| |
| |||||||
Log-Analyse und Auswertung: Win7 startet nicht, schwarzer BS, ...Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
21.04.2015, 21:20
| #1 |
 |  Win7 startet nicht, schwarzer BS, ... Hallo, ich habe bereits viel recherchiert, hier und anderswo, nichts passt richtig: Mein PC startet beim ersten Mal meist nicht mehr (kein Mauszeiger, kein Bluescreen), erst beim "Kaltstart". Systemstartreparatur u. Tweaking.com-Windows Repair finden nichts, Windows lässt sich beim zweiten Versuch aber auch normal starten. Eine von zwei externen Festplatten wird nicht erkannt (muss erst aus- und wieder eingesteckt werden) und auch meist nicht mit runtergefahren. Außerdem fährt der PC meist nicht herunter (bleibt bei "Herunterfahren"-Bildschirm hängen). Explorer bleibt oft hängen (keine Rückmeldung), kein Task-beenden möglich. Geräuschmäßig ist alles normal (Festplatte summt leicht, normale Lüftergeräusche), auch HDScan oder so hatte nichts zu beanstanden. Kann mir bitte jemand helfen? Vielen Dank! Ich poste schon mal, was ich habe (defogger ohne Beanstandung, daher kein Logfile): Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2015 Ran by admin (administrator) on ADMIN-PC on 21-04-2015 20:21:40 Running from C:\Users\admin\Downloads Loaded Profiles: admin (Available profiles: admin) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe (Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Program Files\Unlocker\UnlockerAssistant.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (G DATA Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Teruten) C:\Windows\System32\FsUsbExService.Exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (X10) C:\Program Files\Common Files\X10\Common\X10nets.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Tweaking.com) C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\UI0Detect.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\admin\Downloads\FRST (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6695456 2008-12-02] (Realtek Semiconductor) HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2012-05-25] (RealNetworks, Inc.) HKLM\...\Run: [] => [X] HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740888 2013-04-24] (Sony Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.) HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1410344 2007-10-15] (Nero AG) HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\Run: [LaunchList] => C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe [145496 2007-03-21] (Pinnacle Systems) HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\Run: [AutoStartNPSAgent] => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2011-08-13] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.) HKU\S-1-5-21-2768590567-3162752184-885813804-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2010-03-06] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2768590567-3162752184-885813804-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2768590567-3162752184-885813804-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2768590567-3162752184-885813804-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com HKU\S-1-5-21-2768590567-3162752184-885813804-1004\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com SearchScopes: HKLM -> {8A96AF9E-4074-43b7-BEA3-87217BDA7403} URL = hxxp://www.searchqu.com/web?src=ieb&systemid=403&q={searchTerms} SearchScopes: HKU\S-1-5-21-2768590567-3162752184-885813804-1004 -> {64694918-CA94-4B4C-A82B-121E4FB71A37} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms} SearchScopes: HKU\S-1-5-21-2768590567-3162752184-885813804-1004 -> {8A96AF9E-4074-43b7-BEA3-87217BDA7403} URL = hxxp://www.searchqu.com/web?src=ieb&systemid=403&q={searchTerms} SearchScopes: HKU\S-1-5-21-2768590567-3162752184-885813804-1004 -> {F9ADB875-E0A9-43BD-AD13-1974E2A85919} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-25] (RealPlayer) BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation) Toolbar: HKU\S-1-5-21-2768590567-3162752184-885813804-1004 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab Handler: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - No File [] ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ] ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\at5r9ho1.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-05-20] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-05-20] (NVIDIA Corporation) FF Plugin: @protectdisc.com/NPMPDRM -> C:\Program Files\Common Files\mpDRM\NPMPDRM.dll [2010-02-03] ( ) FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-05-25] (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-05-25] (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-25] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-25] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-05-25] (RealPlayer) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2012-05-25] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-10-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-05-25] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012-05-25] (RealPlayer) FF Plugin ProgramFiles/Appdata: C:\Users\admin\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\at5r9ho1.default\searchplugins\icq.xml [2013-01-27] FF Extension: Microsoft .NET Framework Assistant - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\at5r9ho1.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-09-09] FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\at5r9ho1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06] FF Extension: preisspion.de - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\at5r9ho1.default\Extensions\finder@meingutscheincode.de.xpi [2011-06-08] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-11] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-05-02] FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-08-10] FF HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter FF HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin Chrome: ======= CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-21] CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-21] CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-21] CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-21] CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-21] CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-21] CHR Extension: (Bookmark Manager) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-10-21] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20] CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-21] CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-21] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-06] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-09-02] (SUPERAntiSpyware.com) R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2527864 2015-03-04] (G Data Software AG) R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG) R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2876888 2015-04-07] (G Data Software AG) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-08-01] (Freemake) [File not signed] R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-03-31] (Teruten) [File not signed] R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2539560 2015-02-20] (G Data Software AG) R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG) R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation) S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed] R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed] S2 Fun4IM Coordinator; "C:\PROGRA~1\Fun4IM\Bandoo.exe" [X] S3 ServiceLayer; "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH) R2 athsgt; C:\Windows\System32\DRIVERS\athsgt.sys [164992 2010-11-20] () [File not signed] R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed] R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [108032 2015-03-31] (G Data Software AG) R3 GDKBB; C:\Windows\system32\drivers\GDKBB32.sys [24192 2015-03-31] (G Data Software AG) R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt32.sys [20352 2015-03-31] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [161792 2015-03-31] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [73216 2015-03-31] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [53248 2015-04-09] (G Data Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [29528 2014-09-12] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [87040 2015-03-31] (G Data Software AG) R2 limsgt; C:\Windows\System32\DRIVERS\limsgt.sys [12544 2010-11-20] () [File not signed] R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH) R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI) S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation) S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation) R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2003-03-25] (Logitech Inc.) S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [21216 2003-03-25] (Logitech Inc.) S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5728 2003-03-25] (Logitech Inc.) R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [40256 2003-03-25] (Logitech Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\Users\admin\AppData\Local\Temp\catchme.sys [X] S3 gel90xne; \??\C:\Users\admin\AppData\Local\Temp\gel90xne.sys [X] S1 GLogin; No ImagePath S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-21 20:17 - 2015-04-21 20:18 - 01139200 _____ (Farbar) C:\Users\admin\Downloads\FRST (1).exe 2015-04-21 20:15 - 2015-04-21 20:15 - 00050477 _____ () C:\Users\admin\Downloads\Defogger (1).exe 2015-04-19 13:44 - 2015-04-19 14:02 - 00000000 ____D () C:\Users\admin\Documents\Kosovo 1999 2015-04-18 19:04 - 2015-04-18 19:05 - 01079280 _____ (Uniblue Systems Limited ) C:\Users\admin\Downloads\pcmechanicpm.exe 2015-04-15 20:55 - 2015-04-15 20:55 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Windows-7-Home-Premium-(32-bit).dat 2015-04-15 20:55 - 2015-04-15 20:55 - 00000000 ____D () C:\RegBackup 2015-04-15 20:23 - 2015-04-15 20:23 - 00002121 _____ () C:\Users\admin\Desktop\Tweaking.com - Windows Repair.lnk 2015-04-15 20:23 - 2015-04-15 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2015-04-15 20:22 - 2015-04-15 20:22 - 00000000 ____D () C:\Program Files\Tweaking.com 2015-04-15 20:20 - 2015-04-15 20:21 - 12850184 _____ () C:\Users\admin\Downloads\tweaking.com_windows_repair_aio_setup.exe 2015-04-15 20:18 - 2015-04-15 20:19 - 00000000 ____D () C:\Users\admin\Desktop\Tweaking.com - Windows Repair 2015-04-15 20:17 - 2015-04-15 20:17 - 10661081 _____ () C:\Users\admin\Downloads\tweaking.com_windows_repair_aio.zip 2015-04-15 19:45 - 2015-04-15 20:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-04-15 19:41 - 2015-04-15 20:14 - 00000000 ____D () C:\Users\admin\Desktop\mbar 2015-04-15 19:38 - 2015-04-15 19:39 - 16502728 _____ (Malwarebytes Corp.) C:\Users\admin\Downloads\mbar-1.09.1.1004.exe 2015-04-09 23:44 - 2015-04-09 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY 2015-04-07 00:46 - 2015-04-07 00:48 - 00000000 ____D () C:\Users\admin\Documents\Spanien 2015 2015-04-05 00:33 - 2015-04-15 20:12 - 00000000 ___SD () C:\Windows\system32\GWX 2015-03-31 16:58 - 2015-04-09 23:44 - 00001940 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk 2015-03-31 16:58 - 2015-03-31 16:58 - 00024192 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB32.sys 2015-03-31 16:58 - 2015-03-31 16:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_GDKBB32_01007.Wdf 2015-03-22 00:07 - 2015-03-22 00:07 - 19605741 _____ () C:\Users\admin\Downloads\freeticnikkidreamje-wmv-1280-free.wmv 2015-03-22 00:04 - 2015-03-22 00:05 - 25021783 _____ () C:\Users\admin\Downloads\freeorgmorganblanchermx-wmv-1280-free.wmv 2015-03-22 00:02 - 2015-03-22 00:03 - 23493771 _____ () C:\Users\admin\Downloads\freeorgcristincaitlinmx-wmv-1280-free.wmv ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-21 20:21 - 2015-02-02 20:44 - 00026263 _____ () C:\Users\admin\Downloads\FRST.txt 2015-04-21 20:21 - 2015-02-02 20:44 - 00000000 ____D () C:\FRST 2015-04-21 20:16 - 2015-02-02 20:32 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log 2015-04-21 20:10 - 2013-09-14 12:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-21 19:54 - 2010-07-08 13:42 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-21 19:51 - 2010-03-12 18:56 - 00019120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-21 19:51 - 2010-03-12 18:56 - 00019120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-21 19:50 - 2010-03-12 19:57 - 00801964 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-21 19:45 - 2014-08-15 03:33 - 34319113 _____ () C:\Windows\setupact.log 2015-04-21 19:45 - 2010-07-08 13:42 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-21 19:45 - 2009-09-11 10:31 