb - ok
11:35:21.0414 0644  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:35:21.0430 0644  SNMPTRAP - ok
11:35:21.0445 0644  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
11:35:21.0461 0644  spldr - ok
11:35:21.0508 0644  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
11:35:21.0523 0644  Spooler - ok
11:35:21.0648 0644  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:35:21.0742 0644  sppsvc - ok
11:35:21.0757 0644  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
11:35:21.0804 0644  sppuinotify - ok
11:35:21.0851 0644  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
11:35:21.0866 0644  srv - ok
11:35:21.0882 0644  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:35:21.0913 0644  srv2 - ok
11:35:21.0929 0644  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:35:21.0944 0644  srvnet - ok
11:35:21.0976 0644  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
11:35:22.0007 0644  SSDPSRV - ok
11:35:22.0022 0644  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
11:35:22.0069 0644  SstpSvc - ok
11:35:22.0147 0644  [ A9D26626BEADF5A0641BF6B5095EF309 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:35:22.0178 0644  Stereo Service - ok
11:35:22.0210 0644  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:35:22.0241 0644  stexstor - ok
11:35:22.0272 0644  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:35:22.0303 0644  stisvc - ok
11:35:22.0334 0644  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:35:22.0350 0644  swenum - ok
11:35:22.0366 0644  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
11:35:22.0428 0644  swprv - ok
11:35:22.0490 0644  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
11:35:22.0522 0644  SysMain - ok
11:35:22.0568 0644  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:35:22.0584 0644  TabletInputService - ok
11:35:22.0615 0644  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
11:35:22.0662 0644  TapiSrv - ok
11:35:22.0709 0644  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
11:35:22.0787 0644  TBS - ok
11:35:22.0880 0644  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
11:35:22.0927 0644  Tcpip - ok
11:35:22.0974 0644  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:35:23.0021 0644  TCPIP6 - ok
11:35:23.0052 0644  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:35:23.0068 0644  tcpipreg - ok
11:35:23.0099 0644  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:35:23.0114 0644  TDPIPE - ok
11:35:23.0146 0644  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
11:35:23.0146 0644  TDTCP - ok
11:35:23.0177 0644  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
11:35:23.0224 0644  tdx - ok
11:35:23.0224 0644  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:35:23.0239 0644  TermDD - ok
11:35:23.0286 0644  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
11:35:23.0333 0644  TermService - ok
11:35:23.0380 0644  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:35:23.0395 0644  Themes - ok
11:35:23.0426 0644  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
11:35:23.0473 0644  THREADORDER - ok
11:35:23.0489 0644  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:35:23.0536 0644  TrkWks - ok
11:35:23.0582 0644  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:35:23.0660 0644  TrustedInstaller - ok
11:35:23.0707 0644  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:23.0723 0644  tssecsrv - ok
11:35:23.0754 0644  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:35:23.0770 0644  TsUsbFlt - ok
11:35:23.0785 0644  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:35:23.0832 0644  tunnel - ok
11:35:23.0863 0644  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:35:23.0879 0644  uagp35 - ok
11:35:23.0910 0644  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:35:23.0957 0644  udfs - ok
11:35:23.0972 0644  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
11:35:23.0988 0644  UI0Detect - ok
11:35:24.0004 0644  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:35:24.0019 0644  uliagpkx - ok
11:35:24.0050 0644  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\drivers\umbus.sys
11:35:24.0066 0644  umbus - ok
11:35:24.0082 0644  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:35:24.0097 0644  UmPass - ok
11:35:24.0128 0644  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:35:24.0175 0644  upnphost - ok
11:35:24.0206 0644  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
11:35:24.0222 0644  usbccgp - ok
11:35:24.0253 0644  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:35:24.0269 0644  usbcir - ok
11:35:24.0284 0644  [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
11:35:24.0300 0644  usbehci - ok
11:35:24.0362 0644  [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:35:24.0394 0644  usbhub - ok
11:35:24.0409 0644  [ 9406D801042FAF859CF81B2C886413DC ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
11:35:24.0440 0644  usbohci - ok
11:35:24.0456 0644  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:35:24.0472 0644  usbprint - ok
11:35:24.0503 0644  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan        C:\Windows\system32\drivers\usbscan.sys
11:35:24.0518 0644  usbscan - ok
11:35:24.0534 0644  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:35:24.0550 0644  USBSTOR - ok
11:35:24.0565 0644  [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
11:35:24.0581 0644  usbuhci - ok
11:35:24.0596 0644  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
11:35:24.0643 0644  UxSms - ok
11:35:24.0659 0644  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
11:35:24.0674 0644  VaultSvc - ok
11:35:24.0690 0644  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:35:24.0706 0644  vdrvroot - ok
11:35:24.0737 0644  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
11:35:24.0784 0644  vds - ok
11:35:24.0815 0644  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:24.0830 0644  vga - ok
11:35:24.0846 0644  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
11:35:24.0877 0644  VgaSave - ok
11:35:24.0924 0644  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
11:35:24.0940 0644  vhdmp - ok
11:35:24.0955 0644  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:35:24.0971 0644  viaide - ok
11:35:24.0986 0644  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:35:25.0002 0644  volmgr - ok
11:35:25.0033 0644  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
11:35:25.0064 0644  volmgrx - ok
11:35:25.0080 0644  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
11:35:25.0096 0644  volsnap - ok
11:35:25.0127 0644  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
11:35:25.0142 0644  vsmraid - ok
11:35:25.0205 0644  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
11:35:25.0298 0644  VSS - ok
11:35:25.0314 0644  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:35:25.0345 0644  vwifibus - ok
11:35:25.0376 0644  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
11:35:25.0423 0644  W32Time - ok
11:35:25.0454 0644  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:35:25.0470 0644  WacomPen - ok
11:35:25.0486 0644  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:35:25.0532 0644  WANARP - ok
11:35:25.0532 0644  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:35:25.0579 0644  Wanarpv6 - ok
11:35:25.0626 0644  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:35:25.0657 0644  wbengine - ok
11:35:25.0673 0644  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:35:25.0704 0644  WbioSrvc - ok
11:35:25.0735 0644  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
11:35:25.0766 0644  wcncsvc - ok
11:35:25.0766 0644  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:35:25.0782 0644  WcsPlugInService - ok
11:35:25.0813 0644  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:35:25.0829 0644  Wd - ok
