| |
| |||||||
Log-Analyse und Auswertung: Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYSWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.01.2015, 19:54
| #1 |
 |  Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Erstmal guten Abend und frohes neues Jahr. Habe meinen PC Anfang Dezember mit Recovery auf Werkseinstellungen zurückgestellt wegen diverser Performance-Probleme. Angaben zum System: Betriebssystem ist Win7 Home Premium 64 Bit Service Pack 1 Vireprogramm war (dazu später mehr) Avast Free Version (auf aktuell 2015.10.0.2208) Ansonsten sind nur die von Win/Microsoft standartmäßigen Sicherheitsprogramme drauf. Habe den PC in der Nacht vom 27ten auf den 28ten ordnungsgemäß und ohne Probleme runtergefahren. Am 27ten war booten nicht mehr möglich nach dem "Windows starten"-Screen blieb es schwarz (der Anmeldesound kam noch) und nach dem bewegen der Maus hat man noch den Cursor gesehen aber das wars dann auch. Abgesicherter Modus - > blieb ca 5 Minuten bei driver aswrvrt.sys hängen dann direkter Neustart in den Blackscreen Alle USB-Geräte ausser Maus/Tastatur abgeschlossen neu gestartet und in den Abgesicherten Modus gekommen Konsistenzprüfung, dann versucht ne Systemwiederherstellung auf den 26ten zu machen -> Meldung Boot C: enthält Fehler -> Dateisystem auf Boot C: beschädigt -> Datenträger C auf Fehler überprüft, wieder in den abgesicherten Modus und die Systemwiederherstellung angeworfen um nach erfolgreichem zurücksetzen (vielleicht terminlich nicht weit genug?) wieder einen Blackscreen zu bekommen. Im Avast-Forum zu dem die aswrvrt.sys gehören soll nach Hilfe gefragt dort eine Clean-Deinstall-Exe bekommen und Avast deinstalliert. Der normale Bootvorgang klappt immer noch nicht und beim abgesicherten Modus geht das ganze jetzt bis CLASSPNP.SYS wo es ein paar Minuten bleibt bis es wieder in den normalen Bootvorgang übergeht der wieder im Blackscreen endet. Beim nächsten Bootvorgang im abgesicherten Modus komischerweiße wieder zum einloggen gekommen. Hab dann nachgeprüft und der "Program Files" Eintrag von Avast ist gelöscht und unter "ProgramData" gibt es unter "Persistant Data" noch einen Clear-Log. Wollte noch mal in die Recovery schauen aber hab beim Versuch anscheinend nicht den genauen Zeitpunkt erwischt und der Com fuhr hoch und siehe da, alles klappte, konnte mich anmelden, alles funktionierte. Neues Anti-Viren Programm von nem sauberen System runtergeladen (Avira) , geupdatet und kompletten Suchgang durchlaufen lassen (Keine Befunde - finde aber grade den Report nicht). Beim nächsten Neustart hatte ich allerdings wieder den Blackscreen. Bin einfach nur noch ratlos, Abgesicherter Modus hängt auch wieder bei CLASSPNP.SYS In den Abgesicherten Modus mit Netzwerk komme ich übrigens nicht rein falls das relevant ist. Hier jetzt die logs: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:16 on 01/01/2015 (Matze)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2015
Ran by Matze (administrator) on SUNSTRIKERS-PC on 01-01-2015 19:17:36
Running from C:\Users\Matze\Desktop
Loaded Profile: Matze (Available profiles: Matze & Matze_2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Matze\Desktop\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-10] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-245380145-1818160504-329303441-1000\...\MountPoints2: {0fb27d8d-7028-11e4-bdf2-806e6f6e6963} - F:\Setup\rsrc\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-245380145-1818160504-329303441-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.medion.com
HKU\S-1-5-21-245380145-1818160504-329303441-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.medion.com
HKU\S-1-5-21-245380145-1818160504-329303441-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com
HKU\S-1-5-21-245380145-1818160504-329303441-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKU\S-1-5-21-245380145-1818160504-329303441-1000 -> DefaultScope {20DBA794-258F-47E5-8F47-6FBC497B7B57} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-245380145-1818160504-329303441-1000 -> {20DBA794-258F-47E5-8F47-6FBC497B7B57} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\3aadn4mx.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\3aadn4mx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-19]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-11-18] (Valve Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-01 19:17 - 2015-01-01 19:18 - 00009068 _____ () C:\Users\Matze\Desktop\FRST.txt
2015-01-01 19:17 - 2015-01-01 19:17 - 00000000 ____D () C:\FRST
2015-01-01 19:16 - 2015-01-01 19:16 - 00000472 _____ () C:\Users\Matze\Desktop\defogger_disable.log
2015-01-01 19:16 - 2015-01-01 19:16 - 00000000 _____ () C:\Users\Matze\defogger_reenable
2015-01-01 19:12 - 2015-01-01 19:12 - 02123264 _____ (Farbar) C:\Users\Matze\Desktop\FRST64.exe
2015-01-01 19:12 - 2015-01-01 19:12 - 00380416 _____ () C:\Users\Matze\Desktop\Gmer-19357.exe
2015-01-01 19:11 - 2015-01-01 19:12 - 00050477 _____ () C:\Users\Matze\Desktop\Defogger.exe
2015-01-01 18:14 - 2015-01-01 18:14 - 00000000 ____D () C:\Users\Matze\Documents\Sports Interactive
2015-01-01 18:14 - 2015-01-01 18:14 - 00000000 ____D () C:\Users\Matze\AppData\Local\Sports Interactive
2015-01-01 16:23 - 2015-01-01 16:23 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-01 16:23 - 2015-01-01 16:22 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-01-01 16:16 - 2015-01-01 16:16 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\Avira
2015-01-01 16:15 - 2015-01-01 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-01 16:15 - 2015-01-01 16:15 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-01-01 16:14 - 2015-01-01 16:23 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-01 16:14 - 2015-01-01 16:17 - 00000000 ____D () C:\ProgramData\Avira
2015-01-01 16:14 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-01-01 16:14 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-01-01 16:14 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-01-01 13:54 - 2015-01-01 13:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-01 13:47 - 2015-01-01 13:47 - 00000000 __SHD () C:\found.001
2015-01-01 13:36 - 2014-12-30 15:42 - 154051656 _____ () C:\Users\Matze\Desktop\avira_free_antivirus468_de.exe
2015-01-01 13:36 - 2014-12-30 10:37 - 05040384 _____ (AVAST Software) C:\Users\Matze\Desktop\avastclear.exe
2014-12-28 20:57 - 2014-12-28 20:57 - 00000000 __SHD () C:\found.000
2014-12-28 17:30 - 2014-12-28 17:30 - 00020112 ____N () C:\bootsqm.dat
2014-12-26 09:33 - 2014-12-26 09:33 - 00000197 _____ () C:\Windows\system32\2014-12-26-08-33-14.032-AvastVBoxSVC.exe-2704.log
2014-12-26 01:49 - 2014-12-26 02:03 - 174021065 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.02_changes.rar
2014-12-26 01:21 - 2014-12-26 01:31 - 121677162 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.01_changes.rar
2014-12-26 01:00 - 2014-12-26 01:03 - 42330856 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part16.rar
2014-12-26 00:18 - 2014-12-26 00:58 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part15.rar
2014-12-25 23:23 - 2014-12-26 00:03 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part14.rar
2014-12-25 22:31 - 2014-12-25 23:11 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part13.rar
2014-12-25 21:35 - 2014-12-25 22:15 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part12.rar
2014-12-25 20:37 - 2014-12-25 21:18 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part11.rar
2014-12-25 19:46 - 2014-12-25 20:26 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part10.rar
2014-12-25 18:58 - 2014-12-25 19:38 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part09.rar
2014-12-25 17:54 - 2014-12-25 18:35 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part08.rar
2014-12-25 16:59 - 2014-12-25 17:39 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part07.rar
2014-12-25 14:22 - 2014-12-25 15:02 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part06.rar
2014-12-25 14:21 - 2014-12-25 14:22 - 01759473 _____ () C:\Users\Matze_2\Downloads\Bundesliga 2.rar
2014-12-25 13:53 - 2014-12-25 13:54 - 02278406 _____ () C:\Users\Matze_2\Downloads\Premier League Standard14-15.rar
2014-12-25 13:47 - 2014-12-25 13:47 - 03572373 _____ () C:\Users\Matze_2\Downloads\Europe Nations Standard14-15.rar
2014-12-25 13:47 - 2014-12-25 13:47 - 00000000 ____D () C:\Users\Matze_2\Desktop\14-15 Bundesliga
2014-12-25 13:40 - 2014-12-25 14:20 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part05.rar
2014-12-25 12:34 - 2014-12-25 13:14 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part04.rar
2014-12-25 12:31 - 2014-12-25 12:32 - 00000197 _____ () C:\Windows\system32\2014-12-25-11-31-47.079-AvastVBoxSVC.exe-3428.log
2014-12-25 03:32 - 2014-12-25 04:12 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part03.rar
2014-12-25 02:00 - 2014-12-25 02:40 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part02.rar
2014-12-25 00:51 - 2014-12-25 01:31 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part01.rar
2014-12-24 23:15 - 2014-12-25 00:46 - 00000000 ____D () C:\Users\Matze_2\Desktop\PMSC Portrait Facepack 3.00
2014-12-24 22:23 - 2014-12-26 21:23 - 00000000 ____D () C:\Users\Matze_2\Desktop\BU FM15
2014-12-24 21:20 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-24 21:18 - 2014-12-24 21:32 - 00000000 ____D () C:\Users\Matze_2\Documents\Sports Interactive
2014-12-24 21:18 - 2014-12-24 21:18 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive
2014-12-24 21:18 - 2014-12-24 21:18 - 00000000 ____D () C:\Users\Matze_2\AppData\Local\Sports Interactive
2014-12-24 21:11 - 2014-12-24 21:11 - 00000202 _____ () C:\Users\Matze_2\Desktop\Football Manager 2015.url
2014-12-24 21:11 - 2014-12-24 21:11 - 00000000 ____D () C:\Users\Matze_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-24 20:48 - 2014-12-24 20:48 - 00000516 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-24 20:48 - 2014-12-24 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-24 13:33 - 2014-12-24 14:08 - 422168961 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part08.rar
2014-12-24 12:47 - 2014-12-24 13:29 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part07.rar
2014-12-24 12:47 - 2014-12-24 12:47 - 01233040 _____ () C:\Users\Matze_2\Downloads\MEGAPACK 71 Updates by claassen.rar
2014-12-24 12:03 - 2014-12-24 12:03 - 06765610 _____ () C:\Users\Matze_2\Downloads\14-15 Bundesliga.rar
2014-12-24 11:58 - 2014-12-24 12:40 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part06.rar
2014-12-24 11:52 - 2014-12-24 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-12-24 09:57 - 2014-12-24 09:58 - 00752435 _____ () C:\Users\Matze_2\Downloads\FM15 Real Names Fix Files from sortitoutsi.net v1.1.rar
2014-12-24 09:54 - 2014-12-24 10:36 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part05.rar
2014-12-24 09:53 - 2014-12-24 12:39 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part04.rar
2014-12-24 09:47 - 2014-12-24 09:48 - 00000197 _____ () C:\Windows\system32\2014-12-24-08-47-48.016-AvastVBoxSVC.exe-3944.log
2014-12-24 00:10 - 2014-12-24 00:10 - 00388112 _____ () C:\Users\Matze_2\Downloads\fake.lnc-FM15_2.1.zip
2014-12-23 21:57 - 2014-12-23 22:16 - 145300350 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Update 3.03.rar
2014-12-23 21:57 - 2014-12-23 22:02 - 102081868 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Update 3.04.rar
2014-12-23 21:45 - 2014-12-23 21:53 - 153943630 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Update 3.02.rar
2014-12-23 21:34 - 2014-12-24 00:21 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part03.rar
2014-12-23 21:27 - 2014-12-23 21:41 - 301033963 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Update 3.01.rar
2014-12-23 18:29 - 2014-12-23 21:15 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part02.rar
2014-12-23 18:28 - 2014-12-23 21:54 - 99816662 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Facepack 3.00.part2.rar
2014-12-23 15:04 - 2014-12-23 17:29 - 3127771136 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Facepack 3.00.part1.rar
2014-12-23 15:02 - 2014-12-23 17:49 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part01.rar
2014-12-23 14:22 - 2014-12-23 14:23 - 00000197 _____ () C:\Windows\system32\2014-12-23-13-22-55.023-AvastVBoxSVC.exe-3912.log
2014-12-22 09:10 - 2014-12-22 09:10 - 00000197 _____ () C:\Windows\system32\2014-12-22-08-10-27.042-AvastVBoxSVC.exe-2680.log
2014-12-21 14:45 - 2014-12-21 14:46 - 00000197 _____ () C:\Windows\system32\2014-12-21-13-45-47.052-AvastVBoxSVC.exe-3556.log
2014-12-20 23:50 - 2014-12-20 23:51 - 00000197 _____ () C:\Windows\system32\2014-12-20-22-50-43.042-AvastVBoxSVC.exe-3028.log
2014-12-20 13:28 - 2014-12-20 13:29 - 00000197 _____ () C:\Windows\system32\2014-12-20-12-28-42.036-AvastVBoxSVC.exe-2776.log
2014-12-20 02:03 - 2014-12-20 02:03 - 00000197 _____ () C:\Windows\system32\2014-12-20-01-03-07.064-AvastVBoxSVC.exe-2968.log
2014-12-19 11:05 - 2014-12-19 11:06 - 00000197 _____ () C:\Windows\system32\2014-12-19-10-05-22.048-AvastVBoxSVC.exe-2740.log
2014-12-18 10:57 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 10:57 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 10:52 - 2014-12-18 10:52 - 00000197 _____ () C:\Windows\system32\2014-12-18-09-52-26.038-AvastVBoxSVC.exe-2308.log
2014-12-17 10:21 - 2014-12-17 10:21 - 00000197 _____ () C:\Windows\system32\2014-12-17-09-21-13.081-AvastVBoxSVC.exe-2284.log
2014-12-17 02:00 - 2014-12-17 02:00 - 00000247 _____ () C:\Windows\system32\2014-12-17-01-00-45.055-aswFe.exe-5568.log
2014-12-17 01:56 - 2014-12-17 02:00 - 00000247 _____ () C:\Windows\system32\2014-12-17-00-56-10.082-aswFe.exe-10076.log
2014-12-17 01:56 - 2014-12-17 01:56 - 00000197 _____ () C:\Windows\system32\2014-12-17-00-56-05.031-AvastVBoxSVC.exe-8260.log
2014-12-16 12:11 - 2014-12-16 12:11 - 00000197 _____ () C:\Windows\system32\2014-12-16-11-11-03.095-AvastVBoxSVC.exe-2932.log
2014-12-15 12:00 - 2014-12-15 12:00 - 00000000 ____D () C:\Users\Matze\Documents\Stalker-SHOC
2014-12-15 11:58 - 2014-12-15 11:58 - 00000994 _____ () C:\Users\Public\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.lnk
2014-12-15 11:58 - 2014-12-15 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-12-15 11:22 - 2014-12-15 11:22 - 00000000 ____D () C:\Users\Matze_2\Downloads\stalker_soc_manual
2014-12-15 11:21 - 2014-12-15 11:21 - 01984982 _____ () C:\Users\Matze_2\Downloads\stalker_soc_manual.zip
2014-12-15 11:19 - 2014-12-15 11:48 - 3565193396 _____ () C:\Users\Matze_2\Downloads\setup_stalker_shoc_2.1.0.7.bin
2014-12-15 11:19 - 2014-12-15 11:20 - 30398064 _____ (GOG.com ) C:\Users\Matze_2\Downloads\setup_stalker_shoc_2.1.0.7.exe
2014-12-15 11:03 - 2014-12-15 11:04 - 00000197 _____ () C:\Windows\system32\2014-12-15-10-03-54.081-AvastVBoxSVC.exe-3420.log
2014-12-14 23:58 - 2014-12-14 23:59 - 00000197 _____ () C:\Windows\system32\2014-12-14-22-58-48.094-AvastVBoxSVC.exe-3920.log
2014-12-14 10:02 - 2014-12-14 10:02 - 00000197 _____ () C:\Windows\system32\2014-12-14-09-02-27.071-AvastVBoxSVC.exe-3060.log
2014-12-13 14:25 - 2014-12-13 14:25 - 00000197 _____ () C:\Windows\system32\2014-12-13-13-25-18.061-AvastVBoxSVC.exe-3120.log
2014-12-12 09:17 - 2014-12-12 09:17 - 00000197 _____ () C:\Windows\system32\2014-12-12-08-17-34.072-AvastVBoxSVC.exe-2960.log
2014-12-12 08:58 - 2014-12-12 08:58 - 00000197 _____ () C:\Windows\system32\2014-12-12-07-58-47.019-AvastVBoxSVC.exe-2916.log
2014-12-11 09:29 - 2014-12-11 09:29 - 00000197 _____ () C:\Windows\system32\2014-12-11-08-29-03.022-AvastVBoxSVC.exe-2660.log
2014-12-11 00:56 - 2014-12-11 00:56 - 00000197 _____ () C:\Windows\system32\2014-12-10-23-56-09.036-AvastVBoxSVC.exe-2592.log