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-21 19:45 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-21 12:34 - 2010-03-12 19:45 - 01784846 _____ () C:\Windows\WindowsUpdate.log 2015-04-19 01:21 - 2014-07-14 23:22 - 00015014 _____ () C:\Users\admin\Desktop\RBCQuiz.odt 2015-04-16 15:30 - 2010-03-13 00:17 - 00146960 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-04-16 15:25 - 2014-08-15 03:31 - 00110476 _____ () C:\Windows\PFRO.log 2015-04-16 15:25 - 2009-07-14 06:33 - 00492272 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-15 22:11 - 2013-08-06 22:54 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-04-15 22:11 - 2013-08-06 22:54 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-04-15 20:12 - 2011-01-16 19:45 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc 2015-04-15 20:12 - 2010-01-13 21:42 - 00000000 ____D () C:\ProgramData\Real 2015-04-15 20:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp 2015-04-15 20:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration 2015-04-15 19:45 - 2014-08-15 00:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-04-15 19:41 - 2014-08-15 00:49 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-04-15 19:14 - 2010-03-12 19:01 - 00000000 ____D () C:\Users\admin 2015-04-09 23:44 - 2014-09-12 20:46 - 00053248 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys 2015-04-09 23:44 - 2014-09-12 20:45 - 00014242 _____ () C:\Windows\DPINST.LOG 2015-04-08 11:34 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-03-31 17:27 - 2014-09-12 20:47 - 00073216 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2015-03-31 17:19 - 2014-05-05 13:41 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2015-03-31 16:58 - 2014-09-12 20:46 - 00020352 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt32.sys 2015-03-31 16:57 - 2014-09-12 20:46 - 00161792 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2015-03-31 16:57 - 2014-09-12 20:46 - 00108032 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2015-03-31 16:57 - 2014-09-12 20:46 - 00087040 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2015-03-31 16:56 - 2014-09-12 20:43 - 00000000 ____D () C:\Program Files\Common Files\G Data ==================== Files in the root of some directories ======= 2011-08-13 20:41 - 2011-08-13 20:39 - 0015832 _____ () C:\Program Files\0x0407.ini 2011-08-13 20:41 - 2011-08-13 20:40 - 0113152 _____ () C:\Program Files\1031.MST 2011-01-15 18:12 - 2011-01-15 18:12 - 0026727 _____ () C:\Program Files\Desktop.zip 2011-08-13 20:41 - 2011-08-13 20:40 - 97979392 _____ () C:\Program Files\Samsung New PC Studio.msi 2011-07-25 12:57 - 2011-07-25 12:58 - 21073936 _____ () C:\Program Files\vlc-1.1.11-win32.exe 2011-08-13 20:46 - 2011-08-13 20:46 - 0002528 _____ () C:\Users\admin\AppData\Roaming\$_hpcst$.hpc 2010-01-16 19:36 - 2010-01-28 04:05 - 0000165 _____ () C:\Users\admin\AppData\Roaming\default.rss 2014-09-12 20:46 - 2014-09-12 20:46 - 0000000 _____ () C:\Users\admin\AppData\Roaming\gdfw.log 2014-09-12 20:46 - 2014-09-12 20:46 - 0000779 _____ () C:\Users\admin\AppData\Roaming\gdscan.log 2004-01-26 17:15 - 2004-01-26 17:15 - 0233472 ____R () C:\Users\admin\AppData\Roaming\MafiaSetup.exe 2014-05-14 19:11 - 2014-08-19 00:11 - 0000094 _____ () C:\Users\admin\AppData\Roaming\WB.CFG 2010-08-27 11:47 - 2011-08-27 17:14 - 0006144 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-07-27 15:37 - 2013-08-01 11:15 - 0007611 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg 2012-02-21 19:36 - 2014-05-13 20:22 - 0017408 _____ () C:\Users\admin\AppData\Local\WebpageIcons.db 2010-05-01 23:53 - 2010-05-01 23:53 - 0000085 ___SH () C:\ProgramData\.zreglib 2010-06-02 06:21 - 2010-06-02 06:21 - 1347354 _____ () C:\ProgramData\Apr2005_d3dx9_25_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1078962 _____ () C:\ProgramData\Apr2005_d3dx9_25_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1397830 _____ () C:\ProgramData\Apr2006_d3dx9_30_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1115221 _____ () C:\ProgramData\Apr2006_d3dx9_30_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0916430 _____ () C:\ProgramData\Apr2006_MDX1_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 4162630 _____ () C:\ProgramData\Apr2006_MDX1_x86_Archive.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0179133 _____ () C:\ProgramData\Apr2006_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0133103 _____ () C:\ProgramData\Apr2006_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0087101 _____ () C:\ProgramData\Apr2006_xinput_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0046010 _____ () C:\ProgramData\Apr2006_xinput_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0698612 _____ () C:\ProgramData\APR2007_d3dx10_33_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0695865 _____ () C:\ProgramData\APR2007_d3dx10_33_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1607358 _____ () C:\ProgramData\APR2007_d3dx9_33_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1606039 _____ () C:\ProgramData\APR2007_d3dx9_33_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0195766 _____ () C:\ProgramData\APR2007_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0151225 _____ () C:\ProgramData\APR2007_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0096817 _____ () C:\ProgramData\APR2007_xinput_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0053302 _____ () C:\ProgramData\APR2007_xinput_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1350542 _____ () C:\ProgramData\Aug2005_d3dx9_27_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1077644 _____ () C:\ProgramData\Aug2005_d3dx9_27_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0182903 _____ () C:\ProgramData\AUG2006_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0137235 _____ () C:\ProgramData\AUG2006_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0087142 _____ () C:\ProgramData\AUG2006_xinput_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0046058 _____ () C:\ProgramData\AUG2006_xinput_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0852286 _____ () C:\ProgramData\AUG2007_d3dx10_35_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0796867 _____ () C:\ProgramData\AUG2007_d3dx10_35_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1800160 _____ () C:\ProgramData\AUG2007_d3dx9_35_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1708152 _____ () C:\ProgramData\AUG2007_d3dx9_35_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0198096 _____ () C:\ProgramData\AUG2007_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0153012 _____ () C:\ProgramData\AUG2007_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0867612 _____ () C:\ProgramData\Aug2008_d3dx10_39_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0849167 _____ () C:\ProgramData\Aug2008_d3dx10_39_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1794084 _____ () C:\ProgramData\Aug2008_d3dx9_39_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 1464672 _____ () C:\ProgramData\Aug2008_d3dx9_39_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0121772 _____ () C:\ProgramData\Aug2008_XACT_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0092996 _____ () C:\ProgramData\Aug2008_XACT_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0271412 _____ () C:\ProgramData\Aug2008_XAudio_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0271038 _____ () C:\ProgramData\Aug2008_XAudio_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0919044 _____ () C:\ProgramData\Aug2009_D3DCompiler_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0900598 _____ () C:\ProgramData\Aug2009_D3DCompiler_42_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 3112111 _____ () C:\ProgramData\Aug2009_d3dcsx_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 3319740 _____ () C:\ProgramData\Aug2009_d3dcsx_42_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0232635 _____ () C:\ProgramData\Aug2009_d3dx10_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0192131 _____ () C:\ProgramData\Aug2009_d3dx10_42_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0136301 _____ () C:\ProgramData\Aug2009_d3dx11_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0105044 _____ () C:\ProgramData\Aug2009_d3dx11_42_x86.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0930116 _____ () C:\ProgramData\Aug2009_d3dx9_42_x64.cab 2010-06-02 06:21 - 2010-06-02 06:21 - 0728456 _____ () C:\ProgramData\Aug2009_d3dx9_42_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0122408 _____ () C:\ProgramData\Aug2009_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093106 _____ () C:\ProgramData\Aug2009_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0273264 _____ () C:\ProgramData\Aug2009_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0272642 _____ () C:\ProgramData\Aug2009_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1357976 _____ () C:\ProgramData\Dec2005_d3dx9_28_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1079456 _____ () C:\ProgramData\Dec2005_d3dx9_28_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0212807 _____ () C:\ProgramData\DEC2006_d3dx10_00_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0191720 _____ () C:\ProgramData\DEC2006_d3dx10_00_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1571154 _____ () C:\ProgramData\DEC2006_d3dx9_32_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1574376 _____ () C:\ProgramData\DEC2006_d3dx9_32_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0192475 _____ () C:\ProgramData\DEC2006_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0145599 _____ () C:\ProgramData\DEC2006_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0089944 _____ (Microsoft Corporation) C:\ProgramData\DSETUP.dll 2010-06-02 06:22 - 2010-06-02 06:22 - 1801048 _____ () C:\ProgramData\dsetup32.dll 2010-06-02 06:22 - 2010-06-02 06:22 - 0042410 _____ () C:\ProgramData\dxdllreg_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0094011 _____ () C:\ProgramData\dxupdate.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1247499 _____ () C:\ProgramData\Feb2005_d3dx9_24_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1013225 _____ () C:\ProgramData\Feb2005_d3dx9_24_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1362796 _____ () C:\ProgramData\Feb2006_d3dx9_29_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1084720 _____ () C:\ProgramData\Feb2006_d3dx9_29_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0178359 _____ () C:\ProgramData\Feb2006_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0132409 _____ () C:\ProgramData\Feb2006_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0194675 _____ () C:\ProgramData\FEB2007_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0147983 _____ () C:\ProgramData\FEB2007_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0054678 _____ () C:\ProgramData\Feb2010_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0020713 _____ () C:\ProgramData\Feb2010_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0122446 _____ () C:\ProgramData\Feb2010_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093180 _____ () C:\ProgramData\Feb2010_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0276960 _____ () C:\ProgramData\Feb2010_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0277191 _____ () C:\ProgramData\Feb2010_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1336002 _____ () C:\ProgramData\Jun2005_d3dx9_26_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1064925 _____ () C:\ProgramData\Jun2005_d3dx9_26_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0180785 _____ () C:\ProgramData\JUN2006_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0133671 _____ () C:\ProgramData\JUN2006_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0699044 _____ () C:\ProgramData\JUN2007_d3dx10_34_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0698472 _____ () C:\ProgramData\JUN2007_d3dx10_34_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1607774 _____ () C:\ProgramData\JUN2007_d3dx9_34_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1607286 _____ () C:\ProgramData\JUN2007_d3dx9_34_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0197122 _____ () C:\ProgramData\JUN2007_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0152909 _____ () C:\ProgramData\JUN2007_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0867828 _____ () C:\ProgramData\JUN2008_d3dx10_38_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0849919 _____ () C:\ProgramData\JUN2008_d3dx10_38_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1792608 _____ () C:\ProgramData\JUN2008_d3dx9_38_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1463878 _____ () C:\ProgramData\JUN2008_d3dx9_38_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0055154 _____ () C:\ProgramData\JUN2008_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0021905 _____ () C:\ProgramData\JUN2008_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0121054 _____ () C:\ProgramData\JUN2008_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093128 _____ () C:\ProgramData\JUN2008_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0269628 _____ () C:\ProgramData\JUN2008_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0269024 _____ () C:\ProgramData\JUN2008_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0944460 _____ () C:\ProgramData\Jun2010_D3DCompiler_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0931471 _____ () C:\ProgramData\Jun2010_D3DCompiler_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0752783 _____ () C:\ProgramData\Jun2010_d3dcsx_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0762188 _____ () C:\ProgramData\Jun2010_d3dcsx_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0235955 _____ () C:\ProgramData\Jun2010_d3dx10_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0197283 _____ () C:\ProgramData\Jun2010_d3dx10_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0138205 _____ () C:\ProgramData\Jun2010_d3dx11_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0109445 _____ () C:\ProgramData\Jun2010_d3dx11_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0937246 _____ () C:\ProgramData\Jun2010_d3dx9_43_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0768036 _____ () C:\ProgramData\Jun2010_d3dx9_43_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0124596 _____ () C:\ProgramData\Jun2010_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093686 _____ () C:\ProgramData\Jun2010_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0277338 _____ () C:\ProgramData\Jun2010_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0278060 _____ () C:\ProgramData\Jun2010_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0844884 _____ () C:\ProgramData\Mar2008_d3dx10_37_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0818260 _____ () C:\ProgramData\Mar2008_d3dx10_37_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1769862 _____ () C:\ProgramData\Mar2008_d3dx9_37_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1443282 _____ () C:\ProgramData\Mar2008_d3dx9_37_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0055058 _____ () C:\ProgramData\Mar2008_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0021867 _____ () C:\ProgramData\Mar2008_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0122336 _____ () C:\ProgramData\Mar2008_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0093734 _____ () C:\ProgramData\Mar2008_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0251194 _____ () C:\ProgramData\Mar2008_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0226250 _____ () C:\ProgramData\Mar2008_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1067160 _____ () C:\ProgramData\Mar2009_d3dx10_41_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1040745 _____ () C:\ProgramData\Mar2009_d3dx10_41_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1973702 _____ () C:\ProgramData\Mar2009_d3dx9_41_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1612446 _____ () C:\ProgramData\Mar2009_d3dx9_41_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0054600 _____ () C:\ProgramData\Mar2009_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0021298 _____ () C:\ProgramData\Mar2009_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0121506 _____ () C:\ProgramData\Mar2009_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0092740 _____ () C:\ProgramData\Mar2009_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0275044 _____ () C:\ProgramData\Mar2009_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0273018 _____ () C:\ProgramData\Mar2009_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0864600 _____ () C:\ProgramData\Nov2007_d3dx10_36_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0803884 _____ () C:\ProgramData\Nov2007_d3dx10_36_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1802058 _____ () C:\ProgramData\Nov2007_d3dx9_36_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1709360 _____ () C:\ProgramData\Nov2007_d3dx9_36_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0046144 _____ () C:\ProgramData\NOV2007_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0018496 _____ () C:\ProgramData\NOV2007_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0196762 _____ () C:\ProgramData\NOV2007_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0148264 _____ () C:\ProgramData\NOV2007_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0994154 _____ () C:\ProgramData\Nov2008_d3dx10_40_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0965421 _____ () C:\ProgramData\Nov2008_d3dx10_40_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1906878 _____ () C:\ProgramData\Nov2008_d3dx9_40_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1550796 _____ () C:\ProgramData\Nov2008_d3dx9_40_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0054522 _____ () C:\ProgramData\Nov2008_X3DAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0021851 _____ () C:\ProgramData\Nov2008_X3DAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0121794 _____ () C:\ProgramData\Nov2008_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0092684 _____ () C:\ProgramData\Nov2008_XACT_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0273960 _____ () C:\ProgramData\Nov2008_XAudio_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0272611 _____ () C:\ProgramData\Nov2008_XAudio_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0086037 _____ () C:\ProgramData\Oct2005_xinput_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0045359 _____ () C:\ProgramData\Oct2005_xinput_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1412902 _____ () C:\ProgramData\OCT2006_d3dx9_31_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 1127217 _____ () C:\ProgramData\OCT2006_d3dx9_31_x86.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0182361 _____ () C:\ProgramData\OCT2006_XACT_x64.cab 2010-06-02 06:22 - 2010-06-02 06:22 - 0138017 _____ () C:\ProgramData\OCT2006_XACT_x86.cab 2010-11-17 00:18 - 2014-11-14 23:21 - 0000024 _____ () C:\ProgramData\__FileUploader.log Files to move or delete: ==================== C:\Users\admin\BootSafe.exe C:\Users\admin\deupx.dll C:\Users\admin\msvcr71.dll C:\Users\admin\SASCore.exe C:\Users\admin\SASCTXMN.DLL C:\Users\admin\SASINST.EXE C:\Users\admin\SASSEH.DLL C:\Users\admin\SASWINLO.DLL C:\Users\admin\SSUpdate.exe C:\Users\admin\SUPERANTISPYWARE.EXE C:\Users\admin\Uninstall.dat C:\ProgramData\DSETUP.dll C:\ProgramData\dsetup32.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-14 20:09 ==================== End Of Log ============================ Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-21 21:31:33
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AACS-00ZUB0 rev.01.01B01 465,76GB
Running: Gmer-19357 (1).exe; Driver: C:\Users\admin\AppData\Local\Temp\pwlorpod.sys
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRequestWaitReplyPort + 1495 8304F9E5 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 83089312 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.vmp2 C:\Windows\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0xA4AA669D]
.text C:\Windows\system32\DRIVERS\athsgt.sys section is writeable [0xA4AAB300, 0x21F20, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\Windows\Explorer.EXE[1804] SHELL32.dll!SHFileOperationW 75CA9708 5 Bytes JMP 10001102 C:\Program Files\Unlocker\UnlockerHook.dll
.text C:\Program Files\Real\RealPlayer\Update\realsched.exe[3268] kernel32.dll!SetUnhandledExceptionFilter 7709F5AB 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@AA7D254B 3172
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0x2E 0xE8 0xE1 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x97 0x20 0x4E 0x9A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0xAA 0x52 0xC6 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
---- EOF - GMER 2.1 ----
|
|
21.04.2015, 22:02
| #2 |
| /// the machine /// TB-Ausbilder    | Win7 startet nicht, schwarzer BS, ... Hi,
__________________Addition.txt fehlt noch 
__________________ |
|
21.04.2015, 22:18
| #3 |
| | Win7 startet nicht, schwarzer BS, ... Additional scan result of Farbar Recovery
__________________Scan Tool (x86) Version: 20-04-2015 Ran by admin at 2015-04-21 23:13:37 Running from C:\Users\admin\Desktop Boot Mode: Normal ========================================== ================ ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: G DATA INTERNET SECURITY (Disabled - Up to date) {545C8713-0744-B079-87F8- 349A6D5C8CF0} AS: G DATA INTERNET SECURITY (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48- 0FE816DBC64D} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44- DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930- C1CA5F20A4B0} FW: G*DATA Personal Firewall (Disabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 2007 Microsoft Office system (HKLM\... \PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation) 7-Zip 4.65 (HKLM\...\7-Zip) (Version: - ) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.) Adobe Flash Player 17 ActiveX (HKLM\... \Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\... \Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Photoshop Elements 2.0 (HKLM\... \Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.) Adobe Reader XI (11.0.10) - Deutsch (HKLM \...\{AC76BA86-7AD7-1031-7B44- AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Alcatraz (HKLM\...\Alcatraz) (Version: 1.3.0.73 - Rondomedia) Amazon Kindle (HKU\S-1-5-21-2768590567- 3162752184-885813804-1004\...\Amazon Kindle) (Version: - Amazon) Amazon MP3-Downloader 1.0.9 (HKLM\... \Amazon MP3-Downloader) (Version: - ) Any Video Converter 3.2.7 (HKLM\...\Any Video Converter_is1) (Version: - Any- Video-Converter.com) Apple Application Support (HKLM\... \{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64 -9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\... \{50BDEE48-814D-C4BF-D9D9-5AFDC6AE5794}) (Version: 3.0.715.0 - ATI Technologies, Inc.) Back to the Future: Ep 1 - It's About Time (HKLM\...\Steam App 31290) (Version: - ) Back to the Future: Ep 2 - Get Tannen! (HKLM\...\Steam App 94500) (Version: - ) Back to the Future: Ep 3 - Citizen Brown (HKLM\...\Steam App 94510) (Version: - ) Back to the Future: Ep 4 - Double Visions (HKLM\...\Steam App 94520) (Version: - ) Back to the Future: Ep 5 - OUTATIME (HKLM \...\Steam App 94530) (Version: - ) Business Contact Manager für Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation) Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden Call of Juarez Gunslinger (HKLM\...\Steam App 204450) (Version: - Techland) CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) CrystalDiskInfo 6.3.0 (HKLM\... \CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Die drei Fragezeichen - Das Quiz (HKLM \... \Die3Fragezeichen.air.E3673E89C7100A8BC0BB F73ECA7ED56FF289B8D3.1) (Version: 4.6 - United Soft Media Verlag GmbH) Die drei Fragezeichen - Das Quiz (Version: 4.6 - United Soft Media Verlag GmbH) Hidden EAX Unified (HKLM\...\EAX Unified) (Version: - ) ElsterFormular (HKLM\...\ElsterFormular 12.4.0.7094p) (Version: 12.4.0.7094p - Landesfinanzdirektion Thüringen) F1 2011 (HKLM\...\GFWL_{434D0FA1-3E0C- 4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters) F1 2011 (Version: 1.0.0000.129 - Codemasters) Hidden F1 2011 (Version: 1.0.0001.129 - Codemasters) Hidden F1 2011 (Version: 1.0.0002.129 - Codemasters) Hidden FeedReader (HKLM\...\FeedReader_is1) (Version: - i-Systems Inc.) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.3.524 - Foxit Corporation) Fraps (HKLM\...\Fraps) (Version: - ) Freemake Video Converter Version 4.0.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation) G DATA INTERNET SECURITY (HKLM\... \{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.4 - G DATA Software AG) G Data InternetSecurity 2012 (HKLM\... \{6006059E-013D-4B77-BC5C-4DD5E4A6570D}) (Version: - ) Goldene Jahre - Der weite Westen (HKLM \...\Goldene Jahre - Der weite Westen) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B- 11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden Grand Prix 4 (HKLM\...\{C7D27207-0F86- 4B6F-859C-21800A2C592E}) (Version: - ) Grand Theft Auto San Andreas (HKLM\... \{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games) HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software) Hotel Gigant 2 (HKLM\...\{83DD8CC8-522E- 4B75-836F-8775FDA4B5AB}) (Version: 1.00 - Nobilis) HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\... \{7FE52176-F151-431E-9FCE-55CEDE7DBDAF}) (Version: 22.0.334.