11:35:25.0876 0644  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:35:25.0907 0644  Wdf01000 - ok
11:35:25.0922 0644  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:35:25.0938 0644  WdiServiceHost - ok
11:35:25.0938 0644  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
11:35:25.0969 0644  WdiSystemHost - ok
11:35:26.0000 0644  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient      C:\Windows\System32\webclnt.dll
11:35:26.0016 0644  WebClient - ok
11:35:26.0032 0644  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:35:26.0078 0644  Wecsvc - ok
11:35:26.0094 0644  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
11:35:26.0141 0644  wercplsupport - ok
11:35:26.0141 0644  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:35:26.0188 0644  WerSvc - ok
11:35:26.0203 0644  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:26.0250 0644  WfpLwf - ok
11:35:26.0266 0644  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:35:26.0281 0644  WIMMount - ok
11:35:26.0312 0644  WinDefend - ok
11:35:26.0375 0644  [ 0F35DFA67833ECA9B4AC97BF7D1ADEF5 ] Windows7FirewallService C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
11:35:26.0406 0644  Windows7FirewallService ( UnsignedFile.Multi.Generic ) - warning
11:35:26.0406 0644  Windows7FirewallService - detected UnsignedFile.Multi.Generic (1)
11:35:26.0422 0644  WinHttpAutoProxySvc - ok
11:35:26.0484 0644  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
11:35:26.0531 0644  Winmgmt - ok
11:35:26.0609 0644  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
11:35:26.0671 0644  WinRM - ok
11:35:26.0718 0644  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:26.0734 0644  WinUsb - ok
11:35:26.0780 0644  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
11:35:26.0858 0644  Wlansvc - ok
11:35:26.0890 0644  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
11:35:26.0905 0644  WmiAcpi - ok
11:35:26.0936 0644  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:35:26.0952 0644  wmiApSrv - ok
11:35:26.0968 0644  WMPNetworkSvc - ok
11:35:26.0983 0644  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:35:26.0999 0644  WPCSvc - ok
11:35:27.0030 0644  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:35:27.0046 0644  WPDBusEnum - ok
11:35:27.0061 0644  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
11:35:27.0108 0644  ws2ifsl - ok
11:35:27.0124 0644  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:35:27.0139 0644  wscsvc - ok
11:35:27.0155 0644  WSearch - ok
11:35:27.0248 0644  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:35:27.0326 0644  wuauserv - ok
11:35:27.0373 0644  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:35:27.0389 0644  WudfPf - ok
11:35:27.0404 0644  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:27.0420 0644  WUDFRd - ok
11:35:27.0436 0644  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
11:35:27.0451 0644  wudfsvc - ok
11:35:27.0482 0644  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc        C:\Windows\System32\wwansvc.dll
11:35:27.0498 0644  WwanSvc - ok
11:35:27.0498 0644  ================ Scan global ===============================
11:35:27.0529 0644  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:35:27.0576 0644  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:35:27.0576 0644  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:35:27.0607 0644  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:35:27.0654 0644  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:35:27.0654 0644  [Global] - ok
11:35:27.0654 0644  ================ Scan MBR ==================================
11:35:27.0654 0644  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:35:28.0060 0644  \Device\Harddisk0\DR0 - ok
11:35:28.0075 0644  [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1
11:35:28.0262 0644  \Device\Harddisk1\DR1 - ok
11:35:28.0262 0644  ================ Scan VBR ==================================
11:35:28.0278 0644  [ A1CED21C79CC3018B65E126A1E554F8C ] \Device\Harddisk0\DR0\Partition1
11:35:28.0278 0644  \Device\Harddisk0\DR0\Partition1 - ok
11:35:28.0294 0644  [ E2994EEE07253B815B84DE66CEDF8AC9 ] \Device\Harddisk0\DR0\Partition2
11:35:28.0294 0644  \Device\Harddisk0\DR0\Partition2 - ok
11:35:28.0309 0644  [ B5E291356670736E26BE5FE8B769E2D7 ] \Device\Harddisk0\DR0\Partition3
11:35:28.0309 0644  \Device\Harddisk0\DR0\Partition3 - ok
11:35:28.0325 0644  [ 6B18545A95599789DA173F088EB39A50 ] \Device\Harddisk0\DR0\Partition4
11:35:28.0325 0644  \Device\Harddisk0\DR0\Partition4 - ok
11:35:28.0340 0644  [ 213ECF172197D37F08806CA1EE86A795 ] \Device\Harddisk0\DR0\Partition5
11:35:28.0340 0644  \Device\Harddisk0\DR0\Partition5 - ok
11:35:28.0356 0644  [ 3DE815EFDC18CBF968B6F6AA716196D9 ] \Device\Harddisk0\DR0\Partition6
11:35:28.0356 0644  \Device\Harddisk0\DR0\Partition6 - ok
11:35:28.0372 0644  [ 1B49449C5C4F17C9F5971B2E7FACB24B ] \Device\Harddisk0\DR0\Partition7
11:35:28.0372 0644  \Device\Harddisk0\DR0\Partition7 - ok
11:35:28.0387 0644  [ ED4B58E19F467B4BE5870857DD64CCAB ] \Device\Harddisk0\DR0\Partition8
11:35:28.0387 0644  \Device\Harddisk0\DR0\Partition8 - ok
11:35:28.0403 0644  [ E3299617E7DCB89EA916A2D40EC9C045 ] \Device\Harddisk0\DR0\Partition9
11:35:28.0403 0644  \Device\Harddisk0\DR0\Partition9 - ok
11:35:28.0418 0644  [ 861DA4F0E6906FE0AB9720BEB94123C1 ] \Device\Harddisk0\DR0\Partition10
11:35:28.0434 0644  \Device\Harddisk0\DR0\Partition10 - ok
11:35:28.0450 0644  [ 64E2588E67E5491E7BBC4642886E6E57 ] \Device\Harddisk0\DR0\Partition11
11:35:28.0450 0644  \Device\Harddisk0\DR0\Partition11 - ok
11:35:28.0450 0644  [ 173CC67E33A9753E7073F4C531D04FF2 ] \Device\Harddisk1\DR1\Partition1
11:35:28.0450 0644  \Device\Harddisk1\DR1\Partition1 - ok
11:35:28.0450 0644  ============================================================
11:35:28.0450 0644  Scan finished
11:35:28.0450 0644  ============================================================
11:35:28.0465 4032  Detected object count: 1
11:35:28.0465 4032  Actual detected object count: 1
Teil 2.1

Code:
11:39:58.0626 4128  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:39:58.0672 4128  ============================================================
11:39:58.0672 4128  Current date / time: 2014/03/09 11:39:58.0672
11:39:58.0672 4128  SystemInfo:
11:39:58.0672 4128 
11:39:58.0672 4128  OS Version: 6.1.7601 ServicePack: 1.0
11:39:58.0672 4128  Product type: Workstation
11:39:58.0672 4128  ComputerName: MADISOGI-PC
11:39:58.0672 4128  UserName: MaDiSoGi
11:39:58.0672 4128  Windows directory: C:\Windows
11:39:58.0672 4128  System windows directory: C:\Windows
11:39:58.0672 4128  Running under WOW64
11:39:58.0672 4128  Processor architecture: Intel x64
11:39:58.0672 4128  Number of processors: 2
11:39:58.0672 4128  Page size: 0x1000
11:39:58.0672 4128  Boot type: Normal boot
11:39:58.0672 4128  ============================================================
11:40:00.0076 4128  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
11:40:00.0108 4128  ============================================================
11:40:00.0108 4128  \Device\Harddisk0\DR0:
11:40:00.0108 4128  MBR partitions:
11:40:00.0108 4128  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8EED5C1
11:40:00.0108 4128  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x8EED800, BlocksNum 0x1D4C000
11:40:00.0123 4128  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAC3A000, BlocksNum 0x2710000
11:40:00.0123 4128  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xD34A800, BlocksNum 0x1D4C000
11:40:00.0139 4128  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0xF097000, BlocksNum 0x9C3800
11:40:00.0139 4128  \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0xFA5B000, BlocksNum 0x186A000
11:40:00.0154 4128  \Device\Harddisk0\DR0\Partition7: MBR, Type 0x7, StartLBA 0x112C5800, BlocksNum 0x4E1800