2014-12-11 00:51 - 2014-12-11 00:51 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 00:41 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 00:41 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 00:41 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 00:41 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 00:41 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 00:41 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 00:41 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 00:41 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 00:41 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 00:41 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 00:28 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 00:28 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 00:28 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 00:28 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 00:28 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 00:28 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 00:28 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 00:28 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 00:28 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 00:28 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 00:28 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 00:28 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 00:28 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 00:28 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 00:28 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 00:28 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 00:28 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 00:28 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 00:28 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 00:28 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 00:28 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 00:28 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 00:28 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 00:28 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 00:28 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 00:28 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 00:28 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 00:28 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 00:28 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 00:28 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 00:28 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 00:28 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 00:28 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 00:28 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 00:28 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 00:28 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 00:28 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 00:28 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 00:28 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 00:28 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 00:28 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 00:28 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 00:28 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 00:28 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 00:28 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 00:28 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 00:28 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 00:28 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 00:28 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 00:28 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 00:28 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 00:28 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 00:28 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 00:27 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 00:27 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 00:27 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 00:27 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 00:27 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 00:27 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 00:27 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 00:27 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 00:27 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 00:27 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 00:27 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 00:27 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 00:27 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 00:27 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 00:27 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 00:27 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 00:27 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 00:27 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 00:27 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 00:27 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-11 00:19 - 2014-12-11 00:19 - 00000197 _____ () C:\Windows\system32\2014-12-10-23-19-10.049-AvastVBoxSVC.exe-2792.log
2014-12-10 09:26 - 2014-12-10 09:27 - 00000197 _____ () C:\Windows\system32\2014-12-10-08-26-57.047-AvastVBoxSVC.exe-3544.log
2014-12-09 12:27 - 2014-12-09 12:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 10:58 - 2014-12-09 10:59 - 00000197 _____ () C:\Windows\system32\2014-12-09-09-58-58.091-AvastVBoxSVC.exe-3032.log
2014-12-08 08:52 - 2014-12-08 08:52 - 00000197 _____ () C:\Windows\system32\2014-12-08-07-52-26.007-AvastVBoxSVC.exe-1788.log
2014-12-07 06:55 - 2014-12-07 06:55 - 00000197 _____ () C:\Windows\system32\2014-12-07-05-55-34.010-AvastVBoxSVC.exe-2512.log
2014-12-06 07:36 - 2014-12-06 07:37 - 00000197 _____ () C:\Windows\system32\2014-12-06-06-36-54.020-AvastVBoxSVC.exe-2904.log
2014-12-05 07:00 - 2014-12-05 07:00 - 00000197 _____ () C:\Windows\system32\2014-12-05-06-00-44.092-AvastVBoxSVC.exe-3368.log
2014-12-04 06:41 - 2014-12-04 06:42 - 47382624 _____ () C:\Users\Matze_2\Downloads\DepTCJ_PC_Patch_3.0_to_3.1_Multi_Daedalic_Retail.exe
2014-12-04 06:41 - 2014-12-04 06:42 - 21566237 _____ () C:\Users\Matze_2\Downloads\DepTCJ_PC_Patch_3.1_to_3.2_Multi_Daedalic_Retail.exe
2014-12-04 06:18 - 2014-12-04 06:18 - 00001194 _____ () C:\Users\Matze_2\Desktop\Deponia.lnk
2014-12-04 06:17 - 2014-12-04 06:18 - 00000197 _____ () C:\Windows\system32\2014-12-04-05-17-35.055-AvastVBoxSVC.exe-2632.log
2014-12-03 16:55 - 2014-12-03 16:55 - 00000000 ____D () C:\Users\Matze_2\AppData\Roaming\de.daedalic.puzzledeponia1
2014-12-03 16:17 - 2014-12-03 16:17 - 00000000 ____D () C:\Users\Matze_2\AppData\Local\Daedalic Entertainment GmbH
2014-12-03 14:49 - 2014-12-03 14:49 - 00000738 _____ () C:\Users\Matze\Desktop\Deponia – The Puzzle.lnk
2014-12-03 14:49 - 2014-12-03 14:49 - 00000000 ____D () C:\Users\Matze\AppData\Local\Daedalic Entertainment GmbH
2014-12-03 14:48 - 2014-12-03 14:49 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2014-12-03 14:48 - 2014-12-03 14:48 - 00000851 _____ () C:\Users\Matze\Desktop\Deponia - The Complete Journey.lnk
2014-12-03 14:47 - 2015-01-01 16:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-03 07:23 - 2014-12-03 07:23 - 00000247 _____ () C:\Windows\system32\2014-12-03-06-23-18.027-aswFe.exe-328.log
2014-12-03 07:13 - 2014-12-03 07:23 - 00000247 _____ () C:\Windows\system32\2014-12-03-06-13-48.058-aswFe.exe-4520.log
2014-12-03 07:13 - 2014-12-03 07:13 - 00000197 _____ () C:\Windows\system32\2014-12-03-06-13-44.096-AvastVBoxSVC.exe-3204.log
2014-12-03 06:31 - 2014-12-03 06:31 - 00000247 _____ () C:\Windows\system32\2014-12-03-05-31-23.035-aswFe.exe-4904.log
2014-12-03 06:24 - 2014-12-03 06:31 - 00000247 _____ () C:\Windows\system32\2014-12-03-05-24-33.017-aswFe.exe-304.log
2014-12-03 06:24 - 2014-12-03 06:24 - 00000197 _____ () C:\Windows\system32\2014-12-03-05-24-27.083-AvastVBoxSVC.exe-4968.log
2014-12-03 04:55 - 2014-12-03 04:55 - 00000247 _____ () C:\Windows\system32\2014-12-03-03-55-29.004-aswFe.exe-1648.log
2014-12-03 04:50 - 2014-12-03 04:55 - 00000247 _____ () C:\Windows\system32\2014-12-03-03-50-35.014-aswFe.exe-4160.log
2014-12-03 04:50 - 2014-12-03 04:50 - 00000197 _____ () C:\Windows\system32\2014-12-03-03-50-30.043-AvastVBoxSVC.exe-2604.log
2014-12-03 03:49 - 2014-12-03 03:49 - 00000247 _____ () C:\Windows\system32\2014-12-03-02-49-20.023-aswFe.exe-2964.log
2014-12-03 03:44 - 2014-12-03 03:49 - 00000247 _____ () C:\Windows\system32\2014-12-03-02-44-34.078-aswFe.exe-1104.log
2014-12-03 03:44 - 2014-12-03 03:44 - 00000197 _____ () C:\Windows\system32\2014-12-03-02-44-30.082-AvastVBoxSVC.exe-4468.log
2014-12-03 03:23 - 2014-12-03 03:23 - 00000247 _____ () C:\Windows\system32\2014-12-03-02-23-53.079-aswFe.exe-3652.log
2014-12-03 03:18 - 2014-12-03 03:23 - 00000247 _____ () C:\Windows\system32\2014-12-03-02-18-29.069-aswFe.exe-4308.log
2014-12-03 03:18 - 2014-12-03 03:18 - 00000197 _____ () C:\Windows\system32\2014-12-03-02-18-25.093-AvastVBoxSVC.exe-4672.log
2014-12-03 02:29 - 2014-12-03 02:29 - 00000247 _____ () C:\Windows\system32\2014-12-03-01-29-03.090-aswFe.exe-4120.log
2014-12-03 02:24 - 2014-12-03 02:28 - 00000247 _____ () C:\Windows\system32\2014-12-03-01-24-27.090-aswFe.exe-1708.log
2014-12-03 02:24 - 2014-12-03 02:24 - 00000197 _____ () C:\Windows\system32\2014-12-03-01-24-23.037-AvastVBoxSVC.exe-3664.log
2014-12-02 13:15 - 2014-12-02 13:15 - 00000197 _____ () C:\Windows\system32\2014-12-02-12-15-02.022-AvastVBoxSVC.exe-2584.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-01 19:16 - 2014-11-19 13:18 - 00000000 ____D () C:\Users\Matze
2015-01-01 19:15 - 2010-05-12 09:18 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-01-01 19:15 - 2010-05-12 09:18 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-01-01 19:15 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-01 19:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-01 19:07 - 2009-07-14 05:51 - 00040092 _____ () C:\Windows\setupact.log
2015-01-01 18:35 - 2010-06-02 17:14 - 01583736 _____ () C:\Windows\PFRO.log
2015-01-01 18:31 - 2014-11-19 15:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-01 18:31 - 2014-11-19 13:11 - 01292372 _____ () C:\Windows\WindowsUpdate.log
2015-01-01 16:18 - 2009-07-14 05:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-01 16:18 - 2009-07-14 05:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-01 16:11 - 2014-11-19 13:19 - 00001425 _____ () C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-01 13:39 - 2014-11-19 16:22 - 00000000 ____D () C:\Users\Matze_2
2014-12-30 10:13 - 2014-11-19 13:20 - 00058016 _____ () C:\Users\Matze\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 03:59 - 2014-11-19 16:22 - 00000000 ____D () C:\Users\Matze_2\AppData\Roaming\TP-LINK
2014-12-29 03:58 - 2009-07-14 08:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-29 03:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-25 12:31 - 2014-11-19 13:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-24 21:20 - 2010-06-01 17:52 - 00114237 _____ () C:\Windows\DirectX.log
2014-12-20 17:40 - 2014-11-20 10:00 - 00000892 _____ () C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
2014-12-17 22:19 - 2014-11-20 11:59 - 00000000 ____D () C:\Users\Matze_2\AppData\Local\The Witcher
2014-12-15 12:01 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-12 11:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 09:14 - 2014-11-19 13:45 - 00000000 ____D () C:\Users\Matze\AppData\Local\Adobe
2014-12-12 09:13 - 2014-11-19 15:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 09:13 - 2014-11-19 15:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 09:13 - 2014-11-19 15:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 00:51 - 2014-11-19 14:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 00:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 00:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 00:44 - 2014-11-19 14:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 00:42 - 2010-06-01 16:50 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 09:23 - 2014-11-19 13:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-03 16:55 - 2014-11-21 16:44 - 00000000 ____D () C:\Users\Matze_2\AppData\Local\Adobe
2014-12-03 16:55 - 2014-11-20 08:50 - 00000000 ____D () C:\Users\Matze_2\AppData\Roaming\Adobe
2014-12-03 10:57 - 2014-11-28 04:20 - 00000000 ____D () C:\Users\Matze_2\AppData\Local\Microsoft Games
Some content of TEMP:
====================
C:\Users\Matze\AppData\Local\Temp\avgnt.exe
C:\Users\Matze\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Matze_2\AppData\Local\Temp\war3_Install.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 18:38
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2015
Ran by Matze at 2015-01-01 19:18:22
Running from C:\Users\Matze\Desktop
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.35 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0935-000001000000}) (Version: 9.35.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{4C5C7B62-C959-5FEB-FAD6-B7A0BE68B868}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
ccc-core-static (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
Deponia - The Complete Journey (HKLM-x32\...\Deponia The Complete Journey) (Version: 3.2 - Daedalic Entertainment)
Deponia – The Puzzle (HKLM-x32\...\Deponia – The Puzzle_is1) (Version: 1.0 - Daedalic Entertainment)
Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version: - Sports Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.5.1003 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 6.0.0000 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM-x32\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. Shadow of Chernobyl (HKLM-x32\...\1207660573_is1) (Version: 2.1.0.7 - GOG.com)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.4.5.1280 - CD Projekt Red)
TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)
Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
17-12-2014 15:08:33 Geplanter Prüfpunkt
18-12-2014 12:56:18 Windows Update
23-12-2014 16:51:29 Windows Update
24-12-2014 11:51:44 Installed 7-Zip 9.35 (x64 edition)
24-12-2014 21:15:41 DirectX wurde installiert
24-12-2014 21:18:58 DirectX wurde installiert
26-12-2014 22:10:17 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {4C44D172-ED67-4ADA-853C-DD054ABDDD02} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {BA07F79F-C878-4002-AAFB-2C3D03CD1B9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2015-01-01 19:11 - 2015-01-01 19:12 - 00050477 _____ () C:\Users\Matze\Desktop\Defogger.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-245380145-1818160504-329303441-500 - Administrator - Disabled)
Gast (S-1-5-21-245380145-1818160504-329303441-501 - Limited - Disabled)
Matze (S-1-5-21-245380145-1818160504-329303441-1000 - Administrator - Enabled) => C:\Users\Matze
Matze_2 (S-1-5-21-245380145-1818160504-329303441-1001 - Limited - Enabled) => C:\Users\Matze_2
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/01/2015 04:11:30 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (1840) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (01/01/2015 04:11:16 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2860) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (12/30/2014 10:11:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -550.
Error: (12/29/2014 03:45:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1216.
Error: (12/29/2014 03:45:55 AM) (Source: ESENT) (EventID: 454) (User: )
Description: Catalog Database (916) Catalog Database: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.
Error: (12/29/2014 03:45:55 AM) (Source: ESENT) (EventID: 494) (User: )
Description: Catalog Database (916) Catalog Database: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.
