PC friert ein, teilweise nur 10 Sekunden, manchmal komplett

cottec · 04.11.2013, 17:27

Code:

ATTFilter

Farbar Service Scanner Version: 24-10-2013
Ran by cottec (administrator) on 04-11-2013 at 17:27:25
Running from "D:\Downloads\Software\FRST"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-10-11 18:51] - [2013-09-14 02:10] - 0497152 ____A (Microsoft Corporation) 314C17917AC8523EC77A710215012A65

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-10-11 18:51] - [2013-09-08 03:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C51

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

beides immer noch deaktiviert

schrauber · 05.11.2013, 12:43

Deinstalliere bitte Avira, dann Defender testen.

cottec · 05.11.2013, 17:28

soo, jetzt geht der defender immer noch nicht, aber es wird keine meldung mehr angezeigt (nach Neuinstallation von antivir)

hier der defender dienst, wenn ich ihn manuell starte

Uploaded with ImageShack.us

schrauber · 06.11.2013, 11:49

Wer hat denn gesagt Du sollst Antivir nochmal installieren?

Deinstallieren, dann die Reg-Datei von Oben nochmal ausführen, dann Defender testen und frisches FSS log bitte.

cottec · 24.01.2014, 00:34

sorry für die späte rückmeldung, aber ich bin leider immer noch nicht durch mit dem thema.

der defender geht immer noch nicht

Code:

ATTFilter

Farbar Service Scanner Version: 24-10-2013
Ran by cottec (administrator) on 24-01-2014 at 00:31:18
Running from "D:\Downloads\Software\FRST"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-11-13 14:09] - [2013-09-28 02:09] - 0497152 ____A (Microsoft Corporation) 79059559E89D06E8B80CE2944BE20228

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-10-11 18:51] - [2013-09-08 03:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C51

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

dazu die meldung beim manuellen starten des defender dienstes
Dienst "Windows Defender" wurde auf Lokaler Computer gestartet und dann angehalten. Einige Dienste werden automatisch angehalten, wenn sie nicht von anderen Diensten oder Programmen verwendet werden.

schrauber · 24.01.2014, 14:41

Poste mal bitte noch ein frisches FRST log.

cottec · 24.01.2014, 16:25

gerne

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2014
Ran by cottec (administrator) on COTTEC-PC on 24-01-2014 16:24:22
Running from D:\Downloads\Software\FRST
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Microsoft Corporation) C:\ProgramData\SolidWorks Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe
(Andreas Sammann) C:\Program Files (x86)\C2DtoG15\SystoG15Svc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Transaction Software, D 81737 Munich) C:\Programme\BMWgroup\ETKLokal\transbase\tbmux32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Miranda Fusion Team) C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Andreas Sammann) C:\Program Files (x86)\C2DtoG15\C2DtoG15.exe
(Dropbox, Inc.) C:\Users\cottec\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(modified by Miranda Fusion Team) C:\Program Files (x86)\MirandaFusion\miranda32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ControlCenterCount] - C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [ControlCenterII] - \BootStartControlCenter.exe
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKCU\...\Run: [HP Officejet 6500 E710n-z (NET)] - C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [Miranda Fusion] - C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1122241 2012-06-12] (Miranda Fusion Team)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
MountPoints2: {48c57620-18be-11e3-927f-d43d7e2bf080} - G:\setup.exe
MountPoints2: {8d9c12a6-6494-11e3-b6e5-d43d7e2bf080} - G:\setup.exe
MountPoints2: {b75da7ac-4d26-11e2-bd17-d43d7e2bf080} - J:\shelexec.exe start.html
Startup: C:\Users\cottec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C2DtoG15.lnk
ShortcutTarget: C2DtoG15.lnk -> C:\Program Files (x86)\C2DtoG15\C2DtoG15.exe (Andreas Sammann)
Startup: C:\Users\cottec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cottec\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cottec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4B157DDCF427CE01
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.111.111.1

FireFox:
========
FF ProfilePath: C:\Users\cottec\AppData\Roaming\Mozilla\Firefox\Profiles\i18isqwg.default
FF user.js: detected! => C:\Users\cottec\AppData\Roaming\Mozilla\Firefox\Profiles\i18isqwg.default\user.js
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "http", "200.65.127.163"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: GFACE Experience Plugin - C:\Users\cottec\AppData\Roaming\Mozilla\Firefox\Profiles\i18isqwg.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: Adblock Plus - C:\Users\cottec\AppData\Roaming\Mozilla\Firefox\Profiles\i18isqwg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-23]
FF Extension: OkayFreedom - C:\Users\cottec\AppData\Roaming\Mozilla\Firefox\Profiles\i18isqwg.default\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2014-01-20]