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Hilfe (HKLM \...\{5C90D8CF-F12A-41C6-9007- 3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife) HP Update (HKLM\...\{787D1A33-A97B-4245- 87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard) IL-2 Sturmovik (HKLM\...\IL-2 Sturmovik) (Version: - ) IL-2 Sturmovik: Forgotten Battles (HKLM \...\InstallShield_{8DF712DA-D325-4FD0- 8DE8-E2D78FC3CDC3}) (Version: 1.00.0000 - Ubi Soft) IL-2 Sturmovik: Forgotten Battles (Version: 1.00.0000 - Ubi Soft) Hidden Imagine Picture Viewer (HKLM\... \{F7B16013-896E-41CB-8D8A-AFF1CE38841D}) (Version: 2.2.3 - New Dreams Software) ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden Interaktive Sprachreise - Español Sprachkurs 1 (HKLM\...\ISRS1_15_676867) (Version: - digital publishing AG) Janes Hotel Mania (HKLM\...\Janes Hotel Mania_is1) (Version: - Realore Studios) Java 8 Update 31 (HKLM\...\{26A24AE4- 039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) JavaFX 2.1.1 (HKLM\...\{1111706F-666A- 4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Juliettes Modeimperium (HKLM\...\Juliettes Modeimperium) (Version: - ) L.A. Noire (HKLM\...\{915726DF-7891-444A- AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games) Logitech Gaming Software (HKLM\... \{FAAA508A-05C0-488B-BFC2-F9217E545A81}) (Version: 4.25 - Logitech) Mafia (HKLM\...\Mafia) (Version: - ) Mafia II (HKLM\...\Steam App 50130) (Version: - 2K Czech) MAGIX Foto Manager 2006 (D) (HKLM\... \MAGIX Foto Manager 2006 D) (Version: 3.0.1.84 - MAGIX AG) MAGIX Music Cleaning Lab 2006 deluxe (D) (HKLM\...\MAGIX Music Cleaning Lab 2006 deluxe D) (Version: 7.0.0.0 - MAGIX AG) MAGIX Music Manager (D) (HKLM\...\MAGIX Music Manager D) (Version: 1.1.1.692 - MAGIX AG) Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti- Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Medal of Honor (TM) (HKLM\...\{415030B8- 3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20- CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\... \{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM\... \{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989- 4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE- 0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE- 0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation) Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000- 0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000- 0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55- 48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000- 0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM \...\{F40BBEC7-C2A4-4A00-9B24- 7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM \...\{95140000-007A-0407-0000- 0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Small Business Connectivity Components (HKLM\... \{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C- 4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\... \{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\... \{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf- 51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a- 2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7- 3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78- 3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D- 30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC- 2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6- ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\... \{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78- 074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 32.0.2 (x86 de) (HKLM\... \Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\... \MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB927978) (HKLM\... \{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\... \{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\... \{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 Essentials (HKLM\...\{5BB977A4- E843-4E31-9859-745F442B1031}) (Version: 8.10.284 - Nero AG) OpenAL (HKLM\...\OpenAL) (Version: - ) OpenOffice.org 3.2 (HKLM\...\{2217B0B4- 35CB-48C6-B640-864DF2F30F99}) (Version: 3.2.9483 - OpenOffice.org) Opera 12.16 (HKLM\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA) PC Connectivity Solution (HKLM\... \{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90- A79E-FD14BA3AB01D}) (Version: 1.2.2 - Frank Heindörfer, Philip Chinery) Pinnacle Instant DVD Recorder (HKLM\... \{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}) (Version: 2.00.088 - ) PlayMemories Home (HKLM\...\{0657DE52- 8F5C-4073-B70C-ED4F3F7FA076}) (Version: 7.0.03.04240 - Sony Corporation) ProtectDisc Driver, Version 11 (HKLM\... \ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463 -87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Rapture3D 2.4.9 Game (HKLM\...\{D2FCA41E- AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks) Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA- 06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C- 958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group) Rockstar Games Social Club (HKLM\... \Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games) Royal Envoy 2 (HKLM\...\Royal Envoy 2_is1) (Version: - Playrix Entertainment) Royal Envoy™ (HKLM\...\Royal Envoy™_is1) (Version: - Playrix Entertainment) RTL Winter Sports 2009 (HKLM\...\RTL Winter Sports 2009) (Version: - ) SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - ) Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - ) SAMSUNG Mobile Modem Driver Set (HKLM\... \SAMSUNG Mobile Modem) (Version: - ) Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM \...\SAMSUNG Mobile USB Modem) (Version: - ) Samsung New PC Studio (HKLM\... \InstallShield_{F193FC0E-9E18-40FC-A974- 509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C- 47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Mobile Device Software (HKLM \...\SAMSUNG USB Mobile Device) (Version: - ) SamsungConnectivityCableDriver (HKLM\... \{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Ski Alpin Racing 2007 (HKLM\...\Ski Alpin Racing 2007_0001) (Version: - ) Skype™ 6.20 (HKLM\...\{24991BA0-F0EE- 44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM\... \{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7} _is1) (Version: 2.3.39 - Safer-Networking Ltd.) Steam (HKLM\...\Steam) (Version: - Valve Corporation) Straße des Erfolgs (HKLM\...\Straße des Erfolgs) (Version: - ) StreamTransport version: 1.0.2.2171 (HKLM \...\{FA0BBB87-91A1-4BFD-9005- EB058BBA0E14}_is1) (Version: - ) Studio 11 (HKLM\...\{110B1ADF-2EAE-4E8F- B501-D2A1E6D8ED9D}) (Version: 11.0 - Pinnacle Systems) Studio 11 (Version: 11.0.0.0 - Pinnacle Systems) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703 -46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1118 - SUPERAntiSpyware.com) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden True Crime - Streets of LA (HKLM\... \InstallShield_{1A1FE271-EA21-40E5-90FC- 51A8EFBC0A30}) (Version: 1.00.0000 - Ihr Firmenname) True Crime - Streets of LA (Version: 1.00.0000 - Ihr Firmenname) Hidden Tweaking.com - Windows Repair (HKLM\... \Tweaking.com - Windows Repair) (Version: 3.1.3 - Tweaking.com) ubi.com (HKLM\...\{AEDDF5A3-29CE-11D5- A8C2-000102246AAE}) (Version: - ) Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - ) Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000- 0000-0000000FF1CE}_PROHYBRIDR_{C444285D- 5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016- 0407-0000-0000000FF1CE}_PROHYBRIDR_ {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A- 0407-0000-0000000FF1CE}_PROHYBRIDR_ {F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000- 0018-0407-0000-0000000FF1CE}_PROHYBRIDR_ {EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407- 0000-0000000FF1CE}_PROHYBRIDR_{38472199- D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WinAce Archiver (HKLM\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH) Windows Live Essentials (HKLM\... \WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM \...\{69FDFBB6-351D-4B8C-89D8- 867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\... \3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia) X10 Hardware(TM) (HKLM\...\X10Hardware) (Version: - ) Yahoo! Desktop Login (Version: 1.00.0001 - Pinnacle Systems) Hidden Zattoo Live TV (HKU\S-1-5-21-2768590567- 3162752184-885813804-1004\... \6d7aa3e3bf931c56) (Version: 1.0.0.41 - Zattoo Europa AG) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{078759D3-423B-48AD-AB6A- 5638C2884DBE}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{08244EE6-92F0-47F2-9FC9- 929BAA2E7235}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{0E5AAE11-A475-4C5B-AB00- C66DE400274E}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{1F486A52-3CB1-48FD-8F50- B8DC300D9F9D}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{23170F69-40C1-278A-1000- 000100020000}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{4DB26476-6787-4046-B836- E8412A9E8A27}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{50EF4544-AC9F-4A8E-B21B- 8A26180DB13F}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{56FDF344-FD6D-11D0-958A- 006097C9A090}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{76765B11-3F95-4AF2-AC9D- EA55D8994F1A}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{7B8A2D94-0AC9-11D1-896C- 00C04FB6BFC4}\InprocServer32 -> C: \Windows\system32\urlmon.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{82C588E7-E54B-408C-9F8C- 6AF9ADF6F1E9}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{B056521A-9B10-425E-B616- 1FCD828DB3B1}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{B196B286-BAB4-101A-B69C- 00AA00341D07}\InprocServer32 -> C: \Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{B8967F85-58AE-4F46-9FB2- 5D7904798F4B}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{C90250F3-4D7D-4991-9B69- A5C5BC1C2AE6}\InprocServer32 -> C: \Windows\system32\actxprxy.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{D9144DCD-E998-4ECA-AB6A- DCD83CCBA16D}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{DFFACDC5-679F-4156-8947- C5C76BC0B67F}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2768590567- 3162752184-885813804-1004_Classes\CLSID \{F8383852-FCD3-11D1-A6B9- 006097DF5BD4}\InprocServer32 -> No File Path ==================== Restore Points ========================= 25-12-2014 20:36:47 Geplanter Prüfpunkt 03-01-2015 13:32:50 Geplanter Prüfpunkt 10-01-2015 14:10:01 Geplanter Prüfpunkt 15-01-2015 00:52:07 Windows Update 22-01-2015 20:53:08 Geplanter Prüfpunkt 30-01-2015 00:48:38 Geplanter Prüfpunkt 07-02-2015 19:20:23 Geplanter Prüfpunkt 13-02-2015 00:58:39 Windows Update 13-02-2015 13:24:53 Revo Uninstaller's restore point - Sandboxie 4.14 (32-bit) 14-02-2015 01:46:06 Windows Update 24-02-2015 00:29:13 Geplanter Prüfpunkt 25-02-2015 03:22:17 Windows Update 04-03-2015 19:58:12 Geplanter Prüfpunkt 11-03-2015 04:01:50 Windows Update 18-03-2015 22:14:01 Geplanter Prüfpunkt 28-03-2015 18:03:34 Geplanter Prüfpunkt 04-04-2015 22:05:49 Geplanter Prüfpunkt 05-04-2015 00:32:36 Windows Update 12-04-2015 15:35:04 Geplanter Prüfpunkt 15-04-2015 20:58:07 Tweaking.com - Windows Repair ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2015-04-15 22:28 - 00000855 ____A C:\Windows \system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {078F8A6D-059A-47CE-AC70- 1BA8BB9504A2} - System32\Tasks\{47E43F6A- 1EF4-4BFA-AC28-0C12A479818C} => pcalua.exe -a "C:\Program Files\Adobe \install_flash_player.exe" -d "C:\Program Files\Adobe" Task: {07E5D6D6-04B2-47ED-9034- 9A7CC742BDD4} - System32\Tasks\{16A2C5EF- 3822-458A-98FF-9289487913AE} => C:\Program Files\Sandboxie\Start.exe Task: {15D8824F-C02D-4211-A32A- 08867CAF9013} - System32\Tasks\HP-Online- Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12] (Hewlett-Packard) Task: {1BDEBCE4-072F-4819-9910- 983F9692AA17} - System32\Tasks\Microsoft \Windows\Setup\gwx\runappraiser => C: \Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {39100A38-BA3A-4CA2-8FD0- 271A1D63C760} - System32\Tasks\Microsoft \Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX \GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {42D5DA5E-3F87-4D58-B583- 2B9855DB9BDC} - System32\Tasks\{4882CEED- 6142-4D03-8349-27A15E6ADB3D} => pcalua.exe -a C:\Users\admin\Downloads \nVidiaGrafikkarte270.61.exe -d C:\Users \admin\Downloads Task: {4515B297-194D-45E9-87A4- 8B357FB2D2A4} - System32\Tasks \GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {4934692B-6057-4F9C-B062- 429E404DCECD} - System32\Tasks\{63433939- 81D6-4A7A-850F-97CC6FF702E1} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{73C6DCFB-B606- 47F3-BDFA-9A4FBF931E37}\ICQ7.exe" -c - runfromtemp -l0x0009 -removeonly Task: {561375CB-FF5A-417B-B297- BA73DE149581} - System32\Tasks\Microsoft \Windows\Wired\GatherWiredInfo => C: \Windows\system32\gatherWiredInfo.vbs Task: {566D3E1F-C13B-414C-9DDC- 88B74BE604A5} - System32\Tasks\{AE1F44CB- 5C8E-42AB-9DE5-A9415EA7D9C0} => pcalua.exe -a H:\Setup.exe -d H:\ Task: {5A9F45F7-FD38-4D5E-A593- 6E80F76CA805} - System32\Tasks \GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {5C2CF586-8F9C-4EB6-BFA1- 8177A645247B} - System32\Tasks\{BA328BA1- 92D6-4B8A-A4EC-1CB80417A510} => pcalua.exe -a C:\Users\admin\Downloads \install_flash_player(2).exe -d C:\Users \admin\Downloads Task: {5E2F341A-B757-4692-8281- 62F892475A9E} - System32\Tasks\{FB776386- 124C-427C-A833-A28DE7D13069} => pcalua.exe -a "E:\USB Driver \Samsung_USB_Driver_Installer.exe" -d "E: \USB Driver" Task: {6457DF6B-2942-4999-8192- 61FE2EC17010} - System32\Tasks\Apple \AppleSoftwareUpdate => C:\Program Files \Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {699A4DE5-977B-42F9-9C8B- F7489748C65D} - System32\Tasks\{CC8E2B8A- 2E33-4AE7-8D0E-798B0E0AD283} => pcalua.exe -a "C:\Users\admin\Downloads\eMule \Incoming\kim wilde(2010) lights down low \Setup.exe" -d "C:\Users\admin\Downloads \eMule\Incoming\kim wilde(2010) lights down low" Task: {7B2238E2-3D34-433D-8243- 4A706428345D} - System32\Tasks \Tweaking.com - Windows Repair Tray Icon => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com) Task: {843FA9C9-D37D-45A9-B39E- 355C8A2730C9} - System32\Tasks\Adobe- Online-Aktualisierungsprogramm => C: \Program Files\Common Files\Adobe\ARM \1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {8B169AD9-07A6-484A-8ECE- 3DBCF79B7005} - System32\Tasks\{ABE28145- 4584-4D28-8C7B-9C32A7FB9485} => pcalua.exe -a C:\Users\admin\Downloads \DeepBurner19.exe -d C:\Users\admin \Downloads Task: {8B4CB468-55E7-4BB1-B8EC- A7249DB403A9} - System32\Tasks\{60C1405B- B380-490C-B313-611B5628C9D6} => C:\Program Files\Sandboxie\Start.exe Task: {92DBD3A2-589E-4946-80DB- B76CA27B50E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files \Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {953B1202-1DAD-4C0A-B57C- 65594BDE4038} - System32\Tasks \RealUpgradeLogonTaskS-1-5-21-2768590567- 3162752184-885813804-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.) Task: {9E08B7EE-0B50-443A-94C9- 13B9BFACFC36} - System32\Tasks\{DD6AAEA7- 24DF-47AF-8453-614D29DAE860} => pcalua.exe -a E:\Setup.exe -d E:\ Task: {9F999B29-0970-43B6-A808- EA8B992EC554} - System32\Tasks\{D9B8D5A3- 82B9-42A4-955E-3701ABB2A777} => pcalua.exe -a C:\Users\admin\Desktop\rzr-m2ja.exe -d C:\Users\admin\Desktop Task: {B2096979-9A05-454D-86A9- E850ED779096} - System32\Tasks\{EEB2F0F5- 1B2C-4988-994C-955337EEDA9D} => pcalua.exe -a E:\Setup.exe -d E:\ Task: {BFAFDFA1-EB90-4AE8-A5C9- 4B25AA72977D} - System32\Tasks \RealUpgradeScheduledTaskS-1-5-21- 2768590567-3162752184-885813804-1004 => C:\Program Files\Real\RealUpgrade \RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.) Task: {C34CABE2-E88C-4258-9A57- 7BD659F98AB6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows \system32\Macromed\Flash \FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {C71C176A-4863-4E7A-9D94- BE61120499C3} - System32\Tasks \CCleanerSkipUAC => C:\Program Files \CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) Task: {D21BEE22-B3DA-47DE-9B99- E6C866BE4712} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files\Real\RealPlayer\update \realsched.exe [2012-05-25] (RealNetworks, Inc.) Task: {D27DC37B-3C19-4294-A583- AE0C4A53E815} - System32\Tasks\{F89CA53F- 283A-4380-83A1-145AAFA48B3C} => pcalua.exe -a E:\setup.exe -d E:\ Task: {DC880316-29DA-4E45-A319- 804A0EF2574E} - System32\Tasks\Microsoft \Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03- 25] (Microsoft Corporation) Task: {DF1B9E7F-CDEF-4E74-B7FB- 9C0243D07CC1} - System32\Tasks\{203DEEE4- BCFD-4B22-A513-8FA73CAF2534} => pcalua.exe -a E:\Install.exe -d E:\ Task: {E469BF2C-1CEC-4F94-B9F3- 6F08B2F76067} - System32\Tasks\{2A69430C- E7B2-4D4C-AEDC-043F372B02CC} => pcalua.exe -a C:\Users\admin\Desktop\jre-6u30- windows-i586-iftw.exe -d C:\Users\admin \Desktop Task: {E5150B95-F9B4-4D5D-95A2- 7EC1ACBA95F8} - System32\Tasks\Microsoft \Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs Task: {EA9144F4-1FD6-4FDC-9772- 36C873A17BCB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014- 12-17] (Oracle Corporation) Task: {EC20F91F-9ACB-46D8-8C3D- 2C0959CF8314} - System32\Tasks\Microsoft \Windows\Setup\gwx\refreshgwxconfig => C: \Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {EF506BED-8115-49C3-A58B- 1A2496811E5E} - System32\Tasks\{310F50F3- 6170-4C4B-9137-1F9228396A3D} => pcalua.exe -a C:\Windows\UbiSoft\SetupUbi.exe -d C: \Windows\UbiSoft -c -play IL-2 Sturmovik Task: {FF9890A3-8CDC-45BF-B481- AE039995645D} - System32\Tasks\{DDECEADC- ABC3-49DA-9685-3F1F42BBD5AF} => pcalua.exe -a "C:\Program Files\WinAce\WinAce.exe" -d C:\Users\admin\AppData\Roaming\Microsoft \Windows\Recent -c "C:\Users\admin \Downloads \mafia_2_joes_adventures_plus_11_trainer.z ip" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows \system32\Macromed\Flash \FlashPlayerUpdateService.exe Task: C:\Windows\Tasks \GoogleUpdateTaskMachineCore.job => C: \Program Files\Google\Update \GoogleUpdate.exe Task: C:\Windows\Tasks \GoogleUpdateTaskMachineUA.job => C: \Program Files\Google\Update \GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2012-01-08 00:56 - 2014-05-20 02:04 - 00106840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2011-08-05 14:11 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows \System32\pdfcmnnt.dll 2010-07-04 23:32 - 2010-07-04 23:32 - 00004608 _____ () C:\Program Files \Unlocker\UnlockerHook.dll 2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files \Unlocker\UnlockerCOM.dll 2014-05-05 13:41 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-05-05 13:41 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl 2010-07-04 21:51 - 2010-07-04 21:51 - 00017408 _____ () C:\Program Files \Unlocker\UnlockerAssistant.exe 2014-05-05 13:41 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-05-05 13:41 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll 2014-05-05 13:41 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2015-02-20 05:42 - 2015-02-20 05:42 - 00317560 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData \Temp:063969F8 AlternateDataStreams: C:\ProgramData \Temp:07C99568 AlternateDataStreams: C:\ProgramData \Temp:6E11933F AlternateDataStreams: C:\ProgramData \Temp:8DA9DB01 AlternateDataStreams: C:\ProgramData \Temp:93226FE3 AlternateDataStreams: C:\ProgramData \Temp:9D03192E AlternateDataStreams: C:\ProgramData \Temp:B093E177 AlternateDataStreams: C:\ProgramData \Temp  E4686B2==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) IE restricted site: HKU\.DEFAULT\... \007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\... \008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\... \008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\... \00hq.com -> 00hq.com - Informationen zum Thema 00hq. Diese Website steht zum Verkauf! IE restricted site: HKU\.DEFAULT\... \010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\... \032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\... \0scan.com -> 0scan.com IE restricted site: HKU\.DEFAULT\...\1- 2005-search.com -> 1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1- domains-registrations.com -> www.1- domains-registrations.com IE restricted site: HKU\.DEFAULT\... \1000gratisproben.com -> 1000gratisproben.com - Informationen zum Thema 1000gratisproben. Diese Website steht zum Verkauf! IE restricted site: HKU\.DEFAULT\... \1001namen.com -> AbigailSoap.com | Your Best Source for Knowledge | IE restricted site: HKU\.DEFAULT\... \100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\... \100sexlinks.com -> 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf! IE restricted site: HKU\.DEFAULT\... \10sek.com -> Gadgets And More IE restricted site: HKU\.DEFAULT\...\12- 26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12- 27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\... \123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\... \123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\... \123moviedownload.com -> Watch Movies Online | uMovies Movie2k Online - 123Movies IE restricted site: HKU\.DEFAULT\... \123simsen.com -> Simsen-Testberichte-Projekte There are 7553 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2768590567-3162752184- 885813804-1004\Control Panel\Desktop\ \Wallpaper -> C:\Users\admin\AppData \Roaming\Microsoft\Windows\Themes \TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware \SUPERAntiSpyware.exe ==================== Accounts: ============================= admin (S-1-5-21-2768590567-3162752184- 885813804-1004 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-2768590567- 3162752184-885813804-500 - Administrator - Disabled) Gast (S-1-5-21-2768590567-3162752184- 885813804-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2768590567- 3162752184-885813804-1006 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: USB-Massenspeichergerät Description: USB-Massenspeichergerät Class Guid: {36fc9e60-c465-11cf-8056- 444553540000} Manufacturer: Kompatibles USB- Speichergerät Service: USBSTOR Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/21/2015 08:58:20 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0. Error: (04/21/2015 08:58:19 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Kontext: Anwendung, SystemIndex Katalog Error: (04/21/2015 08:58:19 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Error: (04/21/2015 08:57:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (04/21/2015 08:57:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (04/21/2015 08:57:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (04/21/2015 08:31:05 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Gmer-19357 (1).exe, Version 2.1.19357.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 102c Startzeit: 01d07c6130433bca Endzeit: 0 Anwendungspfad: C:\Users\admin\Downloads \Gmer-19357 (1).exe Berichts-ID: 85bf8c00-e854-11e4-8a58- 001d92eafa6f Error: (04/21/2015 07:46:01 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0. Error: (04/21/2015 07:45:54 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Kontext: Anwendung, SystemIndex Katalog Error: (04/21/2015 07:45:54 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. System errors: ============= Error: (04/21/2015 08:58:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: GLogin Error: (04/21/2015 08:58:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Fun4IM Coordinator" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (04/21/2015 08:58:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (04/21/2015 08:58:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. Error: (04/21/2015 08:57:22 PM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser Konfiguration nicht gestartet zu sein. Error: (04/21/2015 08:57:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 21.04.2015 um 20:53:10 unerwartet heruntergefahren. Error: (04/21/2015 07:46:14 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80070420 Error: (04/21/2015 07:46:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: GLogin Error: (04/21/2015 07:46:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Fun4IM Coordinator" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (04/21/2015 07:45:17 PM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser Konfiguration nicht gestartet zu sein. Microsoft Office Sessions: ========================= Error: (11/03/2011 09:08:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8879 seconds with 60 seconds of active time. This session ended with a crash. Error: (08/05/2011 01:46:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/05/2011 09:50:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/09/2010 10:12:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/05/2010 11:23:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/05/2010 11:22:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/28/2010 05:30:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/17/2010 02:29:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/15/2010 03:59:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/08/2010 03:32:22 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: AMD Phenom(tm) 9500 Quad-Core Processor Percentage of memory in use: 43% Total physical RAM: 3070.18 MB Available physical RAM: 1743.42 MB Total Pagefile: 6138.65 MB Available Pagefile: 4204.95 MB Total Virtual: 2047.88 MB Available Virtual: 1900.86 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:450.06 GB) (Free:50.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVER) (Fixed) (Total:15.67 GB) (Free:2.68 GB) FAT32 Drive g: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:857.37 GB) NTFS ==================== MBR & Partition Table ================== ========================================== ============== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 546D9782) Partition 1: (Not Active) - (Size=15.7 GB) - (Type=OF Extended) Partition 2: (Active) - (Size=450.1 GB) - (Type=07 NTFS) ========================================== ============== Disk: 4 (Size: 1863 GB) (Disk ID: C07EE3B9) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
22.04.2015, 12:02