Error: (12/28/2014 11:17:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fm.exe, Version: 15.2.1.0, Zeitstempel: 0x548f21aa
Name des fehlerhaften Moduls: fm.exe, Version: 15.2.1.0, Zeitstempel: 0x548f21aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00e43f06
ID des fehlerhaften Prozesses: 0x20d0
Startzeit der fehlerhaften Anwendung: 0xfm.exe0
Pfad der fehlerhaften Anwendung: fm.exe1
Pfad des fehlerhaften Moduls: fm.exe2
Berichtskennung: fm.exe3
Error: (12/28/2014 03:52:50 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/28/2014 02:56:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fm.exe, Version: 15.2.1.0, Zeitstempel: 0x548f21aa
Name des fehlerhaften Moduls: fm.exe, Version: 15.2.1.0, Zeitstempel: 0x548f21aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00e43f06
ID des fehlerhaften Prozesses: 0x148c
Startzeit der fehlerhaften Anwendung: 0xfm.exe0
Pfad der fehlerhaften Anwendung: fm.exe1
Pfad des fehlerhaften Moduls: fm.exe2
Berichtskennung: fm.exe3
Error: (12/28/2014 01:30:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm fm.exe, Version 15.2.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c5c
Startzeit: 01d021d83055d3f6
Endzeit: 16
Anwendungspfad: D:\Steam\steamapps\common\Football Manager 2015\fm.exe
Berichts-ID: ac536517-8e28-11e4-bc3b-6c626d0fc752
System errors:
=============
Error: (01/01/2015 07:11:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/01/2015 07:11:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/01/2015 07:11:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/01/2015 07:11:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/01/2015 07:11:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/01/2015 07:11:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/01/2015 07:11:01 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (01/01/2015 07:11:01 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (01/01/2015 07:10:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/01/2015 07:10:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (01/01/2015 04:11:30 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail1840WindowsMail0:
Error: (01/01/2015 04:11:16 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2860WindowsMail0:
Error: (12/30/2014 10:11:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -550
Error: (12/29/2014 03:45:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -1216
Error: (12/29/2014 03:45:55 AM) (Source: ESENT) (EventID: 454) (User: )
Description: Catalog Database916Catalog Database: -1216
Error: (12/29/2014 03:45:55 AM) (Source: ESENT) (EventID: 494) (User: )
Description: Catalog Database916Catalog Database: -1216C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
Error: (12/28/2014 11:17:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fm.exe15.2.1.0548f21aafm.exe15.2.1.0548f21aac000000500e43f0620d001d0225c905693ccD:\Steam\steamapps\common\Football Manager 2015\fm.exeD:\Steam\steamapps\common\Football Manager 2015\fm.exec11e5b61-8e7a-11e4-bc3b-6c626d0fc752
Error: (12/28/2014 03:52:50 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (12/28/2014 02:56:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fm.exe15.2.1.0548f21aafm.exe15.2.1.0548f21aac000000500e43f06148c01d022357cfa4c61D:\Steam\steamapps\common\Football Manager 2015\fm.exeD:\Steam\steamapps\common\Football Manager 2015\fm.exec8c0948d-8e34-11e4-bc3b-6c626d0fc752
Error: (12/28/2014 01:30:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: fm.exe15.2.1.0c5c01d021d83055d3f616D:\Steam\steamapps\common\Football Manager 2015\fm.exeac536517-8e28-11e4-bc3b-6c626d0fc752
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 9%
Total physical RAM: 8183.11 MB
Available physical RAM: 7399.36 MB
Total Pagefile: 16364.41 MB
Available Pagefile: 15605.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:1366.16 GB) (Free:1253.84 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:437.62 GB) NTFS
Drive e: (Recover) (Fixed) (Total:30 GB) (Free:13.89 GB) NTFS
Drive i: (INTENSO USB) (Removable) (Total:3.73 GB) (Free:3.36 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: ACBFBE42)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1366.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 207E8B9E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-01 19:33:14
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD15 rev.80.0 1397,27GB
Running: Gmer-19357.exe; Driver: C:\Users\Matze\AppData\Local\Temp\fxldruoc.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Geändert von hateinprob (01.01.2015 um 20:16 Uhr) |
|
01.01.2015, 20:19
| #2 |
| /// the machine /// TB-Ausbilder    | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
01.01.2015, 20:26
| #3 |
| | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Hi,
__________________beim Link zum TDSSKiller.exe komme ich nach dem Download-button auf eine Error 404: Page not found -Seite Edit: Hab es mit dem Link im Anleitungs-Thread probiert da ging es Edit2: Komme wie gesagt nicht in den abgesicherten Modus mit Netzwerkfunktionen kann also Malwarebytes nicht aktualisieren Hier nun die beiden Logs: TDSS: Code:
ATTFilter 20:31:17.0693 0x051c TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
20:31:29.0299 0x051c ============================================================
20:31:29.0299 0x051c Current date / time: 2015/01/01 20:31:29.0299
20:31:29.0299 0x051c SystemInfo:
20:31:29.0299 0x051c
20:31:29.0299 0x051c OS Version: 6.1.7601 ServicePack: 1.0
20:31:29.0299 0x051c Product type: Workstation
20:31:29.0299 0x051c ComputerName: *****-PC
20:31:29.0299 0x051c UserName: Matze
20:31:29.0299 0x051c Windows directory: C:\Windows
20:31:29.0299 0x051c System windows directory: C:\Windows
20:31:29.0299 0x051c Running under WOW64
20:31:29.0299 0x051c Processor architecture: Intel x64
20:31:29.0299 0x051c Number of processors: 8
20:31:29.0299 0x051c Page size: 0x1000
20:31:29.0299 0x051c Boot type: Safe boot
20:31:29.0299 0x051c ============================================================
20:31:36.0272 0x051c KLMD registered as C:\Windows\system32\drivers\11939736.sys
20:31:36.0584 0x051c System UUID: {4003EF8F-49E4-BCE6-4891-E751484AA35C}
20:31:37.0146 0x051c Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:31:37.0146 0x051c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:31:37.0161 0x051c Drive \Device\Harddisk4\DR6 - Size: 0xEF000000 ( 3.73 Gb ), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:31:37.0161 0x051c ============================================================
20:31:37.0161 0x051c \Device\Harddisk0\DR0:
20:31:37.0161 0x051c MBR partitions:
20:31:37.0161 0x051c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:31:37.0161 0x051c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAAC53800
20:31:37.0161 0x051c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAAC86000, BlocksNum 0x3C00000
20:31:37.0161 0x051c \Device\Harddisk1\DR1:
20:31:37.0161 0x051c MBR partitions:
20:31:37.0161 0x051c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705DB0
20:31:37.0161 0x051c \Device\Harddisk4\DR6:
20:31:37.0161 0x051c MBR partitions:
20:31:37.0161 0x051c \Device\Harddisk4\DR6\Partition1: MBR, Type 0xC, StartLBA 0x30, BlocksNum 0x777FD0
20:31:37.0161 0x051c ============================================================
20:31:37.0177 0x051c C: <-> \Device\Harddisk0\DR0\Partition2
20:31:37.0193 0x051c D: <-> \Device\Harddisk1\DR1\Partition1
20:31:37.0286 0x051c E: <-> \Device\Harddisk0\DR0\Partition3
20:31:37.0286 0x051c ============================================================
20:31:37.0286 0x051c Initialize success
20:31:37.0286 0x051c ============================================================
20:32:11.0825 0x044c ============================================================
20:32:11.0825 0x044c Scan started
20:32:11.0825 0x044c Mode: Manual; SigCheck; TDLFS;
20:32:11.0825 0x044c ============================================================
20:32:11.0825 0x044c KSN ping started
20:32:11.0856 0x044c KSN ping finished: false
20:32:12.0183 0x044c ================ Scan system memory ========================
20:32:12.0183 0x044c System memory - ok
20:32:12.0183 0x044c ================ Scan services =============================
20:32:12.0339 0x044c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:32:12.0386 0x044c 1394ohci - ok
20:32:12.0449 0x044c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:32:12.0464 0x044c ACPI - ok
20:32:12.0495 0x044c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:32:12.0511 0x044c AcpiPmi - ok
20:32:12.0636 0x044c [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:32:12.0636 0x044c AdobeFlashPlayerUpdateSvc - ok
20:32:12.0698 0x044c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:32:12.0714 0x044c adp94xx - ok
20:32:12.0745 0x044c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:32:12.0761 0x044c adpahci - ok
20:32:12.0792 0x044c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:32:12.0807 0x044c adpu320 - ok
20:32:12.0839 0x044c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:32:12.0854 0x044c AeLookupSvc - ok
20:32:12.0963 0x044c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:32:12.0995 0x044c AFD - ok
20:32:13.0057 0x044c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:32:13.0057 0x044c agp440 - ok
20:32:13.0073 0x044c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:32:13.0088 0x044c ALG - ok
20:32:13.0151 0x044c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:32:13.0151 0x044c aliide - ok
20:32:13.0197 0x044c [ CAA6ED31C6DA3C505A684162B3492166, 9C42E860B335810A10A92B9FE590462B2DEF76C338F239FF49F49B532917EA2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:32:13.0213 0x044c AMD External Events Utility - ok
20:32:13.0229 0x044c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:32:13.0244 0x044c amdide - ok
20:32:13.0307 0x044c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:32:13.0307 0x044c AmdK8 - ok
20:32:13.0541 0x044c [ CC0B8B1912967D429C4A2D2BD7A9E52D, D63DC46F0367518CA211C23452D1CD0214240353817E7A8F1777C4D6610AAC9C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:32:13.0712 0x044c amdkmdag - ok
20:32:13.0743 0x044c [ B855C99C23A57EDECA29F49A3210B95C, EB2E7DF850428CBD5AB1D0F0CDBC0536790BD193459EA6911B90A99E60B4568B ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:32:13.0759 0x044c amdkmdap - ok
20:32:13.0806 0x044c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:32:13.0806 0x044c AmdPPM - ok
20:32:13.0837 0x044c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:32:13.0837 0x044c amdsata - ok
20:32:13.0853 0x044c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:32:13.0868 0x044c amdsbs - ok
20:32:13.0868 0x044c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:32:13.0884 0x044c amdxata - ok
20:32:14.0087 0x044c [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:32:14.0102 0x044c AntiVirSchedulerService - ok
20:32:14.0180 0x044c [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:32:14.0180 0x044c AntiVirService - ok
20:32:14.0227 0x044c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:32:14.0258 0x044c AppID - ok
20:32:14.0274 0x044c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:32:14.0289 0x044c AppIDSvc - ok
20:32:14.0336 0x044c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:32:14.0336 0x044c Appinfo - ok
20:32:14.0367 0x044c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:32:14.0367 0x044c arc - ok
20:32:14.0383 0x044c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:32:14.0399 0x044c arcsas - ok
20:32:14.0492 0x044c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:32:14.0508 0x044c aspnet_state - ok
20:32:14.0523 0x044c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:32:14.0539 0x044c AsyncMac - ok
20:32:14.0601 0x044c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:32:14.0601 0x044c atapi - ok
20:32:14.0679 0x044c [ EA0AF9B866DF07E8FE6C2342585788B0, BE8E799C1ED36B9DC6BEAB40E8B460464C01014DEC021760FB19626C77550792 ] athur C:\Windows\system32\DRIVERS\athurx.sys
20:32:14.0726 0x044c athur - ok
20:32:14.0773 0x044c [ 7E2F5A758F63F80F8B03F889B4E6B19F, 5A911F1E9DB2894A7459D072F8D02F884AEF695B51EC17DEEAF874DB5A6F783C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:32:14.0789 0x044c AtiHdmiService - ok
20:32:14.0851 0x044c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:32:14.0882 0x044c AudioEndpointBuilder - ok
20:32:14.0898 0x044c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:32:14.0913 0x044c AudioSrv - ok
20:32:14.0976 0x044c [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:32:14.0976 0x044c avgntflt - ok
20:32:14.0991 0x044c [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:32:15.0007 0x044c avipbb - ok
20:32:15.0132 0x044c [ 6F77BBB8FC69D26132309EB4CE7A4E0E, 39E1E20F7CE6B2A784765BB1BE3AC539EDD2889880F78D14C340129E9DB7A43E ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
20:32:15.0147 0x044c Avira.OE.ServiceHost - ok
20:32:15.0179 0x044c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:32:15.0179 0x044c avkmgr - ok
20:32:15.0210 0x044c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:32:15.0225 0x044c AxInstSV - ok
20:32:15.0272 0x044c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:32:15.0288 0x044c b06bdrv - ok
20:32:15.0335 0x044c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:32:15.0350 0x044c b57nd60a - ok
20:32:15.0413 0x044c [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:32:15.0428 0x044c BBSvc - ok
20:32:15.0459 0x044c [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:32:15.0475 0x044c BBUpdate - ok
20:32:15.0491 0x044c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:32:15.0506 0x044c BDESVC - ok
20:32:15.0553 0x044c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:32:15.0584 0x044c Beep - ok
20:32:15.0662 0x044c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:32:15.0693 0x044c BFE - ok
20:32:15.0725 0x044c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:32:15.0771 0x044c BITS - ok
20:32:15.0803 0x044c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:32:15.0818 0x044c blbdrive - ok
20:32:15.0849 0x044c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:32:15.0849 0x044c bowser - ok
20:32:15.0881 0x044c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:32:15.0881 0x044c BrFiltLo - ok
20:32:15.0927 0x044c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:32:15.0943 0x044c BrFiltUp - ok
20:32:15.0974 0x044c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:32:15.0974 0x044c Browser - ok
20:32:16.0005 0x044c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:32:16.0021 0x044c Brserid - ok
20:32:16.0037 0x044c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:32:16.0052 0x044c BrSerWdm - ok
20:32:16.0083 0x044c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:32:16.0083 0x044c BrUsbMdm - ok
20:32:16.0099 0x044c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:32:16.0115 0x044c BrUsbSer - ok
20:32:16.0161 0x044c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:32:16.0177 0x044c BTHMODEM - ok
20:32:16.0177 0x044c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:32:16.0208 0x044c bthserv - ok
20:32:16.0224 0x044c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:32:16.0255 0x044c cdfs - ok
20:32:16.0302 0x044c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:32:16.0302 0x044c cdrom - ok
20:32:16.0333 0x044c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:32:16.0364 0x044c CertPropSvc - ok
20:32:16.0395 0x044c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:32:16.0395 0x044c circlass - ok
20:32:16.0427 0x044c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:32:16.0442 0x044c CLFS - ok
20:32:16.0489 0x044c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:32:16.0489 0x044c clr_optimization_v2.0.50727_32 - ok
20:32:16.0520 0x044c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:32:16.0536 0x044c clr_optimization_v2.0.50727_64 - ok
20:32:16.0614 0x044c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:32:16.0661 0x044c clr_optimization_v4.0.30319_32 - ok
20:32:16.0692 0x044c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:32:16.0723 0x044c clr_optimization_v4.0.30319_64 - ok
20:32:16.0739 0x044c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:32:16.0739 0x044c CmBatt - ok
20:32:16.0754 0x044c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:32:16.0770 0x044c cmdide - ok
20:32:16.0801 0x044c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
20:32:16.0832 0x044c CNG - ok
20:32:16.0863 0x044c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:32:16.0863 0x044c Compbatt - ok
20:32:16.0926 0x044c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:32:16.0926 0x044c CompositeBus - ok
20:32:16.0926 0x044c COMSysApp - ok
20:32:16.0941 0x044c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:32:16.0941 0x044c crcdisk - ok
20:32:16.0988 0x044c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:32:16.0988 0x044c CryptSvc - ok
20:32:17.0019 0x044c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:32:17.0066 0x044c DcomLaunch - ok
20:32:17.0097 0x044c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:32:17.0129 0x044c defragsvc - ok
20:32:17.0175 0x044c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:32:17.0207 0x044c DfsC - ok
20:32:17.0238 0x044c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:32:17.0253 0x044c Dhcp - ok
20:32:17.0253 0x044c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:32:17.0285 0x044c discache - ok
20:32:17.0347 0x044c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:32:17.0347 0x044c Disk - ok
20:32:17.0378 0x044c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:32:17.0394 0x044c Dnscache - ok
20:32:17.0425 0x044c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:32:17.0456 0x044c dot3svc - ok
20:32:17.0487 0x044c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:32:17.0519 0x044c DPS - ok
20:32:17.0581 0x044c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:32:17.0581 0x044c drmkaud - ok
20:32:17.0628 0x044c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:32:17.0643 0x044c DXGKrnl - ok
20:32:17.0690 0x044c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:32:17.0721 0x044c EapHost - ok
20:32:17.0831 0x044c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:32:17.0924 0x044c ebdrv - ok
20:32:17.0955 0x044c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
20:32:17.0955 0x044c EFS - ok
20:32:18.0018 0x044c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:32:18.0049 0x044c ehRecvr - ok
20:32:18.0065 0x044c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:32:18.0080 0x044c ehSched - ok
20:32:18.0143 0x044c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:32:18.0158 0x044c elxstor - ok
20:32:18.0189 0x044c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:32:18.0189 0x044c ErrDev - ok
20:32:18.0221 0x044c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:32:18.0252 0x044c EventSystem - ok
20:32:18.0283 0x044c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:32:18.0299 0x044c exfat - ok
20:32:18.0314 0x044c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:32:18.0345 0x044c fastfat - ok
20:32:18.0408 0x044c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:32:18.0423 0x044c Fax - ok
20:32:18.0455 0x044c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:32:18.0470 0x044c fdc - ok
20:32:18.0470 0x044c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:32:18.0486 0x044c fdPHost - ok
20:32:18.0501 0x044c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:32:18.0533 0x044c FDResPub - ok
20:32:18.0548 0x044c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:32:18.0548 0x044c FileInfo - ok
20:32:18.0564 0x044c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:32:18.0595 0x044c Filetrace - ok
20:32:18.0642 0x044c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:32:18.0642 0x044c flpydisk - ok
20:32:18.0673 0x044c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:32:18.0689 0x044c FltMgr - ok