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\cottec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-21]
CHR Extension: (Google Drive) - C:\Users\cottec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-21]
CHR Extension: (OkayFreedom) - C:\Users\cottec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd [2014-01-21]
CHR Extension: (YouTube) - C:\Users\cottec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-21]
CHR Extension: (Google-Suche) - C:\Users\cottec\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-21]
CHR Extension: (Google Wallet) - C:\Users\cottec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\cottec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-21]
CHR HKCU\...\Chrome\Extension: [bckipplcmnfhblnpibpbehenelnkpecd] - C:\Program Files (x86)\OkayFreedom\okayfreedom.crx [2013-12-05]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 BBDemon; C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [46592 2011-01-08] (Dassault Systemes)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-15] (Futuremark)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [146984 2012-07-24] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SolidWorks Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [192000 2012-12-29] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [317792 2013-12-10] (Steganos Software GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [235656 2013-09-20] (Mentor Graphics Corporation)
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SolidWorks Electrical\MSSQL11.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [612864 2012-12-29] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 SystoG15Svc; C:\Program Files (x86)\C2DtoG15\SystoG15Svc.exe [64000 2012-12-24] (Andreas Sammann)
R2 Transbase; C:\Programme\BMWgroup\ETKLokal\transbase\tbmux32.exe [385024 2004-08-05] (Transaction Software, D 81737 Munich)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2013-09-04] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-14] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [27456 2012-07-09] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [26328 2013-07-23] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-07-24] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
S3 NTIOLib_1_0_1; C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [14136 2009-10-05] (MSI)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7758v190\NTIOLib_X64.sys [11888 2011-01-06] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 WinRing0_1_2_0; C:\Program Files (x86)\C2DtoG15\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-01-24] ()
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B
C:\Windows\System32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys E428DFFA96FAD07D8CA3C9082563A225
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 6A0E850DDCB136AA3D2FB7234382DF12
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\epmntdrv.sys 6106653B08F4F72EEAA7F099E7C408A4
C:\Windows\SysWOW64\epmntdrv.sys F17F09BA097D8EC3CE2084FA97886B85
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\EuGdiDrv.sys 991C04A31777ED77CB92A4F96F14C2E2
C:\Windows\SysWOW64\EuGdiDrv.sys F1DE3EEF501DDA7DDF99F2EDF0C5540E
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStorA.sys 0FE66A51D81A25AACEAAE4C26308121D
C:\Windows\System32\drivers\iaStorF.sys A0EA86734FD36A1A047CA24EC6528CBA
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\ICCWDT.sys 55004F2386405B28471E09C2373ED0E0
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ikbevent.sys F2C300C2E56F016B485B88080CD7D2FE
C:\Windows\System32\DRIVERS\imsevent.sys C1A5061D6E5C328AE030C34B8AAC5C5C
C:\Windows\System32\drivers\RTKVHD64.sys E551BB77E7D436380139977124BDFF62
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys C7F1ED5179349ED83CDD999E1B02DD10
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ISCTD64.sys 5AB18D8055A4280C0F377A6262F3157E
C:\Windows\System32\DRIVERS\iusb3hcs.sys 75779002A6084C1A011E195E421A9C75
C:\Windows\System32\DRIVERS\iusb3hub.sys F390B641FE6115F536B8B78AA71B8814
C:\Windows\System32\DRIVERS\iusb3xhc.sys 653B86AA174FF7661D00EE1E524B234F
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\drivers\LGBusEnum.sys FA529FB35694C24BF98A9EF67C1CD9D0
C:\Windows\System32\DRIVERS\LGSHidFilt.Sys 94AF1384A67B9FCF5651E70BC9D4C526
C:\Windows\System32\drivers\LGVirHid.sys 94B29CE153765E768F004FB3440BE2B0