11:40:00.0170 4128  \Device\Harddisk0\DR0\Partition8: MBR, Type 0x7, StartLBA 0x117A7800, BlocksNum 0x1D4C000
11:40:00.0186 4128  \Device\Harddisk0\DR0\Partition9: MBR, Type 0x7, StartLBA 0x134F4000, BlocksNum 0x4957000
11:40:00.0201 4128  \Device\Harddisk0\DR0\Partition10: MBR, Type 0x7, StartLBA 0x17E4B800, BlocksNum 0x4921800
11:40:00.0201 4128  \Device\Harddisk0\DR0\Partition11: MBR, Type 0x7, StartLBA 0x1C76D600, BlocksNum 0xA56BD0
11:40:00.0201 4128  ============================================================
11:40:00.0248 4128  C: <-> \Device\Harddisk0\DR0\Partition1
11:40:00.0279 4128  G: <-> \Device\Harddisk0\DR0\Partition6
11:40:00.0373 4128  M: <-> \Device\Harddisk0\DR0\Partition11
11:40:00.0466 4128  S: <-> \Device\Harddisk0\DR0\Partition5
11:40:00.0498 4128  T: <-> \Device\Harddisk0\DR0\Partition7
11:40:00.0544 4128  F: <-> \Device\Harddisk0\DR0\Partition10
11:40:00.0591 4128  D: <-> \Device\Harddisk0\DR0\Partition2
11:40:00.0638 4128  E: <-> \Device\Harddisk0\DR0\Partition9
11:40:00.0669 4128  J: <-> \Device\Harddisk0\DR0\Partition8
11:40:00.0716 4128  I: <-> \Device\Harddisk0\DR0\Partition3
11:40:00.0747 4128  H: <-> \Device\Harddisk0\DR0\Partition4
11:40:00.0747 4128  ============================================================
11:40:00.0747 4128  Initialize success
11:40:00.0747 4128  ============================================================
11:40:26.0834 4828  ============================================================
11:40:26.0834 4828  Scan started
11:40:26.0834 4828  Mode: Manual;
11:40:26.0834 4828  ============================================================
11:40:27.0364 4828  ================ Scan system memory ========================
11:40:27.0364 4828  System memory - ok
11:40:27.0380 4828  ================ Scan services =============================
11:40:27.0598 4828  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:40:27.0598 4828  1394ohci - ok
11:40:27.0661 4828  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:40:27.0661 4828  ACPI - ok
11:40:27.0692 4828  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
11:40:27.0708 4828  AcpiPmi - ok
11:40:27.0848 4828  [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:40:27.0848 4828  AdobeFlashPlayerUpdateSvc - ok
11:40:27.0942 4828  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
11:40:27.0957 4828  adp94xx - ok
11:40:28.0004 4828  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
11:40:28.0020 4828  adpahci - ok
11:40:28.0066 4828  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
11:40:28.0082 4828  adpu320 - ok
11:40:28.0129 4828  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
11:40:28.0129 4828  AeLookupSvc - ok
11:40:28.0222 4828  [ 79059559E89D06E8B80CE2944BE20228 ] AFD            C:\Windows\system32\drivers\afd.sys
11:40:28.0238 4828  AFD - ok
11:40:28.0332 4828  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:40:28.0332 4828  agp440 - ok
11:40:28.0378 4828  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
11:40:28.0394 4828  ALG - ok
11:40:28.0472 4828  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:40:28.0488 4828  aliide - ok
11:40:28.0519 4828  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:40:28.0534 4828  amdide - ok
11:40:28.0644 4828  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
11:40:28.0644 4828  AmdK8 - ok
11:40:28.0675 4828  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:40:28.0690 4828  AmdPPM - ok
11:40:28.0753 4828  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
11:40:28.0753 4828  amdsata - ok
11:40:28.0815 4828  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:40:28.0815 4828  amdsbs - ok
11:40:28.0846 4828  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
11:40:28.0846 4828  amdxata - ok
11:40:28.0878 4828  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
11:40:28.0878 4828  AppID - ok
11:40:28.0924 4828  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:40:28.0924 4828  AppIDSvc - ok
11:40:28.0971 4828  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo        C:\Windows\System32\appinfo.dll
11:40:28.0971 4828  Appinfo - ok
11:40:29.0002 4828  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
11:40:29.0002 4828  arc - ok
11:40:29.0018 4828  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:40:29.0034 4828  arcsas - ok
11:40:29.0112 4828  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:40:29.0174 4828  aspnet_state - ok
11:40:29.0205 4828  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:40:29.0205 4828  AsyncMac - ok
11:40:29.0252 4828  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
11:40:29.0252 4828  atapi - ok
11:40:29.0283 4828  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:40:29.0299 4828  AudioEndpointBuilder - ok
11:40:29.0314 4828  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:40:29.0314 4828  AudioSrv - ok
11:40:29.0361 4828  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:40:29.0361 4828  AxInstSV - ok
11:40:29.0408 4828  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
11:40:29.0424 4828  b06bdrv - ok
11:40:29.0439 4828  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:40:29.0455 4828  b57nd60a - ok
11:40:29.0486 4828  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:40:29.0486 4828  BDESVC - ok
11:40:29.0502 4828  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:40:29.0502 4828  Beep - ok
11:40:29.0548 4828  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
11:40:29.0564 4828  BFE - ok
11:40:29.0611 4828  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:40:29.0626 4828  BITS - ok
11:40:29.0658 4828  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:40:29.0658 4828  blbdrive - ok
11:40:29.0689 4828  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:40:29.0689 4828  bowser - ok
11:40:29.0704 4828  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:40:29.0704 4828  BrFiltLo - ok
11:40:29.0720 4828  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:40:29.0720 4828  BrFiltUp - ok
11:40:29.0751 4828  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:40:29.0751 4828  BridgeMP - ok
11:40:29.0782 4828  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
11:40:29.0782 4828  Browser - ok
11:40:29.0814 4828  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
11:40:29.0814 4828  Brserid - ok
11:40:29.0829 4828  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:40:29.0829 4828  BrSerWdm - ok
11:40:29.0845 4828  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:40:29.0845 4828  BrUsbMdm - ok
11:40:29.0860 4828  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:40:29.0860 4828  BrUsbSer - ok
11:40:29.0892 4828  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:40:29.0892 4828  BTHMODEM - ok
11:40:29.0923 4828  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
11:40:29.0938 4828  bthserv - ok
11:40:29.0954 4828  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:40:29.0970 4828  cdfs - ok
11:40:30.0016 4828  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\drivers\cdrom.sys
11:40:30.0016 4828  cdrom - ok
11:40:30.0063 4828  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
11:40:30.0063 4828  CertPropSvc - ok
11:40:30.0094 4828  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:40:30.0094 4828  circlass - ok
11:40:30.0141 4828  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:40:30.0157 4828  CLFS - ok
11:40:30.0235 4828  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:30.0250 4828  clr_optimization_v2.0.50727_32 - ok
11:40:30.0282 4828  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:40:30.0282 4828  clr_optimization_v2.0.50727_64 - ok
11:40:30.0375 4828  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:30.0438 4828  clr_optimization_v4.0.30319_32 - ok
11:40:30.0469 4828  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:40:30.0500 4828  clr_optimization_v4.0.30319_64 - ok