20:32:18.0767 0x044c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
20:32:18.0798 0x044c FontCache - ok
20:32:18.0829 0x044c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:32:18.0845 0x044c FontCache3.0.0.0 - ok
20:32:18.0845 0x044c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:32:18.0845 0x044c FsDepends - ok
20:32:18.0860 0x044c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:32:18.0876 0x044c Fs_Rec - ok
20:32:18.0938 0x044c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:32:18.0954 0x044c fvevol - ok
20:32:19.0016 0x044c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:32:19.0016 0x044c gagp30kx - ok
20:32:19.0172 0x044c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:32:19.0203 0x044c gpsvc - ok
20:32:19.0235 0x044c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:32:19.0235 0x044c hcw85cir - ok
20:32:19.0281 0x044c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:32:19.0297 0x044c HdAudAddService - ok
20:32:19.0375 0x044c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:32:19.0375 0x044c HDAudBus - ok
20:32:19.0406 0x044c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:32:19.0406 0x044c HidBatt - ok
20:32:19.0422 0x044c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:32:19.0437 0x044c HidBth - ok
20:32:19.0453 0x044c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:32:19.0453 0x044c HidIr - ok
20:32:19.0469 0x044c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:32:19.0500 0x044c hidserv - ok
20:32:19.0515 0x044c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:32:19.0515 0x044c HidUsb - ok
20:32:19.0547 0x044c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:32:19.0578 0x044c hkmsvc - ok
20:32:19.0625 0x044c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:32:19.0625 0x044c HomeGroupListener - ok
20:32:19.0656 0x044c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:32:19.0656 0x044c HomeGroupProvider - ok
20:32:19.0703 0x044c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:32:19.0718 0x044c HpSAMD - ok
20:32:19.0749 0x044c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:32:19.0781 0x044c HTTP - ok
20:32:19.0812 0x044c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:32:19.0812 0x044c hwpolicy - ok
20:32:19.0874 0x044c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:32:19.0890 0x044c i8042prt - ok
20:32:19.0921 0x044c [ BF5442DC14608D18949DC83DE37E667A, 3E46E3AD4FA63738F32A9AA51AFFECD93F96955BFDF8FD9288071AF58608E52E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:32:19.0937 0x044c iaStor - ok
20:32:20.0030 0x044c [ DE9560E9703BFE1BD08014A406BE0033, AA11848138C6EC1170EAB94393F8949C359D168F1F25A355F396390FD984A827 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:32:20.0030 0x044c IAStorDataMgrSvc - ok
20:32:20.0077 0x044c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:32:20.0093 0x044c iaStorV - ok
20:32:20.0155 0x044c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:32:20.0171 0x044c idsvc - ok
20:32:20.0186 0x044c IEEtwCollectorService - ok
20:32:20.0202 0x044c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:32:20.0217 0x044c iirsp - ok
20:32:20.0264 0x044c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:32:20.0295 0x044c IKEEXT - ok
20:32:20.0405 0x044c [ 0ADF714079AE174A39D69036143E4C50, 93184D0DB1265D94BA92922783514ADFDAB04557EB0DEF9715D8B1EF06EDD692 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:32:20.0467 0x044c IntcAzAudAddService - ok
20:32:20.0467 0x044c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:32:20.0483 0x044c intelide - ok
20:32:20.0529 0x044c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:32:20.0529 0x044c intelppm - ok
20:32:20.0545 0x044c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:32:20.0576 0x044c IPBusEnum - ok
20:32:20.0607 0x044c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:32:20.0654 0x044c IpFilterDriver - ok
20:32:20.0685 0x044c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:32:20.0717 0x044c iphlpsvc - ok
20:32:20.0779 0x044c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:32:20.0779 0x044c IPMIDRV - ok
20:32:20.0795 0x044c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:32:20.0826 0x044c IPNAT - ok
20:32:20.0873 0x044c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:32:20.0873 0x044c IRENUM - ok
20:32:20.0904 0x044c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:32:20.0904 0x044c isapnp - ok
20:32:20.0919 0x044c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:32:20.0935 0x044c iScsiPrt - ok
20:32:20.0966 0x044c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:32:20.0982 0x044c kbdclass - ok
20:32:21.0029 0x044c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:32:21.0029 0x044c kbdhid - ok
20:32:21.0044 0x044c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
20:32:21.0060 0x044c KeyIso - ok
20:32:21.0060 0x044c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:32:21.0075 0x044c KSecDD - ok
20:32:21.0091 0x044c [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:32:21.0091 0x044c KSecPkg - ok
20:32:21.0107 0x044c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:32:21.0138 0x044c ksthunk - ok
20:32:21.0169 0x044c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:32:21.0216 0x044c KtmRm - ok
20:32:21.0309 0x044c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:32:21.0341 0x044c LanmanServer - ok
20:32:21.0387 0x044c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:32:21.0419 0x044c LanmanWorkstation - ok
20:32:21.0481 0x044c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:32:21.0497 0x044c lltdio - ok
20:32:21.0559 0x044c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:32:21.0590 0x044c lltdsvc - ok
20:32:21.0621 0x044c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:32:21.0637 0x044c lmhosts - ok
20:32:21.0684 0x044c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:32:21.0684 0x044c LSI_FC - ok
20:32:21.0715 0x044c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:32:21.0731 0x044c LSI_SAS - ok
20:32:21.0746 0x044c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:32:21.0762 0x044c LSI_SAS2 - ok
20:32:21.0793 0x044c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:32:21.0809 0x044c LSI_SCSI - ok
20:32:21.0840 0x044c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:32:21.0855 0x044c luafv - ok
20:32:21.0887 0x044c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:32:21.0902 0x044c Mcx2Svc - ok
20:32:21.0918 0x044c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:32:21.0933 0x044c megasas - ok
20:32:21.0949 0x044c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:32:21.0965 0x044c MegaSR - ok
20:32:22.0011 0x044c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:32:22.0027 0x044c MMCSS - ok
20:32:22.0043 0x044c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:32:22.0074 0x044c Modem - ok
20:32:22.0105 0x044c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:32:22.0105 0x044c monitor - ok
20:32:22.0152 0x044c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:32:22.0152 0x044c mouclass - ok
20:32:22.0214 0x044c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:32:22.0214 0x044c mouhid - ok
20:32:22.0245 0x044c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:32:22.0245 0x044c mountmgr - ok
20:32:22.0323 0x044c [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:32:22.0323 0x044c MozillaMaintenance - ok
20:32:22.0339 0x044c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:32:22.0355 0x044c mpio - ok
20:32:22.0417 0x044c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:32:22.0448 0x044c mpsdrv - ok
20:32:22.0511 0x044c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:32:22.0542 0x044c MpsSvc - ok
20:32:22.0589 0x044c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:32:22.0589 0x044c MRxDAV - ok
20:32:22.0620 0x044c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:32:22.0635 0x044c mrxsmb - ok
20:32:22.0667 0x044c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:32:22.0682 0x044c mrxsmb10 - ok
20:32:22.0682 0x044c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:32:22.0698 0x044c mrxsmb20 - ok
20:32:22.0713 0x044c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:32:22.0729 0x044c msahci - ok
20:32:22.0745 0x044c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:32:22.0760 0x044c msdsm - ok
20:32:22.0776 0x044c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:32:22.0791 0x044c MSDTC - ok
20:32:22.0807 0x044c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:32:22.0838 0x044c Msfs - ok
20:32:22.0854 0x044c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:32:22.0869 0x044c mshidkmdf - ok
20:32:22.0885 0x044c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:32:22.0901 0x044c msisadrv - ok
20:32:22.0916 0x044c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:32:22.0932 0x044c MSiSCSI - ok
20:32:22.0947 0x044c msiserver - ok
20:32:22.0994 0x044c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:32:23.0010 0x044c MSKSSRV - ok
20:32:23.0057 0x044c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:32:23.0088 0x044c MSPCLOCK - ok
20:32:23.0088 0x044c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:32:23.0103 0x044c MSPQM - ok
20:32:23.0150 0x044c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:32:23.0166 0x044c MsRPC - ok
20:32:23.0166 0x044c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:32:23.0181 0x044c mssmbios - ok
20:32:23.0181 0x044c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:32:23.0197 0x044c MSTEE - ok
20:32:23.0213 0x044c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:32:23.0228 0x044c MTConfig - ok
20:32:23.0228 0x044c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:32:23.0244 0x044c Mup - ok
20:32:23.0291 0x044c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:32:23.0322 0x044c napagent - ok
20:32:23.0384 0x044c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:32:23.0400 0x044c NativeWifiP - ok
20:32:23.0447 0x044c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:32:23.0462 0x044c NDIS - ok
20:32:23.0493 0x044c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:32:23.0509 0x044c NdisCap - ok
20:32:23.0540 0x044c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:32:23.0556 0x044c NdisTapi - ok
20:32:23.0603 0x044c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:32:23.0618 0x044c Ndisuio - ok
20:32:23.0649 0x044c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:32:23.0681 0x044c NdisWan - ok
20:32:23.0696 0x044c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:32:23.0727 0x044c NDProxy - ok
20:32:23.0759 0x044c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:32:23.0790 0x044c NetBIOS - ok
20:32:23.0790 0x044c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:32:23.0821 0x044c NetBT - ok
20:32:23.0837 0x044c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
20:32:23.0852 0x044c Netlogon - ok
20:32:23.0868 0x044c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:32:23.0899 0x044c Netman - ok
20:32:23.0961 0x044c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:32:24.0024 0x044c NetMsmqActivator - ok
20:32:24.0024 0x044c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:32:24.0039 0x044c NetPipeActivator - ok
20:32:24.0039 0x044c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:32:24.0086 0x044c netprofm - ok
20:32:24.0102 0x044c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:32:24.0117 0x044c NetTcpActivator - ok
20:32:24.0117 0x044c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:32:24.0133 0x044c NetTcpPortSharing - ok
20:32:24.0180 0x044c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:32:24.0180 0x044c nfrd960 - ok
20:32:24.0211 0x044c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:32:24.0211 0x044c NlaSvc - ok
20:32:24.0227 0x044c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:32:24.0258 0x044c Npfs - ok
20:32:24.0289 0x044c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:32:24.0320 0x044c nsi - ok
20:32:24.0320 0x044c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:32:24.0336 0x044c nsiproxy - ok
20:32:24.0398 0x044c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:32:24.0445 0x044c Ntfs - ok
20:32:24.0461 0x044c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:32:24.0476 0x044c Null - ok
20:32:24.0523 0x044c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:32:24.0523 0x044c nvraid - ok
20:32:24.0570 0x044c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:32:24.0570 0x044c nvstor - ok
20:32:24.0601 0x044c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:32:24.0617 0x044c nv_agp - ok
20:32:24.0632 0x044c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:32:24.0648 0x044c ohci1394 - ok
20:32:24.0679 0x044c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:32:24.0695 0x044c p2pimsvc - ok
20:32:24.0726 0x044c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:32:24.0741 0x044c p2psvc - ok
20:32:24.0757 0x044c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:32:24.0773 0x044c Parport - ok
20:32:24.0788 0x044c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:32:24.0788 0x044c partmgr - ok
20:32:24.0804 0x044c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
20:32:24.0819 0x044c PcaSvc - ok
20:32:24.0851 0x044c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:32:24.0851 0x044c pci - ok
20:32:24.0866 0x044c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:32:24.0882 0x044c pciide - ok
20:32:24.0897 0x044c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:32:24.0913 0x044c pcmcia - ok
20:32:24.0929 0x044c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:32:24.0944 0x044c pcw - ok
20:32:24.0991 0x044c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:32:25.0022 0x044c PEAUTH - ok
20:32:25.0085 0x044c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:32:25.0100 0x044c PerfHost - ok
20:32:25.0163 0x044c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:32:25.0225 0x044c pla - ok
20:32:25.0272 0x044c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:32:25.0287 0x044c PlugPlay - ok
20:32:25.0303 0x044c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:32:25.0303 0x044c PNRPAutoReg - ok
20:32:25.0319 0x044c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:32:25.0334 0x044c PNRPsvc - ok
20:32:25.0365 0x044c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:32:25.0397 0x044c PolicyAgent - ok
20:32:25.0428 0x044c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:32:25.0459 0x044c Power - ok
20:32:25.0506 0x044c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:32:25.0521 0x044c PptpMiniport - ok
20:32:25.0537 0x044c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:32:25.0537 0x044c Processor - ok
20:32:25.0599 0x044c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
20:32:25.0615 0x044c ProfSvc - ok
20:32:25.0615 0x044c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:32:25.0615 0x044c ProtectedStorage - ok
20:32:25.0677 0x044c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:32:25.0709 0x044c Psched - ok
20:32:25.0771 0x044c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:32:25.0802 0x044c ql2300 - ok
20:32:25.0818 0x044c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:32:25.0833 0x044c ql40xx - ok
20:32:25.0849 0x044c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:32:25.0865 0x044c QWAVE - ok
20:32:25.0880 0x044c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:32:25.0880 0x044c QWAVEdrv - ok
20:32:25.0896 0x044c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:32:25.0911 0x044c RasAcd - ok
20:32:25.0958 0x044c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:32:25.0974 0x044c RasAgileVpn - ok
20:32:25.0989 0x044c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:32:26.0021 0x044c RasAuto - ok
20:32:26.0036 0x044c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:32:26.0052 0x044c Rasl2tp - ok
20:32:26.0083 0x044c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:32:26.0114 0x044c RasMan - ok
20:32:26.0130 0x044c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:32:26.0161 0x044c RasPppoe - ok
20:32:26.0208 0x044c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:32:26.0223 0x044c RasSstp - ok
20:32:26.0239 0x044c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:32:26.0270 0x044c rdbss - ok
20:32:26.0286 0x044c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:32:26.0301 0x044c rdpbus - ok
20:32:26.0317 0x044c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:32:26.0333 0x044c RDPCDD - ok
20:32:26.0348 0x044c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:32:26.0364 0x044c RDPENCDD - ok
20:32:26.0379 0x044c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:32:26.0411 0x044c RDPREFMP - ok
20:32:26.0489 0x044c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:32:26.0504 0x044c RdpVideoMiniport - ok
20:32:26.0520 0x044c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:32:26.0535 0x044c RDPWD - ok
20:32:26.0582 0x044c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:32:26.0598 0x044c rdyboost - ok
20:32:26.0629 0x044c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:32:26.0645 0x044c RemoteAccess - ok
20:32:26.0660 0x044c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:32:26.0691 0x044c RemoteRegistry - ok
20:32:26.0738 0x044c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:32:26.0769 0x044c RpcEptMapper - ok
20:32:26.0801 0x044c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:32:26.0816 0x044c RpcLocator - ok
20:32:26.0847 0x044c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:32:26.0879 0x044c RpcSs - ok
20:32:26.0894 0x044c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:32:26.0910 0x044c rspndr - ok
20:32:26.0988 0x044c [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:32:27.0003 0x044c RTL8167 - ok
20:32:27.0066 0x044c [ E320C0264D48491E7C42F74687C1670A, 2CF24EFC09C780845AE874D35FFA9C1A508C30C4F0EE918ADECBE0462E4FAB0A ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
20:32:27.0097 0x044c RTL8192su - ok
20:32:27.0113 0x044c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
20:32:27.0113 0x044c SamSs - ok
20:32:27.0159 0x044c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:32:27.0159 0x044c sbp2port - ok
20:32:27.0175 0x044c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:32:27.0206 0x044c SCardSvr - ok
20:32:27.0237 0x044c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:32:27.0269 0x044c scfilter - ok
20:32:27.0331 0x044c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:32:27.0378 0x044c Schedule - ok
20:32:27.0393 0x044c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:32:27.0425 0x044c SCPolicySvc - ok
20:32:27.0440 0x044c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:32:27.0456 0x044c SDRSVC - ok
20:32:27.0471 0x044c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:32:27.0503 0x044c secdrv - ok
20:32:27.0534 0x044c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:32:27.0549 0x044c seclogon - ok
20:32:27.0565 0x044c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:32:27.0581 0x044c SENS - ok
20:32:27.0596 0x044c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:32:27.0612 0x044c SensrSvc - ok
20:32:27.0643 0x044c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:32:27.0659 0x044c Serenum - ok
20:32:27.0705 0x044c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:32:27.0721 0x044c Serial - ok
20:32:27.0737 0x044c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:32:27.0737 0x044c sermouse - ok
20:32:27.0768 0x044c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:32:27.0783 0x044c SessionEnv - ok
20:32:27.0815 0x044c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:32:27.0815 0x044c sffdisk - ok
20:32:27.0815 0x044c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:32:27.0830 0x044c sffp_mmc - ok
20:32:27.0846 0x044c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:32:27.0846 0x044c sffp_sd - ok