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\LUMDriver.sys 701223C663019B62029FAB1A2385EE81
C:\Windows\System32\drivers\MBfilt64.sys 8FF2D95CBA49B405C5DE27039FF0BF35
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TeeDriverx64.sys 18B9AD128EC84E8D16A83F70CF36594F
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys C3FEA895FE95EA7A57D9F4D7ABED5E71
C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys 23CF3DA010497EB2BF39A5C5A57E437C
C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys 1B32C54B95121AB1683C7B83B2DB4B96
C:\Program Files (x86)\Setup Files\Ms7758v190\NTIOLib_X64.sys C02F70960FA934B8DEFA16A03D7F6556
C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys 2DA209DDE8188076A9579BD256DC90D0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys 554964B900AE2954B8B589B6287034AC
C:\Windows\System32\DRIVERS\nvlddmkm.sys E71E299FF15390E585BACF2C18F55078
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\drivers\nvvad64v.sys 31B16657118E439B77B0A527F7EA66CB
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\revoflt.sys 9C3AC71A9934B884FAC567A8807E9C4D
C:\Windows\System32\DRIVERS\RsFx0201.sys 964E8376B0B3FE1354B19907E1A4A692
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 130DD683DCC902F47A4AC35201D07E2F
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\SysWow64\speedfan.sys 0FFE35F0B0CD5A324BBE22F02569AE3B
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys AAF6F247F1DC370C593B4430974EAD9C
C:\Windows\System32\DRIVERS\ssudobex.sys 9A8D59146B6FC187140179D0F05EB07E
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys 3C32FF010F869BC184DF71290477384E
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Program Files (x86)\C2DtoG15\WinRing0x64.sys 0C0195C48B6B8582FA6F6373032118DA
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\drivers\WmFilter.sys 14C35BA8189C6F65D839163AA285E954
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\WPRO_41_2001.sys 7CA09731EB7FC99B910C7F239E57720F
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-24 00:30 - 2014-01-24 00:30 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Avira
2014-01-24 00:29 - 2014-01-24 00:29 - 00002072 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-24 00:29 - 2013-12-18 09:32 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-24 00:29 - 2013-12-18 09:32 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-24 00:29 - 2013-12-18 09:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-24 00:28 - 2014-01-24 00:28 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-24 00:12 - 2014-01-24 00:24 - 130658432 _____ C:\Users\cottec\Desktop\avira_free_antivirus_de.exe
2014-01-20 23:38 - 2014-01-20 23:38 - 00001079 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2014-01-20 23:38 - 2014-01-20 23:38 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Steganos VPN
2014-01-20 23:37 - 2014-01-20 23:38 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Steganos
2014-01-20 23:37 - 2014-01-20 23:38 - 00000000 ____D C:\Program Files (x86)\OkayFreedom
2014-01-20 23:37 - 2014-01-20 23:37 - 15523640 _____ (Steganos Software GmbH) C:\Users\cottec\Desktop\okayfreedom.exe
2014-01-20 23:37 - 2014-01-20 23:37 - 02756408 _____ (Steganos Software GmbH) C:\Users\cottec\Desktop\okayfreedomintdle11.exe
2014-01-15 20:18 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:18 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:18 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:18 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:18 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:18 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:18 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:18 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:18 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 23:11 - 2014-01-14 23:11 - 00000000 ____D C:\Users\cottec\AppData\Local\3dmouse
2014-01-14 22:57 - 2014-01-14 22:57 - 00002441 _____ C:\Users\Public\Desktop\CATIA V5R21.lnk
2014-01-14 22:54 - 2014-01-14 22:54 - 00000000 ____D C:\Program Files\Dassault Systemes
2014-01-12 15:13 - 2014-01-12 15:12 - 00001775 _____ C:\Users\Public\Documents\klima.txt
2013-12-31 11:23 - 2014-01-12 15:12 - 00001775 _____ C:\Users\cottec\Desktop\klima.txt
2013-12-28 09:54 - 2013-12-28 11:07 - 00000000 ____D C:\Users\cottec\Desktop\Frei.Wild Still Grenzenlos Deluxe Edition
2013-12-27 12:22 - 2014-01-14 17:43 - 00009588 _____ C:\Users\cottec\Desktop\silvester.xlsx