11:40:30.0531 4828  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:40:30.0531 4828  CmBatt - ok
11:40:30.0547 4828  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:40:30.0547 4828  cmdide - ok
11:40:30.0594 4828  [ EBF28856F69CF094A902F884CF989706 ] CNG            C:\Windows\system32\Drivers\cng.sys
11:40:30.0609 4828  CNG - ok
11:40:30.0625 4828  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:40:30.0625 4828  Compbatt - ok
11:40:30.0656 4828  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:40:30.0656 4828  CompositeBus - ok
11:40:30.0672 4828  COMSysApp - ok
11:40:30.0687 4828  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
11:40:30.0687 4828  crcdisk - ok
11:40:30.0750 4828  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:40:30.0750 4828  CryptSvc - ok
11:40:30.0812 4828  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:40:30.0828 4828  DcomLaunch - ok
11:40:30.0874 4828  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
11:40:30.0890 4828  defragsvc - ok
11:40:30.0921 4828  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:40:30.0921 4828  DfsC - ok
11:40:30.0984 4828  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:40:30.0999 4828  Dhcp - ok
11:40:31.0015 4828  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:40:31.0030 4828  discache - ok
11:40:31.0062 4828  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:40:31.0062 4828  Disk - ok
11:40:31.0093 4828  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:40:31.0093 4828  Dnscache - ok
11:40:31.0140 4828  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
11:40:31.0140 4828  dot3svc - ok
11:40:31.0171 4828  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
11:40:31.0171 4828  DPS - ok
11:40:31.0202 4828  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
11:40:31.0202 4828  drmkaud - ok
11:40:31.0249 4828  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
11:40:31.0264 4828  DXGKrnl - ok
11:40:31.0296 4828  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
11:40:31.0296 4828  EapHost - ok
11:40:31.0420 4828  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
11:40:31.0498 4828  ebdrv - ok
11:40:31.0545 4828  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS            C:\Windows\System32\lsass.exe
11:40:31.0545 4828  EFS - ok
11:40:31.0608 4828  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
11:40:31.0623 4828  ehRecvr - ok
11:40:31.0654 4828  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
11:40:31.0654 4828  ehSched - ok
11:40:31.0701 4828  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
11:40:31.0701 4828  elxstor - ok
11:40:31.0732 4828  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:40:31.0732 4828  ErrDev - ok
11:40:31.0795 4828  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
11:40:31.0810 4828  EventSystem - ok
11:40:31.0842 4828  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
11:40:31.0842 4828  exfat - ok
11:40:31.0873 4828  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
11:40:31.0873 4828  fastfat - ok
11:40:31.0935 4828  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
11:40:31.0951 4828  Fax - ok
11:40:31.0982 4828  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
11:40:31.0982 4828  fdc - ok
11:40:31.0998 4828  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
11:40:31.0998 4828  fdPHost - ok
11:40:32.0013 4828  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:40:32.0013 4828  FDResPub - ok
11:40:32.0029 4828  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:40:32.0029 4828  FileInfo - ok
11:40:32.0044 4828  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
11:40:32.0044 4828  Filetrace - ok
11:40:32.0060 4828  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:40:32.0060 4828  flpydisk - ok
11:40:32.0091 4828  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:40:32.0091 4828  FltMgr - ok
11:40:32.0154 4828  [ C4C183E6551084039EC862DA1C945E3D ] FontCache      C:\Windows\system32\FntCache.dll
11:40:32.0169 4828  FontCache - ok
11:40:32.0216 4828  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:40:32.0232 4828  FontCache3.0.0.0 - ok
11:40:32.0247 4828  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
11:40:32.0247 4828  FsDepends - ok
11:40:32.0278 4828  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:40:32.0278 4828  Fs_Rec - ok
11:40:32.0325 4828  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:40:32.0325 4828  fvevol - ok
11:40:32.0372 4828  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:40:32.0372 4828  gagp30kx - ok
11:40:32.0403 4828  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
11:40:32.0419 4828  gpsvc - ok
11:40:32.0559 4828  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:40:32.0559 4828  gupdate - ok
11:40:32.0590 4828  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:40:32.0590 4828  gupdatem - ok
11:40:32.0606 4828  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:40:32.0606 4828  hcw85cir - ok
11:40:32.0653 4828  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:40:32.0653 4828  HdAudAddService - ok
11:40:32.0684 4828  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:40:32.0700 4828  HDAudBus - ok
11:40:32.0715 4828  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
11:40:32.0715 4828  HidBatt - ok
11:40:32.0746 4828  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:40:32.0746 4828  HidBth - ok
11:40:32.0762 4828  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
11:40:32.0778 4828  HidIr - ok
11:40:32.0793 4828  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\System32\hidserv.dll
11:40:32.0809 4828  hidserv - ok
11:40:32.0840 4828  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:40:32.0856 4828  HidUsb - ok
11:40:32.0887 4828  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:40:32.0887 4828  hkmsvc - ok
11:40:32.0918 4828  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:40:32.0918 4828  HomeGroupListener - ok
11:40:32.0949 4828  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:40:32.0965 4828  HomeGroupProvider - ok
11:40:32.0996 4828  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:40:32.0996 4828  HpSAMD - ok
11:40:33.0058 4828  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:40:33.0074 4828  HTTP - ok
11:40:33.0105 4828  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:40:33.0105 4828  hwpolicy - ok
11:40:33.0152 4828  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:40:33.0152 4828  i8042prt - ok
11:40:33.0183 4828  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
11:40:33.0183 4828  iaStorV - ok
11:40:33.0261 4828  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:40:33.0277 4828  idsvc - ok
11:40:33.0324 4828  IEEtwCollectorService - ok
11:40:33.0355 4828  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
11:40:33.0355 4828  iirsp - ok
11:40:33.0402 4828  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:40:33.0417 4828  IKEEXT - ok
11:40:33.0495 4828  [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:40:33.0511 4828  IntcAzAudAddService - ok
11:40:33.0526 4828  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:40:33.0542 4828  intelide - ok
11:40:33.0558 4828  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:40:33.0573 4828  intelppm - ok
11:40:33.0589 4828  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
11:40:33.0589 4828  IPBusEnum - ok
11:40:33.0636 4828  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:40:33.0636 4828  IpFilterDriver - ok
11:40:33.0667 4828  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:40:33.0682 4828  iphlpsvc - ok
11:40:33.0714 4828  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
11:40:33.0714 4828  IPMIDRV - ok
11:40:33.0729 4828  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
11:40:33.0729 4828  IPNAT - ok