| #4 |
| /// the machine /// TB-Ausbilder | Win7 startet nicht, schwarzer BS, ... Das kann doch kein Mensch lesen der nicht auf Droge ist Logs in Codetags, und bitte den Zeilenumbruch abschalten bzw. das Log normal in Notepad öffnen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.04.2015, 12:38
| #5 |
| | Win7 startet nicht, schwarzer BS, ... FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-04-2015
Ran by admin at 2015-04-21 23:13:37
Running from C:\Users\admin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA INTERNET SECURITY (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: G*DATA Personal Firewall (Disabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Elements 2.0 (HKLM\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Alcatraz (HKLM\...\Alcatraz) (Version: 1.3.0.73 - Rondomedia)
Amazon Kindle (HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.9 (HKLM\...\Amazon MP3-Downloader) (Version: - )
Any Video Converter 3.2.7 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{50BDEE48-814D-C4BF-D9D9-5AFDC6AE5794}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
Back to the Future: Ep 1 - It's About Time (HKLM\...\Steam App 31290) (Version: - )
Back to the Future: Ep 2 - Get Tannen! (HKLM\...\Steam App 94500) (Version: - )
Back to the Future: Ep 3 - Citizen Brown (HKLM\...\Steam App 94510) (Version: - )
Back to the Future: Ep 4 - Double Visions (HKLM\...\Steam App 94520) (Version: - )
Back to the Future: Ep 5 - OUTATIME (HKLM\...\Steam App 94530) (Version: - )
Business Contact Manager für Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Call of Juarez Gunslinger (HKLM\...\Steam App 204450) (Version: - Techland)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CrystalDiskInfo 6.3.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Die drei Fragezeichen - Das Quiz (HKLM\...\Die3Fragezeichen.air.E3673E89C7100A8BC0BBF73ECA7ED56FF289B8D3.1) (Version: 4.6 - United Soft Media Verlag GmbH)
Die drei Fragezeichen - Das Quiz (Version: 4.6 - United Soft Media Verlag GmbH) Hidden
EAX Unified (HKLM\...\EAX Unified) (Version: - )
ElsterFormular (HKLM\...\ElsterFormular 12.4.0.7094p) (Version: 12.4.0.7094p - Landesfinanzdirektion Thüringen)
F1 2011 (HKLM\...\GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters)
F1 2011 (Version: 1.0.0000.129 - Codemasters) Hidden
F1 2011 (Version: 1.0.0001.129 - Codemasters) Hidden
F1 2011 (Version: 1.0.0002.129 - Codemasters) Hidden
FeedReader (HKLM\...\FeedReader_is1) (Version: - i-Systems Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.3.524 - Foxit Corporation)
Fraps (HKLM\...\Fraps) (Version: - )
Freemake Video Converter Version 4.0.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
G DATA INTERNET SECURITY (HKLM\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.4 - G DATA Software AG)
G Data InternetSecurity 2012 (HKLM\...\{6006059E-013D-4B77-BC5C-4DD5E4A6570D}) (Version: - )
Goldene Jahre - Der weite Westen (HKLM\...\Goldene Jahre - Der weite Westen) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Grand Prix 4 (HKLM\...\{C7D27207-0F86-4B6F-859C-21800A2C592E}) (Version: - )
Grand Theft Auto San Andreas (HKLM\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Hotel Gigant 2 (HKLM\...\{83DD8CC8-522E-4B75-836F-8775FDA4B5AB}) (Version: 1.00 - Nobilis)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{7FE52176-F151-431E-9FCE-55CEDE7DBDAF}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
IL-2 Sturmovik (HKLM\...\IL-2 Sturmovik) (Version: - )
IL-2 Sturmovik: Forgotten Battles (HKLM\...\InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}) (Version: 1.00.0000 - Ubi Soft)
IL-2 Sturmovik: Forgotten Battles (Version: 1.00.0000 - Ubi Soft) Hidden
Imagine Picture Viewer (HKLM\...\{F7B16013-896E-41CB-8D8A-AFF1CE38841D}) (Version: 2.2.3 - New Dreams Software)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Interaktive Sprachreise - Español Sprachkurs 1 (HKLM\...\ISRS1_15_676867) (Version: - digital publishing AG)
Janes Hotel Mania (HKLM\...\Janes Hotel Mania_is1) (Version: - Realore Studios)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Juliettes Modeimperium (HKLM\...\Juliettes Modeimperium) (Version: - )
L.A. Noire (HKLM\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Logitech Gaming Software (HKLM\...\{FAAA508A-05C0-488B-BFC2-F9217E545A81}) (Version: 4.25 - Logitech)
Mafia (HKLM\...\Mafia) (Version: - )
Mafia II (HKLM\...\Steam App 50130) (Version: - 2K Czech)
MAGIX Foto Manager 2006 (D) (HKLM\...\MAGIX Foto Manager 2006 D) (Version: 3.0.1.84 - MAGIX AG)
MAGIX Music Cleaning Lab 2006 deluxe (D) (HKLM\...\MAGIX Music Cleaning Lab 2006 deluxe D) (Version: 7.0.0.0 - MAGIX AG)
MAGIX Music Manager (D) (HKLM\...\MAGIX Music Manager D) (Version: 1.1.1.692 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Medal of Honor (TM) (HKLM\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 32.0.2 (x86 de) (HKLM\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{5BB977A4-E843-4E31-9859-745F442B1031}) (Version: 8.10.284 - Nero AG)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice.org 3.2 (HKLM\...\{2217B0B4-35CB-48C6-B640-864DF2F30F99}) (Version: 3.2.9483 - OpenOffice.org)
Opera 12.16 (HKLM\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.2 - Frank Heindörfer, Philip Chinery)
Pinnacle Instant DVD Recorder (HKLM\...\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}) (Version: 2.00.088 - )
PlayMemories Home (HKLM\...\{0657DE52-8F5C-4073-B70C-ED4F3F7FA076}) (Version: 7.0.03.04240 - Sony Corporation)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapture3D 2.4.9 Game (HKLM\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Rockstar Games Social Club (HKLM\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
Royal Envoy 2 (HKLM\...\Royal Envoy 2_is1) (Version: - Playrix Entertainment)
Royal Envoy™ (HKLM\...\Royal Envoy™_is1) (Version: - Playrix Entertainment)
RTL Winter Sports 2009 (HKLM\...\RTL Winter Sports 2009) (Version: - )
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Ski Alpin Racing 2007 (HKLM\...\Ski Alpin Racing 2007_0001) (Version: - )
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
Straße des Erfolgs (HKLM\...\Straße des Erfolgs) (Version: - )
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Studio 11 (HKLM\...\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}) (Version: 11.0 - Pinnacle Systems)
Studio 11 (Version: 11.0.0.0 - Pinnacle Systems) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1118 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
True Crime - Streets of LA (HKLM\...\InstallShield_{1A1FE271-EA21-40E5-90FC-51A8EFBC0A30}) (Version: 1.00.0000 - Ihr Firmenname)
True Crime - Streets of LA (Version: 1.00.0000 - Ihr Firmenname) Hidden
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 3.1.3 - Tweaking.com)
ubi.com (HKLM\...\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}) (Version: - )
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinAce Archiver (HKLM\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version: - )
Yahoo! Desktop Login (Version: 1.00.0001 - Pinnacle Systems) Hidden
Zattoo Live TV (HKU\S-1-5-21-2768590567-3162752184-885813804-1004\...\6d7aa3e3bf931c56) (Version: 1.0.0.41 - Zattoo Europa AG)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-2768590567-3162752184-885813804-1004_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path
==================== Restore Points =========================
25-12-2014 20:36:47 Geplanter Prüfpunkt
03-01-2015 13:32:50 Geplanter Prüfpunkt
10-01-2015 14:10:01 Geplanter Prüfpunkt
15-01-2015 00:52:07 Windows Update
22-01-2015 20:53:08 Geplanter Prüfpunkt
30-01-2015 00:48:38 Geplanter Prüfpunkt
07-02-2015 19:20:23 Geplanter Prüfpunkt
13-02-2015 00:58:39 Windows Update
13-02-2015 13:24:53 Revo Uninstaller's restore point - Sandboxie 4.14 (32-bit)
14-02-2015 01:46:06 Windows Update
24-02-2015 00:29:13 Geplanter Prüfpunkt
25-02-2015 03:22:17 Windows Update
04-03-2015 19:58:12 Geplanter Prüfpunkt
11-03-2015 04:01:50 Windows Update
18-03-2015 22:14:01 Geplanter Prüfpunkt
28-03-2015 18:03:34 Geplanter Prüfpunkt
04-04-2015 22:05:49 Geplanter Prüfpunkt
05-04-2015 00:32:36 Windows Update
12-04-2015 15:35:04 Geplanter Prüfpunkt
15-04-2015 20:58:07 Tweaking.com - Windows Repair
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2015-04-15 22:28 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {078F8A6D-059A-47CE-AC70-1BA8BB9504A2} - System32\Tasks\{47E43F6A-1EF4-4BFA-AC28-0C12A479818C} => pcalua.exe -a "C:\Program Files\Adobe\install_flash_player.exe" -d "C:\Program Files\Adobe"
Task: {07E5D6D6-04B2-47ED-9034-9A7CC742BDD4} - System32\Tasks\{16A2C5EF-3822-458A-98FF-9289487913AE} => C:\Program Files\Sandboxie\Start.exe
Task: {15D8824F-C02D-4211-A32A-08867CAF9013} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12] (Hewlett-Packard)
Task: {1BDEBCE4-072F-4819-9910-983F9692AA17} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {39100A38-BA3A-4CA2-8FD0-271A1D63C760} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {42D5DA5E-3F87-4D58-B583-2B9855DB9BDC} - System32\Tasks\{4882CEED-6142-4D03-8349-27A15E6ADB3D} => pcalua.exe -a C:\Users\admin\Downloads\nVidiaGrafikkarte270.61.exe -d C:\Users\admin\Downloads
Task: {4515B297-194D-45E9-87A4-8B357FB2D2A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {4934692B-6057-4F9C-B062-429E404DCECD} - System32\Tasks\{63433939-81D6-4A7A-850F-97CC6FF702E1} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {566D3E1F-C13B-414C-9DDC-88B74BE604A5} - System32\Tasks\{AE1F44CB-5C8E-42AB-9DE5-A9415EA7D9C0} => pcalua.exe -a H:\Setup.exe -d H:\
Task: {5A9F45F7-FD38-4D5E-A593-6E80F76CA805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {5C2CF586-8F9C-4EB6-BFA1-8177A645247B} - System32\Tasks\{BA328BA1-92D6-4B8A-A4EC-1CB80417A510} => pcalua.exe -a C:\Users\admin\Downloads\install_flash_player(2).exe -d C:\Users\admin\Downloads
Task: {5E2F341A-B757-4692-8281-62F892475A9E} - System32\Tasks\{FB776386-124C-427C-A833-A28DE7D13069} => pcalua.exe -a "E:\USB Driver\Samsung_USB_Driver_Installer.exe" -d "E:\USB Driver"
Task: {6457DF6B-2942-4999-8192-61FE2EC17010} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {699A4DE5-977B-42F9-9C8B-F7489748C65D} - System32\Tasks\{CC8E2B8A-2E33-4AE7-8D0E-798B0E0AD283} => pcalua.exe -a "C:\Users\admin\Downloads\eMule\Incoming\kim wilde(2010) lights down low\Setup.exe" -d "C:\Users\admin\Downloads\eMule\Incoming\kim wilde(2010) lights down low"
Task: {7B2238E2-3D34-433D-8243-4A706428345D} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {843FA9C9-D37D-45A9-B39E-355C8A2730C9} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8B169AD9-07A6-484A-8ECE-3DBCF79B7005} - System32\Tasks\{ABE28145-4584-4D28-8C7B-9C32A7FB9485} => pcalua.exe -a C:\Users\admin\Downloads\DeepBurner19.exe -d C:\Users\admin\Downloads
Task: {8B4CB468-55E7-4BB1-B8EC-A7249DB403A9} - System32\Tasks\{60C1405B-B380-490C-B313-611B5628C9D6} => C:\Program Files\Sandboxie\Start.exe
Task: {92DBD3A2-589E-4946-80DB-B76CA27B50E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {953B1202-1DAD-4C0A-B57C-65594BDE4038} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2768590567-3162752184-885813804-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {9E08B7EE-0B50-443A-94C9-13B9BFACFC36} - System32\Tasks\{DD6AAEA7-24DF-47AF-8453-614D29DAE860} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {9F999B29-0970-43B6-A808-EA8B992EC554} - System32\Tasks\{D9B8D5A3-82B9-42A4-955E-3701ABB2A777} => pcalua.exe -a C:\Users\admin\Desktop\rzr-m2ja.exe -d C:\Users\admin\Desktop
Task: {B2096979-9A05-454D-86A9-E850ED779096} - System32\Tasks\{EEB2F0F5-1B2C-4988-994C-955337EEDA9D} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {BFAFDFA1-EB90-4AE8-A5C9-4B25AA72977D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2768590567-3162752184-885813804-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {C34CABE2-E88C-4258-9A57-7BD659F98AB6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {C71C176A-4863-4E7A-9D94-BE61120499C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {D21BEE22-B3DA-47DE-9B99-E6C866BE4712} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-05-25] (RealNetworks, Inc.)