20:32:27.0861 0x044c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:32:27.0877 0x044c sfloppy - ok
20:32:27.0908 0x044c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:32:27.0939 0x044c SharedAccess - ok
20:32:27.0955 0x044c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:32:27.0986 0x044c ShellHWDetection - ok
20:32:28.0033 0x044c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:32:28.0033 0x044c SiSRaid2 - ok
20:32:28.0064 0x044c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:32:28.0080 0x044c SiSRaid4 - ok
20:32:28.0111 0x044c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:32:28.0142 0x044c Smb - ok
20:32:28.0158 0x044c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:32:28.0173 0x044c SNMPTRAP - ok
20:32:28.0173 0x044c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:32:28.0189 0x044c spldr - ok
20:32:28.0220 0x044c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:32:28.0236 0x044c Spooler - ok
20:32:28.0376 0x044c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:32:28.0485 0x044c sppsvc - ok
20:32:28.0501 0x044c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:32:28.0532 0x044c sppuinotify - ok
20:32:28.0563 0x044c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:32:28.0579 0x044c srv - ok
20:32:28.0610 0x044c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:32:28.0626 0x044c srv2 - ok
20:32:28.0641 0x044c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:32:28.0641 0x044c srvnet - ok
20:32:28.0657 0x044c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:32:28.0688 0x044c SSDPSRV - ok
20:32:28.0704 0x044c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:32:28.0735 0x044c SstpSvc - ok
20:32:28.0844 0x044c [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:32:28.0860 0x044c Steam Client Service - detected UnsignedFile.Multi.Generic ( 1 )
20:32:28.0922 0x044c Steam Client Service ( UnsignedFile.Multi.Generic ) - warning
20:32:28.0922 0x044c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:32:28.0938 0x044c stexstor - ok
20:32:28.0969 0x044c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:32:29.0000 0x044c stisvc - ok
20:32:29.0016 0x044c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:32:29.0031 0x044c swenum - ok
20:32:29.0047 0x044c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:32:29.0094 0x044c swprv - ok
20:32:29.0156 0x044c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:32:29.0219 0x044c SysMain - ok
20:32:29.0219 0x044c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:32:29.0234 0x044c TabletInputService - ok
20:32:29.0250 0x044c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:32:29.0281 0x044c TapiSrv - ok
20:32:29.0297 0x044c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:32:29.0312 0x044c TBS - ok
20:32:29.0406 0x044c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:32:29.0453 0x044c Tcpip - ok
20:32:29.0515 0x044c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:32:29.0562 0x044c TCPIP6 - ok
20:32:29.0577 0x044c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:32:29.0577 0x044c tcpipreg - ok
20:32:29.0609 0x044c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:32:29.0609 0x044c TDPIPE - ok
20:32:29.0640 0x044c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:32:29.0640 0x044c TDTCP - ok
20:32:29.0702 0x044c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:32:29.0702 0x044c tdx - ok
20:32:29.0733 0x044c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:32:29.0733 0x044c TermDD - ok
20:32:29.0765 0x044c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:32:29.0796 0x044c TermService - ok
20:32:29.0796 0x044c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:32:29.0811 0x044c Themes - ok
20:32:29.0827 0x044c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:32:29.0858 0x044c THREADORDER - ok
20:32:29.0874 0x044c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:32:29.0905 0x044c TrkWks - ok
20:32:29.0936 0x044c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:32:29.0967 0x044c TrustedInstaller - ok
20:32:29.0983 0x044c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:32:29.0999 0x044c tssecsrv - ok
20:32:30.0014 0x044c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:32:30.0030 0x044c TsUsbFlt - ok
20:32:30.0077 0x044c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:32:30.0108 0x044c tunnel - ok
20:32:30.0123 0x044c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:32:30.0139 0x044c uagp35 - ok
20:32:30.0170 0x044c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:32:30.0186 0x044c udfs - ok
20:32:30.0217 0x044c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:32:30.0233 0x044c UI0Detect - ok
20:32:30.0248 0x044c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:32:30.0248 0x044c uliagpkx - ok
20:32:30.0279 0x044c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
20:32:30.0295 0x044c umbus - ok
20:32:30.0326 0x044c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:32:30.0326 0x044c UmPass - ok
20:32:30.0357 0x044c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:32:30.0389 0x044c upnphost - ok
20:32:30.0435 0x044c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:32:30.0435 0x044c usbccgp - ok
20:32:30.0482 0x044c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:32:30.0482 0x044c usbcir - ok
20:32:30.0513 0x044c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:32:30.0529 0x044c usbehci - ok
20:32:30.0545 0x044c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:32:30.0560 0x044c usbhub - ok
20:32:30.0576 0x044c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:32:30.0576 0x044c usbohci - ok
20:32:30.0623 0x044c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:32:30.0638 0x044c usbprint - ok
20:32:30.0685 0x044c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
20:32:30.0685 0x044c usbscan - ok
20:32:30.0716 0x044c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:32:30.0732 0x044c USBSTOR - ok
20:32:30.0747 0x044c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:32:30.0747 0x044c usbuhci - ok
20:32:30.0779 0x044c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:32:30.0810 0x044c UxSms - ok
20:32:30.0810 0x044c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
20:32:30.0825 0x044c VaultSvc - ok
20:32:30.0841 0x044c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:32:30.0841 0x044c vdrvroot - ok
20:32:30.0872 0x044c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:32:30.0903 0x044c vds - ok
20:32:30.0935 0x044c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:32:30.0950 0x044c vga - ok
20:32:30.0981 0x044c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:32:31.0013 0x044c VgaSave - ok
20:32:31.0044 0x044c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:32:31.0059 0x044c vhdmp - ok
20:32:31.0091 0x044c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:32:31.0091 0x044c viaide - ok
20:32:31.0106 0x044c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:32:31.0122 0x044c volmgr - ok
20:32:31.0137 0x044c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:32:31.0153 0x044c volmgrx - ok
20:32:31.0184 0x044c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:32:31.0200 0x044c volsnap - ok
20:32:31.0262 0x044c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:32:31.0278 0x044c vsmraid - ok
20:32:31.0403 0x044c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:32:31.0465 0x044c VSS - ok
20:32:31.0496 0x044c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:32:31.0496 0x044c vwifibus - ok
20:32:31.0543 0x044c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:32:31.0559 0x044c vwififlt - ok
20:32:31.0605 0x044c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:32:31.0621 0x044c vwifimp - ok
20:32:31.0621 0x044c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:32:31.0668 0x044c W32Time - ok
20:32:31.0683 0x044c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:32:31.0683 0x044c WacomPen - ok
20:32:31.0746 0x044c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:32:31.0777 0x044c WANARP - ok
20:32:31.0793 0x044c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:32:31.0808 0x044c Wanarpv6 - ok
20:32:31.0871 0x044c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:32:31.0917 0x044c wbengine - ok
20:32:31.0933 0x044c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:32:31.0949 0x044c WbioSrvc - ok
20:32:31.0980 0x044c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:32:31.0995 0x044c wcncsvc - ok
20:32:32.0011 0x044c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:32:32.0027 0x044c WcsPlugInService - ok
20:32:32.0042 0x044c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:32:32.0058 0x044c Wd - ok
20:32:32.0105 0x044c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:32:32.0120 0x044c Wdf01000 - ok
20:32:32.0167 0x044c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:32:32.0183 0x044c WdiServiceHost - ok
20:32:32.0183 0x044c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:32:32.0198 0x044c WdiSystemHost - ok
20:32:32.0229 0x044c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:32:32.0245 0x044c WebClient - ok
20:32:32.0261 0x044c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:32:32.0292 0x044c Wecsvc - ok
20:32:32.0307 0x044c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:32:32.0323 0x044c wercplsupport - ok
20:32:32.0354 0x044c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:32:32.0385 0x044c WerSvc - ok
20:32:32.0401 0x044c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:32:32.0417 0x044c WfpLwf - ok
20:32:32.0448 0x044c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:32:32.0448 0x044c WIMMount - ok
20:32:32.0479 0x044c WinDefend - ok
20:32:32.0479 0x044c WinHttpAutoProxySvc - ok
20:32:32.0541 0x044c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:32:32.0573 0x044c Winmgmt - ok
20:32:32.0651 0x044c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:32:32.0713 0x044c WinRM - ok
20:32:32.0760 0x044c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:32:32.0791 0x044c Wlansvc - ok
20:32:32.0807 0x044c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:32:32.0822 0x044c WmiAcpi - ok
20:32:32.0853 0x044c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:32:32.0853 0x044c wmiApSrv - ok
20:32:32.0869 0x044c WMPNetworkSvc - ok
20:32:32.0869 0x044c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:32:32.0885 0x044c WPCSvc - ok
20:32:32.0916 0x044c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:32:32.0916 0x044c WPDBusEnum - ok
20:32:32.0931 0x044c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:32:32.0947 0x044c ws2ifsl - ok
20:32:32.0963 0x044c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:32:32.0978 0x044c wscsvc - ok
20:32:32.0994 0x044c WSearch - ok
20:32:33.0103 0x044c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
20:32:33.0165 0x044c wuauserv - ok
20:32:33.0197 0x044c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:32:33.0197 0x044c WudfPf - ok
20:32:33.0243 0x044c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:32:33.0259 0x044c WUDFRd - ok
20:32:33.0290 0x044c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:32:33.0306 0x044c wudfsvc - ok
20:32:33.0337 0x044c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:32:33.0353 0x044c WwanSvc - ok
20:32:33.0399 0x044c ================ Scan global ===============================
20:32:33.0415 0x044c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:32:33.0446 0x044c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:32:33.0462 0x044c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:32:33.0493 0x044c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:32:33.0509 0x044c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:32:33.0524 0x044c [ Global ] - ok
20:32:33.0524 0x044c ================ Scan MBR ==================================
20:32:33.0524 0x044c [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
20:32:35.0958 0x044c \Device\Harddisk0\DR0 - ok
20:32:35.0958 0x044c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:32:36.0020 0x044c \Device\Harddisk1\DR1 - ok
20:32:36.0020 0x044c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR6
20:32:36.0098 0x044c \Device\Harddisk4\DR6 - ok
20:32:36.0098 0x044c ================ Scan VBR ==================================
20:32:36.0098 0x044c [ 706EB9583DE3A6D06B3CC99B6382658D ] \Device\Harddisk0\DR0\Partition1
20:32:36.0161 0x044c \Device\Harddisk0\DR0\Partition1 - ok
20:32:36.0161 0x044c [ A978AFB78C77588807680FFB61D7060E ] \Device\Harddisk0\DR0\Partition2
20:32:36.0207 0x044c \Device\Harddisk0\DR0\Partition2 - ok
20:32:36.0207 0x044c [ 340B9D01FA3054790D1EAE649BF985F0 ] \Device\Harddisk0\DR0\Partition3
20:32:36.0207 0x044c \Device\Harddisk0\DR0\Partition3 - ok
20:32:36.0223 0x044c [ 6EC218B6EAD5CFC6E537E72D788AEE84 ] \Device\Harddisk1\DR1\Partition1
20:32:36.0270 0x044c \Device\Harddisk1\DR1\Partition1 - ok
20:32:36.0270 0x044c [ 7D6CCA61F8FF507F533A1284F368C36A ] \Device\Harddisk4\DR6\Partition1
20:32:36.0270 0x044c \Device\Harddisk4\DR6\Partition1 - ok
20:32:36.0270 0x044c ================ Scan generic autorun ======================
20:32:36.0597 0x044c [ EF8152CC98AFB4C40F10C2070C278AFB, E4C16E22E21F68C566A5E6CB7DBA712123F03FDD1DFEE456B3DD8CAFAF65C3EA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:32:36.0925 0x044c RtHDVCpl - ok
20:32:36.0987 0x044c [ D82706D5D38AE989B9173F1314F696C7, 7000FCBD6F90859FC1D44857E8BAEF8055AEBB905C0195A350F86F3EF19133CA ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
20:32:37.0003 0x044c IAStorIcon - ok
20:32:37.0065 0x044c [ 9AC78D384CE632BF4B5C73D5231CE17E, 82E9AC0C9DA7FB7334238AE27E2F7038B16AE9F772E86F61B1042D12CEE1291C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:32:37.0065 0x044c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
20:32:37.0065 0x044c StartCCC ( UnsignedFile.Multi.Generic ) - warning
20:32:37.0143 0x044c [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:32:37.0190 0x044c Adobe ARM - ok
20:32:37.0268 0x044c [ 57B4D34232852BFE4453BE571DF90D21, 3D329499D7BCACAE5F6377F988B90714F5A8301784CDB22D5B54A2266AC50D79 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
20:32:37.0284 0x044c CLMLServer - ok
20:32:37.0315 0x044c [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:32:37.0331 0x044c SunJavaUpdateSched - ok
20:32:37.0362 0x044c [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
20:32:37.0362 0x044c Adobe Reader Speed Launcher - ok
20:32:37.0518 0x044c [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:32:37.0533 0x044c avgnt - ok
20:32:37.0627 0x044c [ BA18CFAB98426BFA6D6EC7E5B1961ED0, 540BF2CFDB099296F2AA24D192EFC5B013C88C0152763454521355ACBB50337D ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
20:32:37.0643 0x044c Avira Systray - ok
20:32:37.0705 0x044c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:32:37.0783 0x044c Sidebar - ok
20:32:37.0814 0x044c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:32:37.0830 0x044c mctadmin - ok
20:32:37.0845 0x044c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:32:37.0892 0x044c Sidebar - ok
20:32:37.0892 0x044c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:32:37.0908 0x044c mctadmin - ok
20:32:38.0064 0x044c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
20:32:38.0095 0x044c Win FW state via NFP2: enabled
20:32:38.0095 0x044c ============================================================
20:32:38.0095 0x044c Scan finished
20:32:38.0095 0x044c ============================================================
20:32:38.0095 0x0700 Detected object count: 2
20:32:38.0095 0x0700 Actual detected object count: 2
20:33:50.0916 0x0700 Steam Client Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:33:50.0916 0x0700 Steam Client Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:33:50.0932 0x0700 StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
20:33:50.0932 0x0700 StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2014.11.18.05
Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 11.0.9600.17501
Matze :: *****-PC [administrator]
01.01.2015 20:39:44
mbar-log-2015-01-01 (20-39-44).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 469491
Time elapsed: 11 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Geändert von hateinprob (01.01.2015 um 20:56 Uhr) |
|
02.01.2015, 13:26
| #4 |
| /// the machine /// TB-Ausbilder | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Hast Du immer noch diese Bluescreens und Safe Mode Fehler? Avast hast du ja deinstalliert?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.01.2015, 18:21
| #5 |
| | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Naja der Bildschirm bleibt beim normalen Boot immer noch einfach schwarz statt mir die Anmeldeoptionen zu zeigen. Im abgesicherten Modus hängt es jetzt nicht mehr bei aswrvrt.sys sondern bei classpnp.sys nach der Avastdesinstallation bevor er dann doch noch in den Safe Mode hochfährt. Bin ja wie gesagt nach der Deinstallation (glaube beim 2ten oder 3ten Neustart) auch einmal im normalen Bootvorgang bis zum anmelden gekommen wo alles funktioniert hat und ich ein neues Antivirenprogramm installiert hab. Aber blieb dann leider bei dem einen mal. Bin echt ratlos. Hab noch mal in die Systemwiederherstellung geschaut und kurz bevor die Probleme auftraten wurde ohne mein Wissen der Treiber "Microsoft-Remotedesktopdienste (Printer) 06/21/2006 6.1.7601.17514" installiert. Könnte der irgendwas damit zu tun haben? Geändert von hateinprob (02.01.2015 um 18:57 Uhr) |
|
02.01.2015, 20:21
| #6 |
| /// the machine /// TB-Ausbilder | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS nee hat damit nix zu tun. Im Safe Mode: 
__________________ --> Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS |
|
02.01.2015, 23:11
| #7 |
| | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Also nachdem ich Step 1 mit dem Strom durchgeführt habe befand ich mich jetzt anscheinend in einer Art Rebootloop. Hatte beim Start die Option zwischen der Starthilfe die nach diversen Überprüfungen wieder im schwarzen Bildschirm endet oder dem Normalstart der eine Konsistenzprüfung nach sich zieht um dann auch in den schwarzen Bildschirm überzugehen. Kommen diese beiden Optionen nicht, kann ich in den abgesicherten Modus wo es wieder bis CLASSPNP.SYS geht bevor er nach wenigen Minuten einfach wieder neu startet. Habe das ganze nun mehrfach ausprobiert wobei bei der letzten Konsistenzprüfung etwas von verwaisten Dateien stand die verschoben/wiederhergestellt werden sollen, was bei den vorherigen nicht kam. Step 2 hatten wir ja schon. Step 3 war ja wieder die Prüfung die schon x-mal gelaufen ist, hab es aber noch mal durchlaufen lassen. Ich kenn mich da zwar nicht aus aber ich habe das Gefühl er löscht immer die selben Daten. Step 4 gab es keine Integritätsverletzungen Reperatur lief meines Erachtens problemlos durch aber beim Neustart wieder schwarzer Bildschirm _Windows_Repair_Log: Code:
ATTFilter Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: *****-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Matze
Current Profile SID: S-1-5-21-245380145-1818160504-329303441-1000
Current Profile Classes: S-1-5-21-245380145-1818160504-329303441-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Matze\AppData\Local
--------------------------------------------------------------------------------
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:04:51
Process Count: 20
Commit Total: 1,36 GB
Commit Limit: 15,98 GB
Commit Peak: 1,38 GB
Handle Count: 4066
Kernel Total: 294,59 MB
Kernel Paged: 231,96 MB
Kernel Non Paged: 62,63 MB
System Cache: 451,70 MB
Thread Count: 224
--------------------------------------------------------------------------------
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7,99 GB
Memory Used: 1,39 GB(17,3329%)
Memory Avail.: 6,61 GB
--------------------------------------------------------------------------------
Cleaning Memory Before Starting Repairs...