==================== One Month Modified Files and Folders =======

2014-01-24 16:14 - 2013-10-24 18:14 - 00000292 _____ C:\Windows\Tasks\FoxTab.job
2014-01-24 16:13 - 2009-07-14 05:45 - 00018496 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-24 16:13 - 2009-07-14 05:45 - 00018496 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-24 16:12 - 2013-09-08 20:27 - 01361605 _____ C:\Windows\WindowsUpdate.log
2014-01-24 16:12 - 2011-04-12 08:43 - 00770770 _____ C:\Windows\system32\perfh007.dat
2014-01-24 16:12 - 2011-04-12 08:43 - 00179534 _____ C:\Windows\system32\perfc007.dat
2014-01-24 16:12 - 2009-07-14 06:13 - 01865344 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-24 16:10 - 2013-02-17 15:59 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-24 16:10 - 2013-02-17 15:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-24 16:08 - 2013-11-27 07:21 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-01-24 16:08 - 2013-09-08 20:27 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-24 16:08 - 2013-01-27 18:36 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Dropbox
2014-01-24 16:08 - 2012-12-24 00:51 - 00000000 ____D C:\Program Files (x86)\C2DtoG15
2014-01-24 16:08 - 2012-12-23 18:21 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-01-24 16:08 - 2010-11-21 04:47 - 00297538 _____ C:\Windows\PFRO.log
2014-01-24 16:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-24 16:08 - 2009-07-14 05:51 - 17985231 _____ C:\Windows\setupact.log
2014-01-24 00:30 - 2014-01-24 00:30 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Avira
2014-01-24 00:29 - 2014-01-24 00:29 - 00002072 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-24 00:29 - 2013-02-11 19:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-24 00:28 - 2014-01-24 00:28 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-24 00:28 - 2013-09-08 21:16 - 00000000 ____D C:\ProgramData\Avira
2014-01-24 00:24 - 2014-01-24 00:12 - 130658432 _____ C:\Users\cottec\Desktop\avira_free_antivirus_de.exe
2014-01-24 00:23 - 2013-11-27 18:50 - 00007599 _____ C:\Users\cottec\AppData\Local\Resmon.ResmonCfg
2014-01-24 00:08 - 2013-11-04 17:22 - 00007586 _____ C:\Users\cottec\Desktop\WinDefend.reg
2014-01-23 18:14 - 2013-12-18 20:14 - 00000106 _____ C:\Users\cottec\AppData\Roaming\WB.CFG
2014-01-21 19:26 - 2012-12-28 11:50 - 00000000 ____D C:\Users\cottec\AppData\Roaming\vlc
2014-01-21 19:23 - 2012-12-23 13:32 - 00000000 ____D C:\Users\cottec\AppData\Local\Microsoft Help
2014-01-20 23:38 - 2014-01-20 23:38 - 00001079 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2014-01-20 23:38 - 2014-01-20 23:38 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Steganos VPN
2014-01-20 23:38 - 2014-01-20 23:37 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Steganos
2014-01-20 23:38 - 2014-01-20 23:37 - 00000000 ____D C:\Program Files (x86)\OkayFreedom
2014-01-20 23:37 - 2014-01-20 23:37 - 15523640 _____ (Steganos Software GmbH) C:\Users\cottec\Desktop\okayfreedom.exe
2014-01-20 23:37 - 2014-01-20 23:37 - 02756408 _____ (Steganos Software GmbH) C:\Users\cottec\Desktop\okayfreedomintdle11.exe
2014-01-18 08:33 - 2013-01-27 18:36 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 08:33 - 2012-12-20 21:02 - 00000000 ___RD C:\Users\cottec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 17:25 - 2013-02-11 19:12 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-16 17:25 - 2012-12-21 17:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-16 17:25 - 2012-12-21 17:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-16 17:25 - 2012-12-21 16:49 - 00000000 ____D C:\Users\cottec\AppData\Local\Adobe
2014-01-16 17:21 - 2009-07-14 05:45 - 00464640 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 23:07 - 2013-07-31 21:15 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 23:07 - 2012-12-23 13:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 23:05 - 2013-09-09 18:13 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 23:11 - 2014-01-14 23:11 - 00000000 ____D C:\Users\cottec\AppData\Local\3dmouse
2014-01-14 23:11 - 2013-10-26 12:05 - 00000000 ____D C:\Users\cottec\AppData\Local\DassaultSystemes
2014-01-14 23:02 - 2013-09-08 20:40 - 00126824 _____ C:\Users\cottec\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-14 22:57 - 2014-01-14 22:57 - 00002441 _____ C:\Users\Public\Desktop\CATIA V5R21.lnk
2014-01-14 22:57 - 2009-07-14 03:34 - 00017708 _____ C:\Windows\system32\Drivers\etc\services
2014-01-14 22:54 - 2014-01-14 22:54 - 00000000 ____D C:\Program Files\Dassault Systemes
2014-01-14 22:54 - 2013-10-26 12:05 - 00000000 ____D C:\ProgramData\DassaultSystemes
2014-01-14 22:54 - 2012-12-23 13:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-14 22:51 - 2013-10-26 12:05 - 00000000 ____D C:\Users\cottec\AppData\Roaming\DassaultSystemes
2014-01-14 22:49 - 2013-10-26 12:34 - 00000000 ____D C:\Users\cottec\AppData\Local\JDownloader v2.0
2014-01-14 17:43 - 2013-12-27 12:22 - 00009588 _____ C:\Users\cottec\Desktop\silvester.xlsx
2014-01-12 15:12 - 2014-01-12 15:13 - 00001775 _____ C:\Users\Public\Documents\klima.txt
2014-01-12 15:12 - 2013-12-31 11:23 - 00001775 _____ C:\Users\cottec\Desktop\klima.txt
2014-01-08 19:32 - 2013-09-15 16:17 - 00000000 ____D C:\Users\cottec\AppData\Roaming\Azureus
2014-01-08 17:16 - 2013-09-15 16:17 - 00000000 ____D C:\Program Files (x86)\Vuze
2014-01-08 17:15 - 2013-09-15 16:16 - 00000000 _____ C:\END
2013-12-28 11:07 - 2013-12-28 09:54 - 00000000 ____D C:\Users\cottec\Desktop\Frei.Wild Still Grenzenlos Deluxe Edition