11:40:33.0745 4828  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:40:33.0745 4828  IRENUM - ok
11:40:33.0776 4828  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:40:33.0776 4828  isapnp - ok
11:40:33.0807 4828  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:40:33.0823 4828  iScsiPrt - ok
11:40:33.0838 4828  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:40:33.0838 4828  kbdclass - ok
11:40:33.0870 4828  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:40:33.0870 4828  kbdhid - ok
11:40:33.0885 4828  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
11:40:33.0885 4828  KeyIso - ok
11:40:33.0916 4828  [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
11:40:33.0916 4828  KMWDFILTER - ok
11:40:33.0963 4828  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:40:33.0963 4828  KSecDD - ok
11:40:34.0010 4828  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
11:40:34.0010 4828  KSecPkg - ok
11:40:34.0041 4828  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
11:40:34.0041 4828  ksthunk - ok
11:40:34.0072 4828  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
11:40:34.0088 4828  KtmRm - ok
11:40:34.0119 4828  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:40:34.0119 4828  LanmanServer - ok
11:40:34.0150 4828  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:40:34.0150 4828  LanmanWorkstation - ok
11:40:34.0197 4828  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:40:34.0197 4828  lltdio - ok
11:40:34.0228 4828  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
11:40:34.0244 4828  lltdsvc - ok
11:40:34.0260 4828  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
11:40:34.0260 4828  lmhosts - ok
11:40:34.0291 4828  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:40:34.0291 4828  LSI_FC - ok
11:40:34.0306 4828  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
11:40:34.0306 4828  LSI_SAS - ok
11:40:34.0322 4828  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:40:34.0322 4828  LSI_SAS2 - ok
11:40:34.0322 4828  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:40:34.0338 4828  LSI_SCSI - ok
11:40:34.0353 4828  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
11:40:34.0369 4828  luafv - ok
11:40:34.0400 4828  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
11:40:34.0400 4828  Mcx2Svc - ok
11:40:34.0416 4828  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
11:40:34.0416 4828  megasas - ok
11:40:34.0431 4828  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:40:34.0431 4828  MegaSR - ok
11:40:34.0447 4828  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
11:40:34.0447 4828  MMCSS - ok
11:40:34.0462 4828  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
11:40:34.0462 4828  Modem - ok
11:40:34.0494 4828  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
11:40:34.0494 4828  monitor - ok
11:40:34.0494 4828  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:40:34.0509 4828  mouclass - ok
11:40:34.0509 4828  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:40:34.0525 4828  mouhid - ok
11:40:34.0540 4828  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:40:34.0556 4828  mountmgr - ok
11:40:34.0587 4828  [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:40:34.0603 4828  MozillaMaintenance - ok
11:40:34.0665 4828  [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:40:34.0665 4828  MpFilter - ok
11:40:34.0712 4828  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:40:34.0712 4828  mpio - ok
11:40:34.0743 4828  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:40:34.0743 4828  mpsdrv - ok
11:40:34.0806 4828  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:40:34.0821 4828  MpsSvc - ok
11:40:34.0852 4828  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:40:34.0868 4828  MRxDAV - ok
11:40:34.0899 4828  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:40:34.0899 4828  mrxsmb - ok
11:40:34.0915 4828  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:40:34.0930 4828  mrxsmb10 - ok
11:40:34.0930 4828  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:40:34.0946 4828  mrxsmb20 - ok
11:40:34.0962 4828  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:40:34.0962 4828  msahci - ok
11:40:34.0977 4828  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
11:40:34.0977 4828  msdsm - ok
11:40:34.0993 4828  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
11:40:35.0008 4828  MSDTC - ok
11:40:35.0024 4828  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:40:35.0040 4828  Msfs - ok
11:40:35.0040 4828  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
11:40:35.0040 4828  mshidkmdf - ok
11:40:35.0071 4828  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:40:35.0071 4828  msisadrv - ok
11:40:35.0118 4828  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
11:40:35.0118 4828  MSiSCSI - ok
11:40:35.0118 4828  msiserver - ok
11:40:35.0149 4828  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
11:40:35.0149 4828  MSKSSRV - ok
11:40:35.0258 4828  [ 7675E15D1B2180745E4DA4D26AAD7385 ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:40:35.0258 4828  MsMpSvc - ok
11:40:35.0289 4828  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:40:35.0289 4828  MSPCLOCK - ok
11:40:35.0305 4828  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
11:40:35.0305 4828  MSPQM - ok
11:40:35.0336 4828  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
11:40:35.0336 4828  MsRPC - ok
11:40:35.0367 4828  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:40:35.0367 4828  mssmbios - ok
11:40:35.0367 4828  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
11:40:35.0367 4828  MSTEE - ok
11:40:35.0398 4828  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:40:35.0398 4828  MTConfig - ok
11:40:35.0430 4828  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
11:40:35.0430 4828  Mup - ok
11:40:35.0476 4828  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:40:35.0476 4828  napagent - ok
11:40:35.0523 4828  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
11:40:35.0523 4828  NativeWifiP - ok
11:40:35.0586 4828  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:40:35.0601 4828  NDIS - ok
11:40:35.0617 4828  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
11:40:35.0617 4828  NdisCap - ok
11:40:35.0632 4828  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:40:35.0632 4828  NdisTapi - ok
11:40:35.0664 4828  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
11:40:35.0664 4828  Ndisuio - ok
11:40:35.0710 4828  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
11:40:35.0710 4828  NdisWan - ok
11:40:35.0742 4828  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
11:40:35.0742 4828  NDProxy - ok
11:40:35.0757 4828  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
11:40:35.0757 4828  NetBIOS - ok
11:40:35.0804 4828  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
11:40:35.0820 4828  NetBT - ok
11:40:35.0835 4828  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
11:40:35.0835 4828  Netlogon - ok
11:40:35.0882 4828  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:40:35.0898 4828  Netman - ok
11:40:35.0929 4828  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:35.0944 4828  NetMsmqActivator - ok
11:40:35.0960 4828  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:35.0960 4828  NetPipeActivator - ok
11:40:35.0976 4828  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:40:35.0991 4828  netprofm - ok
11:40:35.0991 4828  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:36.0007 4828  NetTcpActivator - ok
11:40:36.0007 4828  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:36.0007 4828  NetTcpPortSharing - ok
11:40:36.0038 4828  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
11:40:36.0038 4828  nfrd960 - ok

poldy-tec 10.03.2014 16:00
Teil 2.2

Code:
11:40:36.0116 4828  [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:40:36.0116 4828  NisDrv - ok
11:40:36.0178 4828  [ 6247E8B31ED0A9D6BC5A26276E49BEB3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
11:40:36.0178 4828  NisSrv - ok
11:40:36.0225 4828  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:40:36.0241 4828  NlaSvc - ok
11:40:36.0288 4828  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:40:36.0288 4828  Npfs - ok
11:40:36.0350 4828  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
11:40:36.0350 4828  nsi - ok
11:40:36.0397 4828  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:40:36.0397 4828  nsiproxy - ok
11:40:36.0459 4828  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:40:36.0490 4828  Ntfs - ok
11:40:36.0506 4828  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:40:36.0506 4828  Null - ok
11:40:36.0553 4828  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
11:40:36.0553 4828  NVENETFD - ok
11:40:36.0615 4828  [ 554964B900AE2954B8B589B6287034AC ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
11:40:36.0615 4828  NVHDA - ok
11:40:36.0974 4828  [ E71E299FF15390E585BACF2C18F55078 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:40:37.0068 4828  nvlddmkm - ok
11:40:37.0114 4828  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:40:37.0114 4828  nvraid - ok
11:40:37.0146 4828  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:40:37.0146 4828  nvstor - ok
11:40:37.0177 4828  [ 0996A440D510904B79935A91155B0E4C ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
11:40:37.0177 4828  nvstor64 - ok
11:40:37.0255 4828  [ 415695F5A54E91E869EEBFEA261361A6 ] nvsvc          C:\Windows\system32\nvvsvc.exe
11:40:37.0286 4828  nvsvc - ok
11:40:37.0395 4828  [ AA130938A27BB80A8B6438EF83232275 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:40:37.0411 4828  nvUpdatusService - ok
11:40:37.0442 4828  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:40:37.0442 4828  nv_agp - ok
11:40:37.0473 4828  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:40:37.0473 4828  ohci1394 - ok
11:40:37.0504 4828  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:40:37.0504 4828  p2pimsvc - ok
11:40:37.0536 4828  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:40:37.0536 4828  p2psvc - ok
11:40:37.0567 4828  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
11:40:37.0567 4828  Parport - ok
11:40:37.0582 4828  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
11:40:37.0598 4828  partmgr - ok
11:40:37.0614 4828  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:40:37.0614 4828  PcaSvc - ok
11:40:37.0645 4828  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
11:40:37.0660 4828  pci - ok
11:40:37.0676 4828  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:40:37.0676 4828  pciide - ok
11:40:37.0692 4828  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:40:37.0692 4828  pcmcia - ok
11:40:37.0707 4828  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
11:40:37.0707 4828  pcw - ok
11:40:37.0738 4828  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:40:37.0754 4828  PEAUTH - ok
11:40:37.0848 4828  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:40:37.0863 4828  PerfHost - ok
11:40:37.0941 4828  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
11:40:37.0957 4828  pla - ok
11:40:38.0019 4828  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:40:38.0019 4828  PlugPlay - ok
11:40:38.0066 4828  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
11:40:38.0066 4828  PNRPAutoReg - ok
11:40:38.0082 4828  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
11:40:38.0097 4828  PNRPsvc - ok
11:40:38.0128 4828  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
11:40:38.0128 4828  PolicyAgent - ok
11:40:38.0160 4828  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
11:40:38.0175 4828  Power - ok
11:40:38.0222 4828  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:40:38.0222 4828  PptpMiniport - ok
11:40:38.0238 4828  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
11:40:38.0253 4828  Processor - ok
11:40:38.0269 4828  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
11:40:38.0284 4828  ProfSvc - ok
11:40:38.0300 4828  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
11:40:38.0300 4828  ProtectedStorage - ok
11:40:38.0347 4828  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:40:38.0347 4828  Psched - ok
11:40:38.0425 4828  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:40:38.0456 4828  ql2300 - ok
11:40:38.0456 4828  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:40:38.0472 4828  ql40xx - ok
11:40:38.0503 4828  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
11:40:38.0503 4828  QWAVE - ok
11:40:38.0550 4828  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:40:38.0550 4828  QWAVEdrv - ok
11:40:38.0565 4828  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:40:38.0565 4828  RasAcd - ok
11:40:38.0596 4828  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
11:40:38.0596 4828  RasAgileVpn - ok
11:40:38.0612 4828  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
11:40:38.0612 4828  RasAuto - ok
11:40:38.0643 4828  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
11:40:38.0643 4828  Rasl2tp - ok
11:40:38.0690 4828  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:40:38.0690 4828  RasMan - ok
11:40:38.0706 4828  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:40:38.0706 4828  RasPppoe - ok
11:40:38.0721 4828  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
11:40:38.0721 4828  RasSstp - ok
11:40:38.0752 4828  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
11:40:38.0768 4828  rdbss - ok
11:40:38.0784 4828  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:40:38.0784 4828  rdpbus - ok
11:40:38.0799 4828  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:40:38.0799 4828  RDPCDD - ok
11:40:38.0815 4828  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:40:38.0815 4828  RDPENCDD - ok
11:40:38.0830 4828  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:40:38.0830 4828  RDPREFMP - ok
11:40:38.0893 4828  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:40:38.0908 4828  RdpVideoMiniport - ok
11:40:38.0940 4828  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
11:40:38.0940 4828  RDPWD - ok
11:40:38.0971 4828  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:40:38.0986 4828  rdyboost - ok
11:40:39.0018 4828  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:40:39.0033 4828  RemoteAccess - ok
11:40:39.0064 4828  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:40:39.0064 4828  RemoteRegistry - ok
11:40:39.0096 4828  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:40:39.0096 4828  RpcEptMapper - ok
11:40:39.0111 4828  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:40:39.0111 4828  RpcLocator - ok
11:40:39.0142 4828  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
11:40:39.0142 4828  RpcSs - ok
11:40:39.0189 4828  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:40:39.0189 4828  rspndr - ok
11:40:39.0189 4828  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs          C:\Windows\system32\lsass.exe
11:40:39.0189 4828  SamSs - ok
11:40:39.0236 4828  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:40:39.0236 4828  sbp2port - ok
11:40:39.0252 4828  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:40:39.0267 4828  SCardSvr - ok
11:40:39.0283 4828  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:40:39.0283 4828  scfilter - ok
11:40:39.0330 4828  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:40:39.0345 4828  Schedule - ok
11:40:39.0392 4828  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
11:40:39.0392 4828  SCPolicySvc - ok
11:40:39.0408 4828  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:40:39.0423 4828  SDRSVC - ok