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7,99 GB
Memory Used: 1,30 GB(16,2222%)
Memory Avail.: 6,69 GB
--------------------------------------------------------------------------------
Starting Repairs...
Started at (02.01.2015 22:58:52)
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 43
01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (02.01.2015 22:58:53)
Running Repair Under Current User Account
Done (02.01.2015 22:58:56)
01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (02.01.2015 22:58:56)
Running Repair Under System Account
Done (02.01.2015 23:00:55)
01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (02.01.2015 23:00:55)
Running Repair Under System Account
Done (02.01.2015 23:01:29)
03 - Reset Service Permissions
Start (02.01.2015 23:01:29)
Running Repair Under System Account
Done (02.01.2015 23:01:34)
04 - Register System Files
Start (02.01.2015 23:01:35)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:02:06)
05 - Repair WMI
Start (02.01.2015 23:02:06)
Starting Security Center So We Can Export The Security Info.
Exporting Antivirus Info...
Avira Desktop Exported.
Exporting AntiSpyware Info...
Avira Desktop Exported.
Windows Defender Exported.
Exporting 3rd Party Firewall Info...
No Firewall Products Reported.
Running Repair Under Current User Account
Done (02.01.2015 23:06:18)
06 - Repair Windows Firewall
Start (02.01.2015 23:06:18)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:06:37)
07 - Repair Internet Explorer
Start (02.01.2015 23:06:37)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:06:58)
08 - Repair MDAC/MS Jet
Start (02.01.2015 23:06:58)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:07:02)
09 - Repair Hosts File
Start (02.01.2015 23:07:02)
Running Repair Under System Account
Done (02.01.2015 23:07:03)
10 - Remove Policies Set By Infections
Start (02.01.2015 23:07:03)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:07:09)
12 - Repair Icons
Start (02.01.2015 23:07:09)
Running Repair Under Current User Account
Done (02.01.2015 23:07:10)
13 - Repair Winsock & DNS Cache
Start (02.01.2015 23:07:11)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:07:16)
15 - Repair Proxy Settings
Start (02.01.2015 23:07:16)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:07:18)
17 - Repair Windows Updates
Start (02.01.2015 23:07:18)
Running Repair Under Current User Account
Running Repair Under System Account
Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
Done (02.01.2015 23:07:34)
18 - Repair CD/DVD Missing/Not Working
Start (02.01.2015 23:07:34)
iTunes not found, not applying UpperFilters iTunes Reg Key
Done (02.01.2015 23:07:34)
19 - Repair Volume Shadow Copy Service
Start (02.01.2015 23:07:34)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:07:53)
21 - Repair MSI (Windows Installer)
Start (02.01.2015 23:07:53)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:01)
23.01 - Repair bat Association
Start (02.01.2015 23:08:01)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:03)
23.02 - Repair cmd Association
Start (02.01.2015 23:08:03)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:06)
23.03 - Repair com Association
Start (02.01.2015 23:08:06)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:08)
23.04 - Repair Directory Association
Start (02.01.2015 23:08:08)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:10)
23.05 - Repair Drive Association
Start (02.01.2015 23:08:10)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:12)
23.06 - Repair exe Association
Start (02.01.2015 23:08:12)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:14)
23.07 - Repair Folder Association
Start (02.01.2015 23:08:14)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:16)
23.08 - Repair inf Association
Start (02.01.2015 23:08:16)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:18)
23.09 - Repair lnk (Shortcuts) Association
Start (02.01.2015 23:08:18)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:20)
23.10 - Repair msc Association
Start (02.01.2015 23:08:20)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:22)
23.11 - Repair reg Association
Start (02.01.2015 23:08:23)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:25)
23.12 - Repair scr Association
Start (02.01.2015 23:08:25)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:27)
24 - Repair Windows Safe Mode
Start (02.01.2015 23:08:27)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:29)
25 - Repair Print Spooler
Start (02.01.2015 23:08:29)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:32)
26 - Restore Important Windows Services
Start (02.01.2015 23:08:32)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:36)
27 - Set Windows Services To Default Startup
Start (02.01.2015 23:08:36)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:43)
Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1
Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1
Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1
31 - Repair Windows 'New' Submenu
Start (02.01.2015 23:08:43)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.01.2015 23:08:45)
Cleaning up empty logs...
All Selected Repairs Done.
Done at (02.01.2015 23:08:45)
Total Repair Time: 00:09:55
...YOU MUST RESTART YOUR SYSTEM...
Code:
ATTFilter C:\Users\Matze\AppData\Local\iconcache*.db konnte nicht gefunden werden
C:\Users\Matze\AppData\Local\Microsoft\Windows\Explorer\iconcache*.db konnte nicht gefunden werden
Datei wurde gel”scht - C:\Users\Matze\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db
Datei wurde gel”scht - C:\Users\Matze\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db
Datei wurde gel”scht - C:\Users\Matze\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db
Datei wurde gel”scht - C:\Users\Matze\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
Datei wurde gel”scht - C:\Users\Matze\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
Datei wurde gel”scht - C:\Users\Matze\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db
Code:
ATTFilter [SC] ChangeServiceConfig ERFOLG
Windows Installer ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Windows Installer wird gestartet.
Windows Installer wurde erfolgreich gestartet.
[SC] ChangeServiceConfig ERFOLG
Windows Installer wird beendet.
Windows Installer wurde erfolgreich beendet.
Windows Installer wird gestartet.
Windows Installer wurde erfolgreich gestartet.
Code:
ATTFilter Volumeschattenkopie ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Microsoft-Softwareschattenkopie-Anbieter ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Volumeschattenkopie wird beendet.
Volumeschattenkopie wurde erfolgreich beendet.
Microsoft-Softwareschattenkopie-Anbieter wird beendet.
Microsoft-Softwareschattenkopie-Anbieter wurde erfolgreich beendet.
Code:
ATTFilter Windows-Firewall ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Gemeinsame Nutzung der Internetverbindung ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Basisfiltermodul wird beendet.
Basisfiltermodul wurde erfolgreich beendet.
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
Windows-Firewall ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Gemeinsame Nutzung der Internetverbindung ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Basisfiltermodul wird beendet.
Basisfiltermodul wurde erfolgreich beendet.
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
Code:
ATTFilter [SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
Kryptografiedienste wird beendet..
Kryptografiedienste wurde erfolgreich beendet.
Intelligenter Hintergrundbertragungsdienst ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Windows Update ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Windows Modules Installer ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Das System kann die angegebene Datei nicht finden.
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\ReportingEvents.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\AuthCabs\authcab.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\authcab.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltC19A.tmp
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\DataStore.edb
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00168.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00169.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb0016A.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb0016B.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb0016C.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb0016D.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb0016E.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb0016F.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00170.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00171.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00172.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00173.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00174.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00175.log
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edbres00001.jrs
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\DataStore\Logs\edbres00002.jrs
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\Download\66361222178ee236337812e6d54953ef4585a3e3
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\Download\8ac24d353d77703f074bfe80de7163159a52a6dc
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\Download\f26be0915064d3116a97c614e75271bee5879d04
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256.mum
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.320.mum
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256.mum
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320.mum
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256.mum
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320.mum
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\wuident-inner.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\wuident.txt
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\WuPackages.xml
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupHandler.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupV.exe
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\v6-legacy-muredir.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\v6-muredir.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\wuredir.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\v6-win7sp1-wuredir.cab
Datei wurde gel”scht - C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab
Datei wurde gel”scht - C:\Windows\system32\catroot2\dberr.txt
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb.chk
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb004F8.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb004F9.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb004FA.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb004FB.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb004FC.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb004FD.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb004FE.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb004FF.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00500.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00501.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00502.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00503.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00504.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00505.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00506.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00507.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00508.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb00509.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edb0050A.log
Datei wurde gel”scht - C:\Windows\system32\catroot2\edbres00001.jrs
Datei wurde gel”scht - C:\Windows\system32\catroot2\edbres00002.jrs
Datei wurde gel”scht - C:\Windows\system32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
Datei wurde gel”scht - C:\Windows\system32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.0.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.1.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.2.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.3.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.4.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.blf
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{89b1f5ee-8f04-11e4-ba12-cb2c984a8f32}.TxR.0.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{89b1f5ee-8f04-11e4-ba12-cb2c984a8f32}.TxR.1.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{89b1f5ee-8f04-11e4-ba12-cb2c984a8f32}.TxR.2.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\config\txr\{89b1f5ee-8f04-11e4-ba12-cb2c984a8f32}.TxR.blf
C:\Windows\system32\config\txr\{89b1f5ef-8f04-11e4-ba12-cb2c984a8f32}.TM.blf
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Windows\system32\config\txr\{89b1f5ef-8f04-11e4-ba12-cb2c984a8f32}.TMContainer00000000000000000001.regtrans-ms
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Windows\system32\config\txr\{89b1f5ef-8f04-11e4-ba12-cb2c984a8f32}.TMContainer00000000000000000002.regtrans-ms
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{25ec3c3d-6fe8-11e4-b591-6c626d0fc752}.TM.blf
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{25ec3c3d-6fe8-11e4-b591-6c626d0fc752}.TMContainer00000000000000000001.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{25ec3c3d-6fe8-11e4-b591-6c626d0fc752}.TMContainer00000000000000000002.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{846ee3d3-7039-11de-9d20-001d09fa5a1c}.TM.blf
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{846ee3d3-7039-11de-9d20-001d09fa5a1c}.TMContainer00000000000000000001.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{846ee3d3-7039-11de-9d20-001d09fa5a1c}.TMContainer00000000000000000002.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{cc964303-7f89-11e4-95fc-6c626d0fc752}.TM.blf
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{cc964303-7f89-11e4-95fc-6c626d0fc752}.TMContainer00000000000000000001.regtrans-ms
Datei wurde gel”scht - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{cc964303-7f89-11e4-95fc-6c626d0fc752}.TMContainer00000000000000000002.regtrans-ms
C:\Windows\system32\SMI\Store\Machine\*.blf konnte nicht gefunden werden
C:\Windows\system32\SMI\Store\Machine\*.regtrans-ms konnte nicht gefunden werden
[SC] SetServiceObjectSecurity ERFOLG
[SC] SetServiceObjectSecurity ERFOLG
Datei C:\Windows\SysWoW64\catroot2\*.* nicht gefunden
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
Kryptografiedienste wird beendet..
Kryptografiedienste wurde erfolgreich beendet.
Intelligenter Hintergrundbertragungsdienst ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Windows Update ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Windows Modules Installer ist nicht gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 3521 eingeben.
Das System kann die angegebene Datei nicht finden.
C:\ProgramData\Application Data\Microsoft\Network\Downloader\qmgr*.dat konnte nicht gefunden werden
Pfad nicht gefunden - C:\Windows\SoftwareDistribution
Das System kann die angegebene Datei nicht finden.
Das System kann die angegebene Datei nicht finden.
Pfad nicht gefunden - C:\Windows\system32\catroot2
Das System kann die angegebene Datei nicht finden.
Das System kann die angegebene Datei nicht finden.
C:\Windows\system32\config\txr\{89b1f5ef-8f04-11e4-ba12-cb2c984a8f32}.TM.blf
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Windows\system32\config\txr\{89b1f5ef-8f04-11e4-ba12-cb2c984a8f32}.TMContainer00000000000000000001.regtrans-ms
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Windows\system32\config\txr\{89b1f5ef-8f04-11e4-ba12-cb2c984a8f32}.TMContainer00000000000000000002.regtrans-ms
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Datei C:\Windows\system32\SMI\Store\Machine\*.TM* nicht gefunden
Datei C:\Windows\system32\SMI\Store\Machine\*.blf nicht gefunden
Datei C:\Windows\system32\SMI\Store\Machine\*.regtrans-ms nicht gefunden
C:\Windows\system32\SMI\Store\Machine\*.TM* konnte nicht gefunden werden
C:\Windows\system32\SMI\Store\Machine\*.blf konnte nicht gefunden werden
C:\Windows\system32\SMI\Store\Machine\*.regtrans-ms konnte nicht gefunden werden
[SC] SetServiceObjectSecurity ERFOLG
[SC] SetServiceObjectSecurity ERFOLG
Pfad nicht gefunden - C:\Windows\SysWoW64\catroot2
Das System kann die angegebene Datei nicht finden.
Das System kann die angegebene Datei nicht finden.
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
[SC] ChangeServiceConfig ERFOLG
Code:
ATTFilter Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
OK.
Es sind keine vom Benutzer festgelegten Einstellungen zum Zurcksetzen vorhanden.
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
Der folgende Befehl wurde nicht gefunden: int 6to4 reset all.
Es sind keine vom Benutzer festgelegten Einstellungen zum Zurcksetzen vorhanden.
Es sind keine vom Benutzer festgelegten Einstellungen zum Zurcksetzen vorhanden.
Der folgende Befehl wurde nicht gefunden: int isatap reset all.
Fehler beim Zurcksetzen aller TCP-Parameter: global konnte nicht auf ipv4 festgelegt werden.
Das System kann die angegebene Datei nicht finden.
Der folgende Befehl wurde nicht gefunden: int teredo reset all.
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache konnte nicht geleert werden: Beim Ausfhren der Funktion ist ein Fehler aufgetreten.
Windows-IP-Konfiguration
Registrierung von DNS-Eintr„gen ist fehlgeschlagen: Der RPC-Server ist nicht verfgbar.
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
OK.
Es sind keine vom Benutzer festgelegten Einstellungen zum Zurcksetzen vorhanden.
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
Der folgende Befehl wurde nicht gefunden: int 6to4 reset all.
Es sind keine vom Benutzer festgelegten Einstellungen zum Zurcksetzen vorhanden.
Es sind keine vom Benutzer festgelegten Einstellungen zum Zurcksetzen vorhanden.
Der folgende Befehl wurde nicht gefunden: int isatap reset all.
Fehler beim Zurcksetzen aller TCP-Parameter: global konnte nicht auf ipv4 festgelegt werden.
Das System kann die angegebene Datei nicht finden.
Der folgende Befehl wurde nicht gefunden: int teredo reset all.