Task: {D27DC37B-3C19-4294-A583-AE0C4A53E815} - System32\Tasks\{F89CA53F-283A-4380-83A1-145AAFA48B3C} => pcalua.exe -a E:\setup.exe -d E:\
Task: {DC880316-29DA-4E45-A319-804A0EF2574E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {DF1B9E7F-CDEF-4E74-B7FB-9C0243D07CC1} - System32\Tasks\{203DEEE4-BCFD-4B22-A513-8FA73CAF2534} => pcalua.exe -a E:\Install.exe -d E:\
Task: {E469BF2C-1CEC-4F94-B9F3-6F08B2F76067} - System32\Tasks\{2A69430C-E7B2-4D4C-AEDC-043F372B02CC} => pcalua.exe -a C:\Users\admin\Desktop\jre-6u30-windows-i586-iftw.exe -d C:\Users\admin\Desktop
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {EA9144F4-1FD6-4FDC-9772-36C873A17BCB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {EC20F91F-9ACB-46D8-8C3D-2C0959CF8314} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {EF506BED-8115-49C3-A58B-1A2496811E5E} - System32\Tasks\{310F50F3-6170-4C4B-9137-1F9228396A3D} => pcalua.exe -a C:\Windows\UbiSoft\SetupUbi.exe -d C:\Windows\UbiSoft -c -play IL-2 Sturmovik
Task: {FF9890A3-8CDC-45BF-B481-AE039995645D} - System32\Tasks\{DDECEADC-ABC3-49DA-9685-3F1F42BBD5AF} => pcalua.exe -a "C:\Program Files\WinAce\WinAce.exe" -d C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent -c "C:\Users\admin\Downloads\mafia_2_joes_adventures_plus_11_trainer.zip"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2012-01-08 00:56 - 2014-05-20 02:04 - 00106840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2011-08-05 14:11 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-07-04 23:32 - 2010-07-04 23:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-05-05 13:41 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-05 13:41 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2010-07-04 21:51 - 2010-07-04 21:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2014-05-05 13:41 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-05 13:41 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-05-05 13:41 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-02-20 05:42 - 2015-02-20 05:42 - 00317560 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:063969F8
AlternateDataStreams: C:\ProgramData\Temp:07C99568
AlternateDataStreams: C:\ProgramData\Temp:6E11933F
AlternateDataStreams: C:\ProgramData\Temp:8DA9DB01
AlternateDataStreams: C:\ProgramData\Temp:93226FE3
AlternateDataStreams: C:\ProgramData\Temp:9D03192E
AlternateDataStreams: C:\ProgramData\Temp:B093E177
AlternateDataStreams: C:\ProgramData\Temp:DE4686B2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7553 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2768590567-3162752184-885813804-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Accounts: =============================
admin (S-1-5-21-2768590567-3162752184-885813804-1004 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2768590567-3162752184-885813804-500 - Administrator - Disabled)
Gast (S-1-5-21-2768590567-3162752184-885813804-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2768590567-3162752184-885813804-1006 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/21/2015 08:58:20 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0.
Error: (04/21/2015 08:58:19 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (04/21/2015 08:58:19 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Error: (04/21/2015 08:57:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (04/21/2015 08:57:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (04/21/2015 08:57:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (04/21/2015 08:31:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Gmer-19357 (1).exe, Version 2.1.19357.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 102c
Startzeit: 01d07c6130433bca
Endzeit: 0
Anwendungspfad: C:\Users\admin\Downloads\Gmer-19357 (1).exe
Berichts-ID: 85bf8c00-e854-11e4-8a58-001d92eafa6f
Error: (04/21/2015 07:46:01 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0.
Error: (04/21/2015 07:45:54 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (04/21/2015 07:45:54 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
System errors:
=============
Error: (04/21/2015 08:58:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
GLogin
Error: (04/21/2015 08:58:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Fun4IM Coordinator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/21/2015 08:58:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/21/2015 08:58:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (04/21/2015 08:57:22 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Error: (04/21/2015 08:57:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 21.04.2015 um 20:53:10 unerwartet heruntergefahren.
Error: (04/21/2015 07:46:14 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070420
Error: (04/21/2015 07:46:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
GLogin
Error: (04/21/2015 07:46:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Fun4IM Coordinator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/21/2015 07:45:17 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Microsoft Office Sessions:
=========================
Error: (11/03/2011 09:08:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8879 seconds with 60 seconds of active time. This session ended with a crash.
Error: (08/05/2011 01:46:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/05/2011 09:50:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/09/2010 10:12:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/05/2010 11:23:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/05/2010 11:22:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/28/2010 05:30:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/17/2010 02:29:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/15/2010 03:59:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/08/2010 03:32:22 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: AMD Phenom(tm) 9500 Quad-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 3070.18 MB
Available physical RAM: 1743.42 MB
Total Pagefile: 6138.65 MB
Available Pagefile: 4204.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.86 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:450.06 GB) (Free:50.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:15.67 GB) (Free:2.68 GB) FAT32
Drive g: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:857.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 546D9782)
Partition 1: (Not Active) - (Size=15.7 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=450.1 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 1863 GB) (Disk ID: C07EE3B9)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
23.04.2015, 07:04
| #6 |
| /// the machine /// TB-Ausbilder | Win7 startet nicht, schwarzer BS, ... hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Win7 startet nicht, schwarzer BS, ... |
|
23.04.2015, 12:06
| #7 |
| | Win7 startet nicht, schwarzer BS, ... Hallo, vielen Dank schon mal bis hierhin, es wurde wie immer nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.04.23.03
rootkit: v2015.04.21.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17691
admin :: ADMIN-PC [administrator]
23.04.2015 12:09:43
mbar-log-2015-04-23 (12-09-43).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 337372
Time elapsed: 23 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 12:39:41.0037 0x1910 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:39:43.0568 0x1910 ============================================================
12:39:43.0568 0x1910 Current date / time: 2015/04/23 12:39:43.0568
12:39:43.0568 0x1910 SystemInfo:
12:39:43.0568 0x1910
12:39:43.0568 0x1910 OS Version: 6.1.7601 ServicePack: 1.0
12:39:43.0568 0x1910 Product type: Workstation
12:39:43.0568 0x1910 ComputerName: ADMIN-PC
12:39:43.0568 0x1910 UserName: admin
12:39:43.0568 0x1910 Windows directory: C:\Windows
12:39:43.0568 0x1910 System windows directory: C:\Windows
12:39:43.0568 0x1910 Processor architecture: Intel x86
12:39:43.0568 0x1910 Number of processors: 4
12:39:43.0568 0x1910 Page size: 0x1000
12:39:43.0568 0x1910 Boot type: Normal boot
12:39:43.0568 0x1910 ============================================================
12:39:45.0412 0x1910 KLMD registered as C:\Windows\system32\drivers\08927188.sys
12:39:45.0646 0x1910 System UUID: {0A2A1A09-B686-CDC7-54D7-8E32AF7AB96B}
12:39:46.0177 0x1910 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:39:46.0193 0x1910 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1115800 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:39:46.0255 0x1910 Drive \Device\Harddisk5\DR5 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:39:46.0271 0x1910 ============================================================
12:39:46.0271 0x1910 \Device\Harddisk0\DR0:
12:39:46.0271 0x1910 MBR partitions:
12:39:46.0287 0x1910 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x38424441, BlocksNum 0x1F60800
12:39:46.0287 0x1910 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38421000
12:39:46.0287 0x1910 \Device\Harddisk1\DR1:
12:39:46.0287 0x1910 MBR partitions:
12:39:46.0287 0x1910 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
12:39:46.0287 0x1910 \Device\Harddisk5\DR5:
12:39:46.0302 0x1910 MBR partitions:
12:39:46.0302 0x1910 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
12:39:46.0302 0x1910 ============================================================
12:39:46.0333 0x1910 C: <-> \Device\Harddisk0\DR0\Partition2
12:39:46.0333 0x1910 D: <-> \Device\Harddisk0\DR0\Partition1
12:39:46.0333 0x1910 G: <-> \Device\Harddisk1\DR1\Partition1
12:39:46.0396 0x1910 K: <-> \Device\Harddisk5\DR5\Partition1
12:39:46.0396 0x1910 ============================================================
12:39:46.0396 0x1910 Initialize success
12:39:46.0396 0x1910 ============================================================
12:40:06.0192 0x1868 ============================================================
12:40:06.0192 0x1868 Scan started
12:40:06.0192 0x1868 Mode: Manual; SigCheck; TDLFS;
12:40:06.0192 0x1868 ============================================================
12:40:06.0192 0x1868 KSN ping started
12:40:10.0815 0x1868 KSN ping finished: true
12:40:12.0222 0x1868 ================ Scan system memory ========================
12:40:12.0222 0x1868 System memory - ok
12:40:12.0223 0x1868 ================ Scan services =============================
12:40:12.0369 0x1868 [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
12:40:12.0600 0x1868 !SASCORE - ok
12:40:12.0850 0x1868 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:40:12.0975 0x1868 1394ohci - ok
12:40:13.0038 0x1868 [ E6F53D6C0DEA3D375362265E175CA638, 6C0C25DF28DB250BE3CD3A672AED26C3383F16E91D6FD3D964D15CD80208A8B6 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
12:40:13.0084 0x1868 acedrv11 - ok