Some content of TEMP:
====================
C:\Users\cottec\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {current}
resumeobject            {9b38fee3-4adf-11e2-a713-f87b13426a8a}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 10

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {cbd971bf-b7b8-4885-951a-fa03044f5d71}
recoveryenabled         No
osdevice                partition=C:
systemroot              \Windows
resumeobject            {9b38fee3-4adf-11e2-a713-f87b13426a8a}
nx                      OptIn

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {9b38fee3-4adf-11e2-a713-f87b13426a8a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}



LastRegBack: 2014-01-19 01:55

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2014
Ran by cottec at 2014-01-24 16:24:41
Running from D:\Downloads\Software\FRST
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

==================== Installed Programs ======================

3DMark 11 (x32 Version: 1.0.5 - Futuremark Corporation)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI - Deutsch (x32 Version: 11.0.00 - Adobe Systems Incorporated)
ArtMoney SE v7.39.2 (x32 Version: 7.39 - System SoftLab)
Auto Gordian Knot 2.55 (x32 Version: 2.55 - len0x)
AutoIt v3.3.8.1 (x32 Version:  - AutoIt Team)
Avira Free Antivirus (x32 Version: 14.0.2.344 - Avira)
AviSynth 2.5 (x32 Version:  - )
AVM FRITZ!fax für FRITZ!Box (x32 Version:  - AVM Berlin)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
BMW EBA (x32 Version: 2.1.0 - BMW)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Burnout(TM) Paradise The Ultimate Box (x32 Version: 1.1.0.0 - Electronic Arts)
C2DtoG15 2.0.2.1 (x32 Version:  - )
calibre (x32 Version: 1.5.0 - Kovid Goyal)
CCleaner (Version: 4.03 - Piriform)
CLICKBIOSII (x32 Version: 1.0.119 - MSI)
ControlCenter (x32 Version: 2.5.060 - MSI)
CrystalDiskInfo 5.2.0 (x32 Version: 5.2.0 - Crystal Dew World)
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Dassault Systemes Software B21 (Version:  - )
Dassault Systemes Software Prerequisites x86-x64 (Version: 8.1.3 - Dassault Systemes)
DH Driver Cleaner Professional Edition (x32 Version: Version 1.5 - Ruud Ketelaars)
DivX-Setup (x32 Version: 2.6.1.84 - DivX, LLC)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
EaseUS Partition Master 9.2.2 (x32 Version:  - EaseUS)
EBA (x32 Version: 2.1.0 - BMW) Hidden
ElsterFormular (x32 Version: 14.3.20130522 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (x32 Version:  - )
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
ETK (Lokal) (x32 Version: 2.00.064 - BMW AG)
Far Cry 3 (x32 Version: 1.02 - Ubisoft)
Foxtab (x32 Version:  - FoxTab) <==== ATTENTION
Futuremark SystemInfo (x32 Version: 4.22.211 - Futuremark)
GDR 3128 für SQL Server 2012 (KB2793634) (64-bit) (Version: 11.1.3128.0 - Microsoft Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel Extreme Tuning Utility (x32 Version: 4.2.0.8 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 4.2.0.8 - Intel Corporation) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.5.10.1658 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (Version: 3.0.30.1526 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.8.251 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (x32 Version:  - Intel Corporation)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (Version: 2.0 - AppWork GmbH)
LEGO MARVEL Super Heroes (x32 Version:  - Warner Bros. Games)
Live Update 5 (x32 Version: 5.0.109 - MSI)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 5.10 (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.50 (Version: 8.50.281 - Logitech Inc.)
ManiaPlanet (x32 Version:  - Nadeo)
Medal of Honor (TM) (x32 Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (x32 Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (Version:  - ) Hidden