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache konnte nicht geleert werden: Beim Ausfhren der Funktion ist ein Fehler aufgetreten.
Windows-IP-Konfiguration
Registrierung von DNS-Eintr„gen ist fehlgeschlagen: Der RPC-Server ist nicht verfgbar.
Edit: Repair_WMI ist wirklich zu groß, darf ich das als Anhang posten oder lieber in der Mitte trennen und Doppelpost? Geändert von hateinprob (02.01.2015 um 23:56 Uhr) |
|
03.01.2015, 11:51
| #8 |
| /// the machine /// TB-Ausbilder | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Nee brauch ich nicht unbedingt. Lege bitte mal einen neuen Benutzer mit Adminrechten an und boote in diesen. Dort auch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 13:36
| #9 |
| | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Habe ein Adminkonto angelegt und aus diesem dann einen Neustart gemacht. Die Ladezeit zwischen dem "Windows wird gestartet" und der Anmeldung ist etwas länger aber es funktioniert. Nach der Anmeldung kommt: "Persönliche Einstellungen werden eingerichtet für: Microsoft Windows" und dann bin ich normal eingeloggt, klappt also. Wollte eigentlich noch das Netzwerk checken aber ich kann bei Avira den Echtzeit-Scanner nicht starten und wollte kein Risiko eingehen. Edit: Im Wartungscenter wird angezeigt das Avira und Win Defender "Aus" sind und ich bekomm sie auch nicht eingeschaltet Das Wartungscenter meint auch, dass keine Antivirensoftware auf dem Computer gefunden wurde. Geändert von hateinprob (03.01.2015 um 13:45 Uhr) |
|
03.01.2015, 14:32
| #10 |
| /// the machine /// TB-Ausbilder | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Avira neuinstallieren (oder gleich was anständiges) und dann bitte nochmal in den frischen AdminAccount booten, jetzt wo dieser fertig eingerichtet ist. Dann frische FRST Logs aus diesem neuen Admin Account.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 14:37
| #11 |
| | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Was wäre denn was anständiges? |
|
03.01.2015, 15:50
| #12 |
| /// the machine /// TB-Ausbilder | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Ich empfehle immer Emsisoft, aber eigentlich fast alles ausser Avira und Norton.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 17:26
| #13 |
| | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Alles klar, habe jetzt Emsisoft installiert/geupdated und nen Smart-Scan durchlaufen lassen (keine Befunde) Hier der FRST-Log nach dem Neustart: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 02
Ran by ***** (administrator) on *****-PC on 03-01-2015 17:18:27
Running from C:\Users\*****\Desktop
Loaded Profile: ***** (Available profiles: Matze & Matze_2 & *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-10] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4997872 2014-12-31] (Emsisoft GmbH)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\kcf6xio5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 17:18 - 2015-01-03 17:18 - 00008713 _____ () C:\Users\*****\Desktop\FRST.txt
2015-01-03 17:17 - 2015-01-03 17:17 - 00000000 ____D () C:\Users\*****\Desktop\FRST-OlderVersion
2015-01-03 16:35 - 2015-01-03 16:35 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-01-03 16:10 - 2015-01-03 17:17 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-01-03 16:10 - 2015-01-03 16:10 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-01-03 16:10 - 2015-01-03 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-01-03 16:07 - 2015-01-03 16:07 - 172584304 _____ (Emsisoft Ltd. ) C:\Users\*****\Desktop\EmsisoftAntiMalwareSetup.exe
2015-01-03 14:46 - 2015-01-03 17:17 - 02123776 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2015-01-03 14:43 - 2015-01-03 14:43 - 00000000 ____D () C:\OETemp
2015-01-03 13:34 - 2015-01-03 13:34 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Mozilla
2015-01-03 13:34 - 2015-01-03 13:34 - 00000000 ____D () C:\Users\*****\AppData\Local\Mozilla
2015-01-03 13:33 - 2015-01-03 13:33 - 00058016 _____ () C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-03 13:33 - 2015-01-03 13:33 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Intel Corporation
2015-01-03 13:33 - 2015-01-03 13:33 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ATI
2015-01-03 13:33 - 2015-01-03 13:33 - 00000000 ____D () C:\Users\*****\AppData\Local\ATI
2015-01-03 13:32 - 2015-01-03 13:32 - 00001425 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-03 13:32 - 2015-01-03 13:32 - 00000000 ____D () C:\Users\*****\AppData\Roaming\TP-LINK
2015-01-03 13:32 - 2015-01-03 13:32 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe
2015-01-03 13:32 - 2015-01-03 13:32 - 00000000 ____D () C:\Users\*****\AppData\Local\Power2Go
2015-01-03 13:31 - 2015-01-03 13:31 - 00000000 ____D () C:\Users\*****\AppData\Local\VirtualStore
2015-01-03 13:26 - 2015-01-03 13:32 - 00000000 ____D () C:\Users\*****
2015-01-03 13:26 - 2015-01-03 13:26 - 00000020 ___SH () C:\Users\*****\ntuser.ini
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Vorlagen
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Startmenü
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Netzwerkumgebung
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Lokale Einstellungen
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Eigene Dateien
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Druckumgebung
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Musik
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Bilder
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Verlauf
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Anwendungsdaten
2015-01-03 13:26 - 2015-01-03 13:26 - 00000000 _SHDL () C:\Users\*****\Anwendungsdaten
2015-01-03 13:26 - 2014-11-19 15:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Macromedia
2015-01-03 13:26 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-03 13:26 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-02 22:56 - 2015-01-02 22:56 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-*****S-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-01-02 22:56 - 2015-01-02 22:56 - 00000000 ____D () C:\RegBackup
2015-01-02 21:33 - 2015-01-02 21:33 - 00002163 _____ () C:\Users\Matze\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-01-02 21:33 - 2015-01-02 21:33 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-02 21:33 - 2015-01-02 21:33 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-02 21:28 - 2015-01-02 21:28 - 09817304 _____ () C:\Users\Matze\Desktop\tweaking.com_windows_repair_aio_setup.exe
2015-01-01 20:39 - 2015-01-01 20:52 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-01 20:39 - 2015-01-01 20:39 - 00135384 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-01 20:39 - 2015-01-01 20:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-01 20:36 - 2015-01-01 20:52 - 00000000 ____D () C:\Users\Matze\Desktop\mbar
2015-01-01 20:36 - 2015-01-01 20:36 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-01 20:28 - 2015-01-01 20:28 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Matze\Desktop\tdsskiller.exe
2015-01-01 20:24 - 2015-01-01 20:24 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Matze\Desktop\mbar-1.08.2.1001.exe
2015-01-01 19:29 - 2015-01-01 19:33 - 00000390 _____ () C:\Users\Matze\Desktop\Gmer.txt
2015-01-01 19:18 - 2015-01-01 19:18 - 00021975 _____ () C:\Users\Matze\Desktop\Addition.txt
2015-01-01 19:17 - 2015-01-03 17:18 - 00000000 ____D () C:\FRST
2015-01-01 19:17 - 2015-01-01 19:18 - 00043127 _____ () C:\Users\Matze\Desktop\FRST.txt
2015-01-01 19:16 - 2015-01-01 19:16 - 00000472 _____ () C:\Users\Matze\Desktop\defogger_disable.log
2015-01-01 19:16 - 2015-01-01 19:16 - 00000000 _____ () C:\Users\Matze\defogger_reenable
2015-01-01 19:12 - 2015-01-01 19:12 - 02123264 _____ (Farbar) C:\Users\Matze\Desktop\FRST64.exe
2015-01-01 19:12 - 2015-01-01 19:12 - 00380416 _____ () C:\Users\Matze\Desktop\Gmer-19357.exe
2015-01-01 19:11 - 2015-01-01 19:12 - 00050477 _____ () C:\Users\Matze\Desktop\Defogger.exe
2015-01-01 18:14 - 2015-01-01 18:14 - 00000000 ____D () C:\Users\Matze\Documents\Sports Interactive
2015-01-01 18:14 - 2015-01-01 18:14 - 00000000 ____D () C:\Users\Matze\AppData\Local\Sports Interactive
2015-01-01 13:54 - 2015-01-01 13:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-01 13:47 - 2015-01-01 13:47 - 00000000 __SHD () C:\found.001
2015-01-01 13:36 - 2014-12-30 15:42 - 154051656 _____ () C:\Users\Matze\Desktop\avira_free_antivirus468_de.exe
2015-01-01 13:36 - 2014-12-30 10:37 - 05040384 _____ (AVAST Software) C:\Users\Matze\Desktop\avastclear.exe
2014-12-28 20:57 - 2014-12-28 20:57 - 00000000 __SHD () C:\found.000
2014-12-26 09:33 - 2014-12-26 09:33 - 00000197 _____ () C:\Windows\system32\2014-12-26-08-33-14.032-AvastVBoxSVC.exe-2704.log
2014-12-26 01:49 - 2014-12-26 02:03 - 174021065 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.02_changes.rar
2014-12-26 01:21 - 2014-12-26 01:31 - 121677162 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.01_changes.rar
2014-12-26 01:00 - 2014-12-26 01:03 - 42330856 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part16.rar
2014-12-26 00:18 - 2014-12-26 00:58 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part15.rar
2014-12-25 23:23 - 2014-12-26 00:03 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part14.rar
2014-12-25 22:31 - 2014-12-25 23:11 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part13.rar
2014-12-25 21:35 - 2014-12-25 22:15 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part12.rar
2014-12-25 20:37 - 2014-12-25 21:18 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part11.rar
2014-12-25 19:46 - 2014-12-25 20:26 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part10.rar
2014-12-25 18:58 - 2014-12-25 19:38 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part09.rar
2014-12-25 17:54 - 2014-12-25 18:35 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part08.rar
2014-12-25 16:59 - 2014-12-25 17:39 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part07.rar
2014-12-25 14:22 - 2014-12-25 15:02 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part06.rar
2014-12-25 14:21 - 2014-12-25 14:22 - 01759473 _____ () C:\Users\Matze_2\Downloads\Bundesliga 2.rar
2014-12-25 13:53 - 2014-12-25 13:54 - 02278406 _____ () C:\Users\Matze_2\Downloads\Premier League Standard14-15.rar
2014-12-25 13:47 - 2014-12-25 13:47 - 03572373 _____ () C:\Users\Matze_2\Downloads\Europe Nations Standard14-15.rar
2014-12-25 13:47 - 2014-12-25 13:47 - 00000000 ____D () C:\Users\Matze_2\Desktop\14-15 Bundesliga
2014-12-25 13:40 - 2014-12-25 14:20 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part05.rar
2014-12-25 12:34 - 2014-12-25 13:14 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part04.rar
2014-12-25 12:31 - 2014-12-25 12:32 - 00000197 _____ () C:\Windows\system32\2014-12-25-11-31-47.079-AvastVBoxSVC.exe-3428.log
2014-12-25 03:32 - 2014-12-25 04:12 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part03.rar
2014-12-25 02:00 - 2014-12-25 02:40 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part02.rar
2014-12-25 00:51 - 2014-12-25 01:31 - 490000000 _____ () C:\Users\Matze_2\Downloads\sortitoutsi_cutout_megapack_7.00.part01.rar
2014-12-24 23:15 - 2014-12-25 00:46 - 00000000 ____D () C:\Users\Matze_2\Desktop\PMSC Portrait Facepack 3.00
2014-12-24 22:23 - 2014-12-26 21:23 - 00000000 ____D () C:\Users\Matze_2\Desktop\BU FM15
2014-12-24 21:20 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-24 21:20 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-24 21:20 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-24 21:18 - 2014-12-24 21:32 - 00000000 ____D () C:\Users\Matze_2\Documents\Sports Interactive
2014-12-24 21:18 - 2014-12-24 21:18 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive
2014-12-24 21:18 - 2014-12-24 21:18 - 00000000 ____D () C:\Users\Matze_2\AppData\Local\Sports Interactive
2014-12-24 21:11 - 2014-12-24 21:11 - 00000202 _____ () C:\Users\Matze_2\Desktop\Football Manager 2015.url
2014-12-24 21:11 - 2014-12-24 21:11 - 00000000 ____D () C:\Users\Matze_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-24 20:48 - 2014-12-24 20:48 - 00000516 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-24 20:48 - 2014-12-24 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-24 13:33 - 2014-12-24 14:08 - 422168961 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part08.rar
2014-12-24 12:47 - 2014-12-24 13:29 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part07.rar
2014-12-24 12:47 - 2014-12-24 12:47 - 01233040 _____ () C:\Users\Matze_2\Downloads\MEGAPACK 71 Updates by claassen.rar
2014-12-24 12:03 - 2014-12-24 12:03 - 06765610 _____ () C:\Users\Matze_2\Downloads\14-15 Bundesliga.rar
2014-12-24 11:58 - 2014-12-24 12:40 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part06.rar
2014-12-24 11:52 - 2014-12-24 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-12-24 09:57 - 2014-12-24 09:58 - 00752435 _____ () C:\Users\Matze_2\Downloads\FM15 Real Names Fix Files from sortitoutsi.net v1.1.rar
2014-12-24 09:54 - 2014-12-24 10:36 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part05.rar
2014-12-24 09:53 - 2014-12-24 12:39 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part04.rar
2014-12-24 09:47 - 2014-12-24 09:48 - 00000197 _____ () C:\Windows\system32\2014-12-24-08-47-48.016-AvastVBoxSVC.exe-3944.log
2014-12-24 00:10 - 2014-12-24 00:10 - 00388112 _____ () C:\Users\Matze_2\Downloads\fake.lnc-FM15_2.1.zip
2014-12-23 21:57 - 2014-12-23 22:16 - 145300350 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Update 3.03.rar
2014-12-23 21:57 - 2014-12-23 22:02 - 102081868 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Update 3.04.rar
2014-12-23 21:45 - 2014-12-23 21:53 - 153943630 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Update 3.02.rar
2014-12-23 21:34 - 2014-12-24 00:21 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part03.rar
2014-12-23 21:27 - 2014-12-23 21:41 - 301033963 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Update 3.01.rar
2014-12-23 18:29 - 2014-12-23 21:15 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part02.rar
2014-12-23 18:28 - 2014-12-23 21:54 - 99816662 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Facepack 3.00.part2.rar
2014-12-23 15:04 - 2014-12-23 17:29 - 3127771136 _____ () C:\Users\Matze_2\Downloads\PMSC Portrait Facepack 3.00.part1.rar
2014-12-23 15:02 - 2014-12-23 17:49 - 510000000 _____ () C:\Users\Matze_2\Downloads\metallic_logos_fm2015_v1.part01.rar
2014-12-23 14:22 - 2014-12-23 14:23 - 00000197 _____ () C:\Windows\system32\2014-12-23-13-22-55.023-AvastVBoxSVC.exe-3912.log
2014-12-22 09:10 - 2014-12-22 09:10 - 00000197 _____ () C:\Windows\system32\2014-12-22-08-10-27.042-AvastVBoxSVC.exe-2680.log
2014-12-21 14:45 - 2014-12-21 14:46 - 00000197 _____ () C:\Windows\system32\2014-12-21-13-45-47.052-AvastVBoxSVC.exe-3556.log
2014-12-20 23:50 - 2014-12-20 23:51 - 00000197 _____ () C:\Windows\system32\2014-12-20-22-50-43.042-AvastVBoxSVC.exe-3028.log
2014-12-20 13:28 - 2014-12-20 13:29 - 00000197 _____ () C:\Windows\system32\2014-12-20-12-28-42.036-AvastVBoxSVC.exe-2776.log
2014-12-20 02:03 - 2014-12-20 02:03 - 00000197 _____ () C:\Windows\system32\2014-12-20-01-03-07.064-AvastVBoxSVC.exe-2968.log
2014-12-19 11:05 - 2014-12-19 11:06 - 00000197 _____ () C:\Windows\system32\2014-12-19-10-05-22.048-AvastVBoxSVC.exe-2740.log
2014-12-18 10:57 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 10:57 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 10:52 - 2014-12-18 10:52 - 00000197 _____ () C:\Windows\system32\2014-12-18-09-52-26.038-AvastVBoxSVC.exe-2308.log
2014-12-17 10:21 - 2014-12-17 10:21 - 00000197 _____ () C:\Windows\system32\2014-12-17-09-21-13.081-AvastVBoxSVC.exe-2284.log
2014-12-17 02:00 - 2014-12-17 02:00 - 00000247 _____ () C:\Windows\system32\2014-12-17-01-00-45.055-aswFe.exe-5568.log
2014-12-17 01:56 - 2014-12-17 02:00 - 00000247 _____ () C:\Windows\system32\2014-12-17-00-56-10.082-aswFe.exe-10076.log
2014-12-17 01:56 - 2014-12-17 01:56 - 00000197 _____ () C:\Windows\system32\2014-12-17-00-56-05.031-AvastVBoxSVC.exe-8260.log
2014-12-16 12:11 - 2014-12-16 12:11 - 00000197 _____ () C:\Windows\system32\2014-12-16-11-11-03.095-AvastVBoxSVC.exe-2932.log
2014-12-15 12:00 - 2014-12-15 12:00 - 00000000 ____D () C:\Users\Matze\Documents\Stalker-SHOC
2014-12-15 11:58 - 2014-12-15 11:58 - 00000994 _____ () C:\Users\Public\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.lnk
2014-12-15 11:58 - 2014-12-15 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-12-15 11:22 - 2014-12-15 11:22 - 00000000 ____D () C:\Users\Matze_2\Downloads\stalker_soc_manual
2014-12-15 11:21 - 2014-12-15 11:21 - 01984982 _____ () C:\Users\Matze_2\Downloads\stalker_soc_manual.zip
2014-12-15 11:19 - 2014-12-15 11:48 - 3565193396 _____ () C:\Users\Matze_2\Downloads\setup_stalker_shoc_2.1.0.7.bin
2014-12-15 11:19 - 2014-12-15 11:20 - 30398064 _____ (GOG.com ) C:\Users\Matze_2\Downloads\setup_stalker_shoc_2.1.0.7.exe
2014-12-15 11:03 - 2014-12-15 11:04 - 00000197 _____ () C:\Windows\system32\2014-12-15-10-03-54.081-AvastVBoxSVC.exe-3420.log
2014-12-14 23:58 - 2014-12-14 23:59 - 00000197 _____ () C:\Windows\system32\2014-12-14-22-58-48.094-AvastVBoxSVC.exe-3920.log
2014-12-14 10:02 - 2014-12-14 10:02 - 00000197 _____ () C:\Windows\system32\2014-12-14-09-02-27.071-AvastVBoxSVC.exe-3060.log
2014-12-13 14:25 - 2014-12-13 14:25 - 00000197 _____ () C:\Windows\system32\2014-12-13-13-25-18.061-AvastVBoxSVC.exe-3120.log
2014-12-12 09:17 - 2014-12-12 09:17 - 00000197 _____ () C:\Windows\system32\2014-12-12-08-17-34.072-AvastVBoxSVC.exe-2960.log
2014-12-12 08:58 - 2014-12-12 08:58 - 00000197 _____ () C:\Windows\system32\2014-12-12-07-58-47.019-AvastVBoxSVC.exe-2916.log
2014-12-11 09:29 - 2014-12-11 09:29 - 00000197 _____ () C:\Windows\system32\2014-12-11-08-29-03.022-AvastVBoxSVC.exe-2660.log
2014-12-11 00:56 - 2014-12-11 00:56 - 00000197 _____ () C:\Windows\system32\2014-12-10-23-56-09.036-AvastVBoxSVC.exe-2592.log