11:40:39.0439 4828  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:40:39.0439 4828  secdrv - ok
11:40:39.0454 4828  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:40:39.0454 4828  seclogon - ok
11:40:39.0486 4828  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:40:39.0486 4828  SENS - ok
11:40:39.0501 4828  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:40:39.0517 4828  SensrSvc - ok
11:40:39.0532 4828  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
11:40:39.0532 4828  Serenum - ok
11:40:39.0564 4828  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:40:39.0564 4828  Serial - ok
11:40:39.0595 4828  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:40:39.0595 4828  sermouse - ok
11:40:39.0626 4828  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:40:39.0626 4828  SessionEnv - ok
11:40:39.0657 4828  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
11:40:39.0657 4828  sffdisk - ok
11:40:39.0673 4828  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:40:39.0673 4828  sffp_mmc - ok
11:40:39.0688 4828  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
11:40:39.0688 4828  sffp_sd - ok
11:40:39.0704 4828  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
11:40:39.0704 4828  sfloppy - ok
11:40:39.0735 4828  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:40:39.0751 4828  SharedAccess - ok
11:40:39.0782 4828  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:40:39.0782 4828  ShellHWDetection - ok
11:40:39.0813 4828  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:40:39.0813 4828  SiSRaid2 - ok
11:40:39.0829 4828  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:40:39.0844 4828  SiSRaid4 - ok
11:40:39.0860 4828  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
11:40:39.0860 4828  Smb - ok
11:40:39.0891 4828  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:40:39.0891 4828  SNMPTRAP - ok
11:40:39.0907 4828  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
11:40:39.0907 4828  spldr - ok
11:40:39.0938 4828  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
11:40:39.0954 4828  Spooler - ok
11:40:40.0047 4828  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:40:40.0110 4828  sppsvc - ok
11:40:40.0141 4828  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
11:40:40.0141 4828  sppuinotify - ok
11:40:40.0172 4828  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
11:40:40.0188 4828  srv - ok
11:40:40.0203 4828  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:40:40.0203 4828  srv2 - ok
11:40:40.0234 4828  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:40:40.0234 4828  srvnet - ok
11:40:40.0266 4828  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
11:40:40.0281 4828  SSDPSRV - ok
11:40:40.0297 4828  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
11:40:40.0297 4828  SstpSvc - ok
11:40:40.0359 4828  [ A9D26626BEADF5A0641BF6B5095EF309 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:40:40.0375 4828  Stereo Service - ok
11:40:40.0390 4828  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:40:40.0390 4828  stexstor - ok
11:40:40.0453 4828  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:40:40.0468 4828  stisvc - ok
11:40:40.0484 4828  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:40:40.0484 4828  swenum - ok
11:40:40.0515 4828  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
11:40:40.0515 4828  swprv - ok
11:40:40.0593 4828  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
11:40:40.0640 4828  SysMain - ok
11:40:40.0671 4828  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:40:40.0671 4828  TabletInputService - ok
11:40:40.0718 4828  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
11:40:40.0734 4828  TapiSrv - ok
11:40:40.0765 4828  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
11:40:40.0765 4828  TBS - ok
11:40:40.0874 4828  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
11:40:40.0905 4828  Tcpip - ok
11:40:40.0936 4828  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:40:40.0952 4828  TCPIP6 - ok
11:40:40.0983 4828  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:40:40.0999 4828  tcpipreg - ok
11:40:41.0014 4828  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:40:41.0014 4828  TDPIPE - ok
11:40:41.0030 4828  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
11:40:41.0046 4828  TDTCP - ok
11:40:41.0061 4828  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
11:40:41.0061 4828  tdx - ok
11:40:41.0092 4828  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:40:41.0092 4828  TermDD - ok
11:40:41.0139 4828  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
11:40:41.0155 4828  TermService - ok
11:40:41.0186 4828  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:40:41.0186 4828  Themes - ok
11:40:41.0217 4828  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
11:40:41.0217 4828  THREADORDER - ok
11:40:41.0217 4828  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:40:41.0233 4828  TrkWks - ok
11:40:41.0295 4828  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:40:41.0311 4828  TrustedInstaller - ok
11:40:41.0342 4828  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:40:41.0358 4828  tssecsrv - ok
11:40:41.0404 4828  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:40:41.0404 4828  TsUsbFlt - ok
11:40:41.0467 4828  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:40:41.0467 4828  tunnel - ok
11:40:41.0498 4828  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:40:41.0498 4828  uagp35 - ok
11:40:41.0529 4828  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:40:41.0545 4828  udfs - ok
11:40:41.0592 4828  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
11:40:41.0592 4828  UI0Detect - ok
11:40:41.0623 4828  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:40:41.0623 4828  uliagpkx - ok
11:40:41.0857 4828  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\drivers\umbus.sys
11:40:41.0857 4828  umbus - ok
11:40:41.0872 4828  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:40:41.0872 4828  UmPass - ok
11:40:41.0919 4828  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:40:41.0935 4828  upnphost - ok
11:40:41.0966 4828  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
11:40:41.0966 4828  usbccgp - ok
11:40:41.0997 4828  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:40:41.0997 4828  usbcir - ok
11:40:42.0013 4828  [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
11:40:42.0013 4828  usbehci - ok
11:40:42.0075 4828  [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:40:42.0075 4828  usbhub - ok
11:40:42.0091 4828  [ 9406D801042FAF859CF81B2C886413DC ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
11:40:42.0091 4828  usbohci - ok
11:40:42.0106 4828  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:40:42.0106 4828  usbprint - ok
11:40:42.0153 4828  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan        C:\Windows\system32\drivers\usbscan.sys
11:40:42.0153 4828  usbscan - ok
11:40:42.0184 4828  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:40:42.0184 4828  USBSTOR - ok
11:40:42.0231 4828  [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
11:40:42.0231 4828  usbuhci - ok
11:40:42.0262 4828  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
11:40:42.0278 4828  UxSms - ok
11:40:42.0294 4828  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
11:40:42.0294 4828  VaultSvc - ok
11:40:42.0325 4828  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:40:42.0325 4828  vdrvroot - ok
11:40:42.0372 4828  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
11:40:42.0387 4828  vds - ok
11:40:42.0418 4828  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
11:40:42.0418 4828  vga - ok
11:40:42.0434 4828  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
11:40:42.0450 4828  VgaSave - ok
11:40:42.0465 4828  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