Microsoft SQL Server 2012 (64-bit) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2012 (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Miranda Fusion 3.2.6.0 (x32 Version: 3.2.6.0 - Miranda Fusion Team)
Mobipocket Creator 4.2 (x32 Version: 4.2.41 - Mobipocket.com)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 25.0 - Mozilla)
Mp3tag v2.54 (x32 Version: v2.54 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (x32 Version: 1.1 - MusicBrainz)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
Nasty File Remover v0.72 (remove only) (x32 Version:  - )
NVIDIA 3D Vision Controller-Treiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7 (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9 - NVIDIA Corporation)
OkayFreedom (x32 Version: 1.2 - Steganos Software GmbH)
Origin (x32 Version: 9.1.3.2637 - Electronic Arts, Inc.)
PDF24 Creator 5.4.0 (x32 Version:  - PDF24.org)
Populous (x32 Version: 1.0.0.0 - Electronic Arts)
Project CARS (x32 Version: 0510 - WMD)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
QuickPar 0.9 (x32 Version: 0.9 - Peter B. Clements)
Rainmeter (x32 Version: 2.5 beta r1720 - )
Realtek Ethernet Controller Driver (x32 Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.7 (Version: 3.0.7 - VS Revo Group, Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (x32 Version: 4.2.1 - Samsung Electronics)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 für SQL Server 2012 (KB2674319) (64-bit) (Version: 11.1.3000.0 - Microsoft Corporation)
Service Pack 2 für SQL Server 2008 (KB 2285068) (64-bit) (Version: 10.2.4000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
SolidWorks 2014 x64 Edition SP0 (Version: 22.100.5018 - SolidWorks) Hidden
SolidWorks 2014 x64 Edition SP0 (x32 Version: 22.0.0.5018 - SolidWorks Corporation)
SolidWorks 2014 x64 German Resources (Version: 22.100.5018 - SolidWorks Corporation) Hidden
SolidWorks Composer 2014 SP0 x64 Edition (Version: 22.00.5018 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP0 (Version: 14.0.5006 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden
SolidWorks Flow Simulation 2014 SP0 x64 Edition  (Version: 22.00.5019 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden
Source SDK Base 2007 (x32 Version:  - Valve)
SpeedFan (remove only) (x32 Version:  - )
Splinter Cell: Blacklist (x32 Version: 1.01 - Ubisoft)
SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super-Charger (x32 Version: 1.2.018 - MSI)
System Requirements Lab for Intel (x32 Version: 4.5.11.0 - Husdawg, LLC)
Team Fortress 2 (x32 Version:  - Valve)
TeamSpeak 3 Client (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamViewer 8 (x32 Version: 8.0.19045 - TeamViewer)
TomTom HOME (x32 Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
TreeSize Free V2.7 (x32 Version: 2.7 - JAM Software)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Uplay (x32 Version: 3.0 - Ubisoft)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Basic for Applications (R) Core - English (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.5.10.53 - Microsoft Corporation) Hidden
VLC media player 2.0.5 (Version: 2.0.5 - VideoLAN)
VobSub v2.23 (Remove Only) (x32 Version:  - )
VR-NetWorld (x32 Version:  - )
Vuze (x32 Version: 5.2.0.0 - Azureus Software, Inc.)
Winamp (x32 Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows XP Mode (Version: 1.3.7600.16422 - Microsoft Corporation)
WinHTTrack Website Copier 3.47-6 (x64) (Version: 3.47.6 - HTTrack)
Winki (x32 Version: 3.2.125 - MSI)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.1.6 (x32 Version: 5.1.6 - Martin Prikryl)
XviD MPEG4 Video Codec (remove only) (x32 Version:  - )

==================== Restore Points  =========================

15-01-2014 22:05:46 Windows Update
19-01-2014 19:12:09 Windows-Sicherung
20-01-2014 22:38:02 Gerätetreiber-Paketinstallation: TAP-Windows Provider V9 Netzwerkadapter