2014-12-11 00:51 - 2014-12-11 00:51 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 00:41 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 00:41 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 00:41 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 00:41 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 00:41 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 00:41 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 00:41 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 00:41 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 00:41 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 00:41 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 00:28 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 00:28 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 00:28 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 00:28 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 00:28 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 00:28 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 00:28 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 00:28 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 00:28 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 00:28 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 00:28 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 00:28 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 00:28 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 00:28 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 00:28 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 00:28 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 00:28 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 00:28 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 00:28 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 00:28 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 00:28 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 00:28 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 00:28 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 00:28 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 00:28 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 00:28 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 00:28 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 00:28 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 00:28 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 00:28 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 00:28 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 00:28 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 00:28 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 00:28 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 00:28 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 00:28 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 00:28 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 00:28 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 00:28 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 00:28 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 00:28 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 00:28 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 00:28 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 00:28 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 00:28 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 00:28 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 00:28 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 00:28 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 00:28 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 00:28 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 00:28 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 00:28 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 00:28 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 00:28 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 00:27 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 00:27 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 00:27 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 00:27 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 00:27 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 00:27 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 00:27 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 00:27 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 00:27 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 00:27 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 00:27 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 00:27 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 00:27 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 00:27 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 00:27 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 00:27 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 00:27 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 00:27 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 00:27 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 00:27 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-11 00:19 - 2014-12-11 00:19 - 00000197 _____ () C:\Windows\system32\2014-12-10-23-19-10.049-AvastVBoxSVC.exe-2792.log
2014-12-10 09:26 - 2014-12-10 09:27 - 00000197 _____ () C:\Windows\system32\2014-12-10-08-26-57.047-AvastVBoxSVC.exe-3544.log
2014-12-09 12:27 - 2014-12-09 12:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 10:58 - 2014-12-09 10:59 - 00000197 _____ () C:\Windows\system32\2014-12-09-09-58-58.091-AvastVBoxSVC.exe-3032.log
2014-12-08 08:52 - 2014-12-08 08:52 - 00000197 _____ () C:\Windows\system32\2014-12-08-07-52-26.007-AvastVBoxSVC.exe-1788.log
2014-12-07 06:55 - 2014-12-07 06:55 - 00000197 _____ () C:\Windows\system32\2014-12-07-05-55-34.010-AvastVBoxSVC.exe-2512.log
2014-12-06 07:36 - 2014-12-06 07:37 - 00000197 _____ () C:\Windows\system32\2014-12-06-06-36-54.020-AvastVBoxSVC.exe-2904.log
2014-12-05 07:00 - 2014-12-05 07:00 - 00000197 _____ () C:\Windows\system32\2014-12-05-06-00-44.092-AvastVBoxSVC.exe-3368.log
2014-12-04 06:41 - 2014-12-04 06:42 - 47382624 _____ () C:\Users\Matze_2\Downloads\DepTCJ_PC_Patch_3.0_to_3.1_Multi_Daedalic_Retail.exe
2014-12-04 06:41 - 2014-12-04 06:42 - 21566237 _____ () C:\Users\Matze_2\Downloads\DepTCJ_PC_Patch_3.1_to_3.2_Multi_Daedalic_Retail.exe
2014-12-04 06:18 - 2014-12-04 06:18 - 00001194 _____ () C:\Users\Matze_2\Desktop\Deponia.lnk
2014-12-04 06:17 - 2014-12-04 06:18 - 00000197 _____ () C:\Windows\system32\2014-12-04-05-17-35.055-AvastVBoxSVC.exe-2632.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 17:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-03 17:15 - 2009-07-14 05:51 - 00040428 _____ () C:\Windows\setupact.log
2015-01-03 17:14 - 2014-11-19 13:11 - 01322388 _____ () C:\Windows\WindowsUpdate.log
2015-01-03 16:31 - 2014-11-19 15:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-03 16:09 - 2010-05-12 09:18 - 00685230 _____ () C:\Windows\system32\perfh007.dat
2015-01-03 16:09 - 2010-05-12 09:18 - 00145062 _____ () C:\Windows\system32\perfc007.dat
2015-01-03 16:09 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-03 14:48 - 2009-07-14 05:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-03 14:48 - 2009-07-14 05:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-03 14:43 - 2014-12-03 14:47 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-03 14:40 - 2010-06-02 17:14 - 01584420 _____ () C:\Windows\PFRO.log
2015-01-02 23:10 - 2009-07-14 05:45 - 00267816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-02 23:06 - 2009-07-14 03:34 - 00000439 _____ () C:\Windows\win.ini
2015-01-01 19:16 - 2014-11-19 13:18 - 00000000 ____D () C:\Users\Matze
2015-01-01 16:11 - 2014-11-19 13:19 - 00001425 _____ () C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-01 13:39 - 2014-11-19 16:22 - 00000000 ____D () C:\Users\Matze_2
2014-12-30 10:13 - 2014-11-19 13:20 - 00058016 _____ () C:\Users\Matze\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 03:59 - 2014-11-19 16:22 - 00000000 ____D () C:\Users\Matze_2\AppData\Roaming\TP-LINK
2014-12-29 03:58 - 2009-07-14 08:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-29 03:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-25 12:31 - 2014-11-19 13:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-24 21:20 - 2010-06-01 17:52 - 00114237 _____ () C:\Windows\DirectX.log
2014-12-20 17:40 - 2014-11-20 10:00 - 00000892 _____ () C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
2014-12-17 22:19 - 2014-11-20 11:59 - 00000000 ____D () C:\Users\Matze_2\AppData\Local\The Witcher
2014-12-15 12:01 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-12 11:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 09:14 - 2014-11-19 13:45 - 00000000 ____D () C:\Users\Matze\AppData\Local\Adobe
2014-12-12 09:13 - 2014-11-19 15:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 09:13 - 2014-11-19 15:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 09:13 - 2014-11-19 15:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 00:51 - 2014-11-19 14:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 00:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 00:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 00:44 - 2014-11-19 14:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 00:42 - 2010-06-01 16:50 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 09:23 - 2014-11-19 13:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Matze\AppData\Local\Temp\avgnt.exe
C:\Users\Matze\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Matze_2\AppData\Local\Temp\war3_Install.exe
C:\Users\*****\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 18:38
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-01-2015 02
Ran by ***** at 2015-01-03 17:19:13
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.35 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0935-000001000000}) (Version: 9.35.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{4C5C7B62-C959-5FEB-FAD6-B7A0BE68B868}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
ccc-core-static (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
Deponia - The Complete Journey (HKLM-x32\...\Deponia The Complete Journey) (Version: 3.2 - Daedalic Entertainment)
Deponia – The Puzzle (HKLM-x32\...\Deponia – The Puzzle_is1) (Version: 1.0 - Daedalic Entertainment)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd.)
Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version: - Sports Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.5.1003 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 6.0.0000 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM-x32\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. Shadow of Chernobyl (HKLM-x32\...\1207660573_is1) (Version: 2.1.0.7 - GOG.com)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.4.5.1280 - CD Projekt Red)
TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
17-12-2014 15:08:33 Geplanter Prüfpunkt
18-12-2014 12:56:18 Windows Update
23-12-2014 16:51:29 Windows Update
24-12-2014 11:51:44 Installed 7-Zip 9.35 (x64 edition)
24-12-2014 21:15:41 DirectX wurde installiert
24-12-2014 21:18:58 DirectX wurde installiert
26-12-2014 22:10:17 Windows Update
03-01-2015 14:37:23 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-01-02 23:07 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {4C44D172-ED67-4ADA-853C-DD054ABDDD02} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {BA07F79F-C878-4002-AAFB-2C3D03CD1B9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-11-19 14:09 - 2011-11-04 08:49 - 00788992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2010-06-01 17:44 - 2010-06-01 17:44 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-11-19 14:09 - 2011-08-25 14:02 - 01425920 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-11-19 14:09 - 2011-03-31 15:36 - 00167424 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-11-19 14:09 - 2011-03-31 15:36 - 00128000 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2014-11-19 14:09 - 2011-03-31 15:36 - 00111616 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2009-11-02 22:20 - 2009-11-02 22:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 22:23 - 2009-11-02 22:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-245380145-1818160504-329303441-500 - Administrator - Disabled)
Gast (S-1-5-21-245380145-1818160504-329303441-501 - Limited - Disabled)
Matze (S-1-5-21-245380145-1818160504-329303441-1000 - Administrator - Enabled) => C:\Users\Matze
Matze_2 (S-1-5-21-245380145-1818160504-329303441-1001 - Limited - Enabled) => C:\Users\Matze_2
***** (S-1-5-21-245380145-1818160504-329303441-1002 - Administrator - Enabled) => C:\Users\*****
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/03/2015 02:30:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/02/2015 11:11:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (01/02/2015 11:11:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (01/02/2015 11:03:41 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\DE-DE\AACLIENT.MFL
Error: (01/02/2015 11:03:28 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF
Error: (01/02/2015 09:31:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow, Avira.OE.WinCore.Interface.IProcessController)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/01/2015 04:11:30 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (1840) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (01/01/2015 04:11:16 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2860) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (12/30/2014 10:11:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -550.
Error: (12/29/2014 03:45:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1216.
System errors:
=============
Error: (01/03/2015 05:16:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/03/2015 05:16:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Rapid Storage Technology erreicht.
Error: (01/03/2015 02:41:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (01/03/2015 01:42:51 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%303.
Error: (01/03/2015 01:35:16 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%303.
Error: (01/03/2015 01:34:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%303.
Error: (01/03/2015 01:32:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%303.
Error: (01/03/2015 01:31:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Planer" wurde mit folgendem dienstspezifischem Fehler beendet: %%305.
Error: (01/03/2015 01:26:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/03/2015 01:26:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (01/03/2015 02:30:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/02/2015 11:11:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (01/02/2015 11:11:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (01/02/2015 11:03:41 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\DE-DE\AACLIENT.MFL
Error: (01/02/2015 11:03:28 PM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF
Error: (01/02/2015 09:31:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow, Avira.OE.WinCore.Interface.IProcessController)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/01/2015 04:11:30 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail1840WindowsMail0:
Error: (01/01/2015 04:11:16 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail2860WindowsMail0:
Error: (12/30/2014 10:11:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -550
Error: (12/29/2014 03:45:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -1216
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 24%
Total physical RAM: 8183.11 MB
Available physical RAM: 6197.94 MB
Total Pagefile: 16364.41 MB
Available Pagefile: 14230.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:1366.16 GB) (Free:1253.12 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:437.62 GB) NTFS
Drive e: (Recover) (Fixed) (Total:30 GB) (Free:13.89 GB) NTFS
Drive i: (INTENSO USB) (Removable) (Total:3.73 GB) (Free:3.36 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: ACBFBE42)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1366.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 207E8B9E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
==================== End Of Log ============================
 ).Wäre Avast wieder eine Option oder sollte ich nach dem Treiberproblemen mit aswrvrt.sys lieber auf etwas anderes zurückgreifen? Wie siehts mit den anderen Konten aus? Kann man die "retten" oder doch lieber löschen? Ach und aus reiner Neugier - Was war das eigentlich genau jetzt? Hab ich einen Fehler gemacht bzw. hätte man/ich das verhindern können? |
|
03.01.2015, 18:06
| #14 |
| /// the machine /// TB-Ausbilder | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Emsi kostet 11 Cent am Tag  Kannst auch wieder Avast, der Fehler kommt nicht so oft vor. Daten aus dem andern Konto einfach rüberkopieren in das neue Adminkonto, dann das alte löschen. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig  Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 18:28
| #15 |
| | Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS Also schon mal vielen Dank für die Hilfe. Hier das Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-01-2015 02
Ran by ***** at 2015-01-03 18:13:47 Run:1
Running from C:\Users\*****\Desktop
Loaded Profile: ***** (Available profiles: Matze & Matze_2 & *****)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
Emptytemp:
*****************
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => Key deleted successfully.
EmptyTemp: => Removed 530.5 MB temporary data.
The system needed a reboot.
==== End of Fixlog 18:13:51 ====
1.Welche Daten vom alten Adminkonto müssen/sollten rüberkopiert werden? 2.Soll ich das "normale" Konto (also das ohne Adminrechte) auch löschen und durch ein Neues ersetzen? 3.Für den re-enable von Defogger muss ich doch in das alte Adminkonto oder? Geht das problemlos? Am besten im abgesicherten Modus oder? Die restlichen von dir geschriebenen Punkte gehe ich danach natürlich auch noch durch. |
|
| Themen zu Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS |
| antivir, antivirus, avira, bingbar, booten, browser, cursor, fehler, flash player, helper, home, hängen, hängt, maus, mozilla, netzwerk, realtek, registry, scan, security, software, starten, svchost.exe, system, vcredist, werkseinstellungen, windows, windows xp |
Linear-Darstellung