11:40:42.0465 4828  vhdmp - ok
11:40:42.0496 4828  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:40:42.0512 4828  viaide - ok
11:40:42.0528 4828  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:40:42.0528 4828  volmgr - ok
11:40:42.0559 4828  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
11:40:42.0574 4828  volmgrx - ok
11:40:42.0590 4828  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
11:40:42.0590 4828  volsnap - ok
11:40:42.0621 4828  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
11:40:42.0637 4828  vsmraid - ok
11:40:42.0684 4828  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
11:40:42.0715 4828  VSS - ok
11:40:42.0715 4828  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:40:42.0715 4828  vwifibus - ok
11:40:42.0746 4828  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
11:40:42.0762 4828  W32Time - ok
11:40:42.0793 4828  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:40:42.0793 4828  WacomPen - ok
11:40:42.0840 4828  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:40:42.0840 4828  WANARP - ok
11:40:42.0855 4828  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:40:42.0855 4828  Wanarpv6 - ok
11:40:42.0902 4828  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:40:42.0918 4828  wbengine - ok
11:40:42.0949 4828  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:40:42.0949 4828  WbioSrvc - ok
11:40:42.0980 4828  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
11:40:42.0996 4828  wcncsvc - ok
11:40:43.0011 4828  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:40:43.0011 4828  WcsPlugInService - ok
11:40:43.0027 4828  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:40:43.0027 4828  Wd - ok
11:40:43.0074 4828  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:40:43.0089 4828  Wdf01000 - ok
11:40:43.0105 4828  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:40:43.0120 4828  WdiServiceHost - ok
11:40:43.0120 4828  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
11:40:43.0136 4828  WdiSystemHost - ok
11:40:43.0167 4828  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient      C:\Windows\System32\webclnt.dll
11:40:43.0183 4828  WebClient - ok
11:40:43.0198 4828  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:40:43.0214 4828  Wecsvc - ok
11:40:43.0230 4828  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
11:40:43.0230 4828  wercplsupport - ok
11:40:43.0245 4828  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:40:43.0261 4828  WerSvc - ok
11:40:43.0261 4828  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:40:43.0276 4828  WfpLwf - ok
11:40:43.0292 4828  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:40:43.0292 4828  WIMMount - ok
11:40:43.0308 4828  WinDefend - ok
11:40:43.0386 4828  [ 0F35DFA67833ECA9B4AC97BF7D1ADEF5 ] Windows7FirewallService C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
11:40:43.0401 4828  Windows7FirewallService - ok
11:40:43.0417 4828  WinHttpAutoProxySvc - ok
11:40:43.0479 4828  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
11:40:43.0479 4828  Winmgmt - ok
11:40:43.0573 4828  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
11:40:43.0620 4828  WinRM - ok
11:40:43.0682 4828  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:40:43.0682 4828  WinUsb - ok
11:40:43.0729 4828  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
11:40:43.0744 4828  Wlansvc - ok
11:40:43.0776 4828  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
11:40:43.0776 4828  WmiAcpi - ok
11:40:43.0822 4828  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:40:43.0822 4828  wmiApSrv - ok
11:40:43.0854 4828  WMPNetworkSvc - ok
11:40:43.0869 4828  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:40:43.0869 4828  WPCSvc - ok
11:40:43.0900 4828  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:40:43.0900 4828  WPDBusEnum - ok
11:40:43.0932 4828  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
11:40:43.0932 4828  ws2ifsl - ok
11:40:43.0947 4828  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:40:43.0947 4828  wscsvc - ok
11:40:43.0947 4828  WSearch - ok
11:40:44.0025 4828  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:40:44.0072 4828  wuauserv - ok
11:40:44.0119 4828  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:40:44.0119 4828  WudfPf - ok
11:40:44.0134 4828  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:40:44.0150 4828  WUDFRd - ok
11:40:44.0166 4828  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
11:40:44.0181 4828  wudfsvc - ok
11:40:44.0212 4828  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc        C:\Windows\System32\wwansvc.dll
11:40:44.0212 4828  WwanSvc - ok
11:40:44.0228 4828  ================ Scan global ===============================
11:40:44.0275 4828  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:40:44.0306 4828  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:40:44.0322 4828  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:40:44.0353 4828  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:40:44.0400 4828  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:40:44.0400 4828  [Global] - ok
11:40:44.0400 4828  ================ Scan MBR ==================================
11:40:44.0415 4828  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:40:44.0696 4828  \Device\Harddisk0\DR0 - ok
11:40:44.0696 4828  ================ Scan VBR ==================================
11:40:44.0712 4828  [ A1CED21C79CC3018B65E126A1E554F8C ] \Device\Harddisk0\DR0\Partition1
11:40:44.0712 4828  \Device\Harddisk0\DR0\Partition1 - ok
11:40:44.0727 4828  [ E2994EEE07253B815B84DE66CEDF8AC9 ] \Device\Harddisk0\DR0\Partition2
11:40:44.0743 4828  \Device\Harddisk0\DR0\Partition2 - ok
11:40:44.0758 4828  [ B5E291356670736E26BE5FE8B769E2D7 ] \Device\Harddisk0\DR0\Partition3
11:40:44.0758 4828  \Device\Harddisk0\DR0\Partition3 - ok
11:40:44.0774 4828  [ 6B18545A95599789DA173F088EB39A50 ] \Device\Harddisk0\DR0\Partition4
11:40:44.0790 4828  \Device\Harddisk0\DR0\Partition4 - ok
11:40:44.0805 4828  [ 213ECF172197D37F08806CA1EE86A795 ] \Device\Harddisk0\DR0\Partition5
11:40:44.0805 4828  \Device\Harddisk0\DR0\Partition5 - ok
11:40:44.0821 4828  [ 3DE815EFDC18CBF968B6F6AA716196D9 ] \Device\Harddisk0\DR0\Partition6
11:40:44.0821 4828  \Device\Harddisk0\DR0\Partition6 - ok
11:40:44.0836 4828  [ 1B49449C5C4F17C9F5971B2E7FACB24B ] \Device\Harddisk0\DR0\Partition7
11:40:44.0836 4828  \Device\Harddisk0\DR0\Partition7 - ok
11:40:44.0852 4828  [ ED4B58E19F467B4BE5870857DD64CCAB ] \Device\Harddisk0\DR0\Partition8
11:40:44.0852 4828  \Device\Harddisk0\DR0\Partition8 - ok
11:40:44.0852 4828  [ E3299617E7DCB89EA916A2D40EC9C045 ] \Device\Harddisk0\DR0\Partition9
11:40:44.0868 4828  \Device\Harddisk0\DR0\Partition9 - ok
11:40:44.0883 4828  [ 861DA4F0E6906FE0AB9720BEB94123C1 ] \Device\Harddisk0\DR0\Partition10
11:40:44.0883 4828  \Device\Harddisk0\DR0\Partition10 - ok
11:40:44.0899 4828  [ 64E2588E67E5491E7BBC4642886E6E57 ] \Device\Harddisk0\DR0\Partition11
11:40:44.0899 4828  \Device\Harddisk0\DR0\Partition11 - ok
11:40:44.0899 4828  ============================================================
11:40:44.0899 4828  Scan finished
11:40:44.0899 4828  ============================================================
11:40:44.0914 1352  Detected object count: 0
11:40:44.0914 1352  Actual detected object count: 0
11:40:58.0768 4136  Deinitialize success

schrauber 11.03.2014 12:21
Alles sauber. WIndows DVD da?

poldy-tec 11.03.2014 12:45
Jein. Für dieses System habe ich nur eine Update DVD von Vista auf Win7.
Aber ich habe von einem anderen System eine Win 7 DVD.

schrauber 12.03.2014 09:38
Wenn es die gleiche Version ist passt das:

"In Place Upgrade"


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:53 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131