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-08-09 17:31 - 00449440 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {050C409A-505D-4558-ABBB-A3FCE95FB2AD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {21C26F42-B34D-4702-88EB-9CA6B615CF3F} - System32\Tasks\ScanToPCActivationApp.exe_{AD063CB6-193B-4D04-BB14-1AF681BF23C6} => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {34A40C97-DA4E-4B69-AD0F-74713550220E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-17] (Google Inc.)
Task: {D100799E-94C9-4227-A90E-7143AA573FC5} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E55A84BF-00A1-464C-8541-913DFA654467} - System32\Tasks\FoxTab => C:\Users\cottec\AppData\Roaming\FoxTab\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {E73298AB-85F4-40AD-A720-77D23CD57192} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-17] (Google Inc.)
Task: {EE6E17AB-533D-4D77-B1A2-B351BB4E2240} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\cottec\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-21 08:30 - 2013-09-21 08:30 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2012-12-16 16:42 - 2012-12-16 16:42 - 00761528 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2012-12-16 16:41 - 2012-12-16 16:41 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2014-01-24 00:29 - 2013-12-18 09:32 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-24 16:08 - 2014-01-24 16:08 - 00011264 _____ () C:\Users\cottec\AppData\Local\Temp\nsf5A02.tmp\System.dll
2012-12-24 00:51 - 2010-06-11 21:14 - 00004608 _____ () C:\Program Files (x86)\C2DtoG15\LgLcdLibWrapper.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\cottec\AppData\Roaming\Dropbox\bin\libcef.dll
2013-08-05 04:41 - 2013-08-05 04:41 - 00057432 _____ () C:\Program Files (x86)\MirandaFusion\zlib.dll
2008-05-03 08:59 - 2008-05-03 08:59 - 00094208 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\svc_dbepp.dll
2009-08-04 08:46 - 2009-08-04 08:46 - 00162304 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\actman.dll
2013-08-05 04:40 - 2013-08-05 04:40 - 00203869 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\aim.dll
2009-05-08 22:42 - 2009-05-08 22:42 - 00067072 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\authstate.dll
2010-02-10 19:42 - 2010-02-10 19:42 - 00117760 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\extraicons.dll
2013-03-15 09:27 - 2013-03-15 09:27 - 00322048 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\facebook.dll
2010-09-28 16:59 - 2010-09-28 16:59 - 00498688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\fingerprint.dll
2012-05-24 19:20 - 2012-05-24 19:20 - 00110592 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\folders.dll
2013-08-05 04:41 - 2013-08-05 04:41 - 00339550 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\icq.dll
2013-08-05 04:40 - 2013-08-05 04:40 - 00379993 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\irc.dll
2011-02-09 22:56 - 2011-02-09 22:56 - 00082021 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\keepstatus.dll
2010-08-26 17:27 - 2010-08-26 17:27 - 00062976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\menuex.dll
2012-07-18 19:39 - 2012-07-18 19:39 - 00106496 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\metacontacts.dll
2013-01-19 22:14 - 2007-10-05 19:29 - 00323584 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\mirandag15.dll
2011-07-17 18:07 - 2011-07-17 18:07 - 00671232 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\mirotr.dll
2010-04-08 19:33 - 2010-04-08 19:33 - 00240128 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\sendss.dll
2011-09-13 14:59 - 2011-09-13 14:59 - 00094315 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\startupstatus.dll
2012-11-05 21:48 - 2012-11-05 21:48 - 00372736 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\twitter.dll
2010-10-10 10:12 - 2010-10-10 10:12 - 00374272 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\uinfoexw.dll
2009-10-09 08:04 - 2009-10-09 08:04 - 00036864 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\useactions.dll
2011-09-13 14:59 - 2011-09-13 14:59 - 00114688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\variables.dll
2013-09-08 21:47 - 2013-09-08 21:47 - 00017408 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\e54fd507aa171a3a0a7d0cc47266a7ff\PSIClient.ni.dll
2012-12-23 18:25 - 2012-06-25 10:41 - 01198912 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-20 16:31 - 2013-12-20 16:31 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-16 17:25 - 2014-01-16 17:25 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/24/2014 04:08:39 PM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/24/2014 00:26:01 AM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/23/2014 05:25:21 PM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/22/2014 08:22:55 PM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/22/2014 07:20:56 AM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/21/2014 05:12:03 PM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/20/2014 11:30:20 PM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/19/2014 11:03:29 AM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/18/2014 08:32:11 AM) (Source: ISCTAgent) (User: )
Description: netDetect::AOACNetDetect::Initialize   Net Detect:  Error Loading PROSet Library Error=0x2\n

Error: (01/18/2014 08:32:00 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]


System errors:
=============
Error: (01/24/2014 04:09:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%2

Error: (01/24/2014 04:08:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (01/24/2014 04:08:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (01/24/2014 04:08:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (01/24/2014 04:08:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (01/24/2014 04:08:51 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (01/24/2014 04:08:51 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (01/24/2014 04:08:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (01/24/2014 04:08:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (01/24/2014 04:08:40 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801


Microsoft Office Sessions:
=========================
Error: (07/28/2013 10:02:35 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 45 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/18/2013 05:37:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/06/2013 00:07:38 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 52 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/21/2013 05:03:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/11/2013 00:13:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/11/2013 09:46:31 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/11/2013 09:20:26 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 49 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-12-20 22:14:12.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:14:10.454
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:14:10.454
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:10:43.050
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:10:43.050
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:10:28.753
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:10:26.612
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:10:26.612
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:05:29.179
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-20 22:05:29.179
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8142.93 MB
Available physical RAM: 5471.67 MB
Total Pagefile: 16284.05 MB
Available Pagefile: 13213.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:78.13 GB) (Free:8.57 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:44.24 GB) NTFS
Drive e: (Software) (Fixed) (Total:160.24 GB) (Free:26.41 GB) NTFS
Drive g: (LEGO MARVEL Super Heroes) (CDROM) (Total:6.17 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 5C539950)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=160 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 76AF80D4)
Partition 1: (Not Active) - (Size=932 GB) - (Type=42)

==================== End Of Log ============================

schrauber · 25.01.2014, 12:45

Windows DVD zur Hand?

cottec · 26.01.2014, 02:44

jap

schrauber · 26.01.2014, 08:30

"In Place Upgrade"

Bitte mal ein Inplace Upgrade machen.

cottec · 26.01.2014, 10:47

hm, das hab ich doch erst gemacht und danach war doch der defender erst hinüber

schrauber · 27.01.2014, 08:03

Ich les nit immer nochmal alle 60 Posts in einem Thread, sorry. Ist aber sehr merkwürdig.

Downloade dir bitte

Farbar Service Scanner

Starte das Tool mit Doppelklick auf die FSS.exe
Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

cottec · 27.01.2014, 08:32

sorry, verlangt auch niemand

frisches fss log ist in post #50

schrauber · 27.01.2014, 16:25

Windows Taste+R, schreibe cmd und drücke Enter. Schreibe nun

sc config WinDefend start =auto
sc start WinDefend

Nach jeder Zeile Enter drücken. geht er jetzt?

cottec · 27.01.2014, 17:11

Code:

ATTFilter

C:\Users\cottec>sc config WinDefend start =auto
BESCHREIBUNG:
        Ändert einen Diensteintrag in der Registrierung und der Dienstdatenbank
SYNTAX:
        sc <Server> config [Dienstname] <Option1> <Option2>...

OPTIONEN:
HINWEIS: Der Optionsname enthält das Gleichheitszeichen.
         Zwischen dem Gleichheitszeichen und dem Wert muss ein Leerzeichen
         eingefügt werden.
 type= <own|share|interact|kernel|filesys|rec|adapt>
 start= <boot|system|auto|demand|disabled|delayed-auto>
 error= <normal|severe|critical|ignore>
 binPath= <Binärpfadname>
 group= <LoadOrderGroup>
 tag= <yes|no>
 depend= <Abhängigkeiten(getrennt durch / (Schrägstrich))>
 obj= <AccountName|ObjectName>
 DisplayName= <Anzeigename>
 password= <Kennwort>

Code:

ATTFilter

C:\Users\cottec>sc start WinDefend

SERVICE_NAME: WinDefend
        TYPE               : 20  WIN32_SHARE_PROCESS
        STATE              : 2  START_PENDING
                                (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x7d0
        PID                : 1632
        FLAGS              :

05.11.2013, 12:43	#47
schrauber /// the machine /// TB-Ausbilder	PC friert ein, teilweise nur 10 Sekunden, manchmal komplett Deinstalliere bitte Avira, dann Defender testen. __________________ __________________

24.01.2014, 14:41	#51
schrauber /// the machine /// TB-Ausbilder	PC friert ein, teilweise nur 10 Sekunden, manchmal komplett Poste mal bitte noch ein frisches FRST log. __________________ --> PC friert ein, teilweise nur 10 Sekunden, manchmal komplett

25.01.2014, 12:45	#53
schrauber /// the machine /// TB-Ausbilder	PC friert ein, teilweise nur 10 Sekunden, manchmal komplett Windows DVD zur Hand? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

26.01.2014, 08:30	#55
schrauber /// the machine /// TB-Ausbilder	PC friert ein, teilweise nur 10 Sekunden, manchmal komplett "In Place Upgrade" Bitte mal ein Inplace Upgrade machen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

PC friert ein, teilweise nur 10 Sekunden, manchmal komplett

Plagegeister aller Art und deren Bekämpfung: PC friert ein, teilweise nur 10 Sekunden, manchmal komplett