12:40:13.0149 0x1868 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:40:13.0180 0x1868 ACPI - ok
12:40:13.0227 0x1868 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:40:13.0336 0x1868 AcpiPmi - ok
12:40:13.0461 0x1868 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:40:13.0493 0x1868 AdobeARMservice - ok
12:40:13.0618 0x1868 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:40:13.0665 0x1868 AdobeFlashPlayerUpdateSvc - ok
12:40:13.0758 0x1868 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:40:13.0805 0x1868 adp94xx - ok
12:40:13.0836 0x1868 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:40:13.0868 0x1868 adpahci - ok
12:40:13.0883 0x1868 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:40:13.0915 0x1868 adpu320 - ok
12:40:13.0961 0x1868 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:40:14.0040 0x1868 AeLookupSvc - ok
12:40:14.0118 0x1868 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
12:40:14.0196 0x1868 AFD - ok
12:40:14.0227 0x1868 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:40:14.0258 0x1868 agp440 - ok
12:40:14.0274 0x1868 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:40:14.0305 0x1868 aic78xx - ok
12:40:14.0321 0x1868 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
12:40:14.0383 0x1868 ALG - ok
12:40:14.0443 0x1868 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
12:40:14.0475 0x1868 aliide - ok
12:40:14.0522 0x1868 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:40:14.0553 0x1868 amdagp - ok
12:40:14.0600 0x1868 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
12:40:14.0616 0x1868 amdide - ok
12:40:14.0647 0x1868 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:40:14.0678 0x1868 AmdK8 - ok
12:40:14.0694 0x1868 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:40:14.0741 0x1868 AmdPPM - ok
12:40:14.0819 0x1868 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:40:14.0850 0x1868 amdsata - ok
12:40:14.0881 0x1868 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:40:14.0913 0x1868 amdsbs - ok
12:40:14.0928 0x1868 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:40:14.0944 0x1868 amdxata - ok
12:40:15.0006 0x1868 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
12:40:15.0084 0x1868 AppID - ok
12:40:15.0115 0x1868 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:40:15.0166 0x1868 AppIDSvc - ok
12:40:15.0251 0x1868 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
12:40:15.0361 0x1868 Appinfo - ok
12:40:15.0446 0x1868 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:40:15.0477 0x1868 arc - ok
12:40:15.0508 0x1868 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:40:15.0571 0x1868 arcsas - ok
12:40:15.0727 0x1868 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:40:15.0774 0x1868 aspnet_state - ok
12:40:15.0821 0x1868 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:40:15.0993 0x1868 AsyncMac - ok
12:40:16.0040 0x1868 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
12:40:16.0055 0x1868 atapi - ok
12:40:16.0102 0x1868 [ 187C905E157D791A3A404EADF8FAE754, E11321ECAD6757B030330FB62D056DC39779AFA4658BBA8CF62AC7682A6353E8 ] athsgt C:\Windows\system32\DRIVERS\athsgt.sys
12:40:16.0149 0x1868 athsgt - detected UnsignedFile.Multi.Generic ( 1 )
12:40:19.0325 0x1868 Detect skipped due to KSN trusted
12:40:19.0325 0x1868 athsgt - ok
12:40:19.0356 0x1868 [ 5A1465AD2E7C1BC39CDA12A355329096, D4739A1D0888B16DC126D6020B422554A739741C2CF8AFB8889FC175A79F9E28 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
12:40:19.0387 0x1868 AtiPcie - ok
12:40:19.0462 0x1868 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:40:19.0541 0x1868 AudioEndpointBuilder - ok
12:40:19.0603 0x1868 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:40:19.0666 0x1868 Audiosrv - ok
12:40:19.0869 0x1868 [ 6CC48A2B2A2A52FACC19259E5B304590, 3010BFD6310EDCEA34BDBFE57E92FE67A3358496F6F694B2A34E393531955621 ] AVKProxy C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
12:40:20.0009 0x1868 AVKProxy - ok
12:40:20.0166 0x1868 [ BCC79D1E0605ABE4B58A9DEE696982A5, 7619EDBB1ABEE4A1B3476D42BCD718876C5BE7F7A4B972414D45F2540F17C665 ] AVKService C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
12:40:20.0233 0x1868 AVKService - ok
12:40:20.0405 0x1868 [ 356CDC46C154922B2D8B9575E368FE72, C936E6D7A062C979D4F72E2D5BC1BC67EFD137E689A4BD79E6FBB2AE44EB20D4 ] AVKWCtl C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
12:40:20.0592 0x1868 AVKWCtl - ok
12:40:20.0655 0x1868 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:40:20.0733 0x1868 AxInstSV - ok
12:40:20.0780 0x1868 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:40:20.0843 0x1868 b06bdrv - ok
12:40:20.0941 0x1868 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:40:20.0984 0x1868 b57nd60x - ok
12:40:21.0109 0x1868 [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
12:40:21.0140 0x1868 BcmSqlStartupSvc - ok
12:40:21.0187 0x1868 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
12:40:21.0281 0x1868 BDESVC - ok
12:40:21.0312 0x1868 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
12:40:21.0390 0x1868 Beep - ok
12:40:21.0500 0x1868 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
12:40:21.0562 0x1868 BFE - ok
12:40:21.0609 0x1868 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
12:40:21.0718 0x1868 BITS - ok
12:40:21.0765 0x1868 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:40:21.0796 0x1868 blbdrive - ok
12:40:21.0828 0x1868 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:40:21.0890 0x1868 bowser - ok
12:40:21.0906 0x1868 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:40:22.0000 0x1868 BrFiltLo - ok
12:40:22.0015 0x1868 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:40:22.0062 0x1868 BrFiltUp - ok
12:40:22.0109 0x1868 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
12:40:22.0203 0x1868 Browser - ok
12:40:22.0265 0x1868 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:40:22.0375 0x1868 Brserid - ok
12:40:22.0406 0x1868 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:40:22.0477 0x1868 BrSerWdm - ok
12:40:22.0508 0x1868 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:40:22.0555 0x1868 BrUsbMdm - ok
12:40:22.0586 0x1868 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:40:22.0633 0x1868 BrUsbSer - ok
12:40:22.0680 0x1868 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:40:22.0758 0x1868 BTHMODEM - ok
12:40:22.0836 0x1868 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
12:40:22.0915 0x1868 bthserv - ok
12:40:23.0055 0x1868 catchme - ok
12:40:23.0086 0x1868 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:40:23.0142 0x1868 cdfs - ok
12:40:23.0237 0x1868 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:40:23.0299 0x1868 cdrom - ok
12:40:23.0331 0x1868 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
12:40:23.0393 0x1868 CertPropSvc - ok
12:40:23.0440 0x1868 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:40:23.0502 0x1868 circlass - ok
12:40:23.0549 0x1868 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
12:40:23.0596 0x1868 CLFS - ok
12:40:23.0659 0x1868 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:40:23.0706 0x1868 clr_optimization_v2.0.50727_32 - ok
12:40:23.0752 0x1868 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:40:23.0799 0x1868 clr_optimization_v4.0.30319_32 - ok
12:40:23.0831 0x1868 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:40:23.0877 0x1868 CmBatt - ok
12:40:23.0924 0x1868 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:40:23.0956 0x1868 cmdide - ok
12:40:24.0018 0x1868 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
12:40:24.0049 0x1868 CNG - ok
12:40:24.0081 0x1868 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:40:24.0096 0x1868 Compbatt - ok
12:40:24.0144 0x1868 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:40:24.0192 0x1868 CompositeBus - ok
12:40:24.0208 0x1868 COMSysApp - ok
12:40:24.0223 0x1868 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:40:24.0239 0x1868 crcdisk - ok
12:40:24.0317 0x1868 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:40:24.0364 0x1868 CryptSvc - ok
12:40:24.0442 0x1868 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
12:40:24.0519 0x1868 DcomLaunch - ok
12:40:24.0582 0x1868 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
12:40:24.0628 0x1868 defragsvc - ok
12:40:24.0675 0x1868 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:40:24.0753 0x1868 DfsC - ok
12:40:24.0832 0x1868 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:40:24.0894 0x1868 Dhcp - ok
12:40:24.0910 0x1868 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
12:40:24.0957 0x1868 discache - ok
12:40:25.0003 0x1868 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:40:25.0019 0x1868 Disk - ok
12:40:25.0066 0x1868 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:40:25.0189 0x1868 Dnscache - ok
12:40:25.0403 0x1868 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
12:40:25.0500 0x1868 dot3svc - ok
12:40:25.0547 0x1868 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
12:40:25.0641 0x1868 DPS - ok
12:40:25.0688 0x1868 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:40:25.0797 0x1868 drmkaud - ok
12:40:25.0875 0x1868 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:40:25.0922 0x1868 DXGKrnl - ok
12:40:25.0969 0x1868 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
12:40:26.0047 0x1868 EapHost - ok
12:40:26.0219 0x1868 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:40:26.0423 0x1868 ebdrv - ok
12:40:26.0470 0x1868 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] EFS C:\Windows\System32\lsass.exe
12:40:26.0564 0x1868 EFS - ok
12:40:26.0642 0x1868 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:40:26.0720 0x1868 ehRecvr - ok
12:40:26.0736 0x1868 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
12:40:26.0814 0x1868 ehSched - ok
12:40:26.0861 0x1868 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:40:26.0908 0x1868 elxstor - ok
12:40:26.0939 0x1868 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:40:26.0986 0x1868 ErrDev - ok
12:40:27.0048 0x1868 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
12:40:27.0147 0x1868 EventSystem - ok
12:40:27.0178 0x1868 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
12:40:27.0252 0x1868 exfat - ok
12:40:27.0284 0x1868 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:40:27.0362 0x1868 fastfat - ok
12:40:27.0440 0x1868 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
12:40:27.0549 0x1868 Fax - ok
12:40:27.0581 0x1868 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:40:27.0643 0x1868 fdc - ok
12:40:27.0706 0x1868 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
12:40:27.0784 0x1868 fdPHost - ok
12:40:27.0815 0x1868 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
12:40:27.0909 0x1868 FDResPub - ok
12:40:27.0940 0x1868 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:40:27.0971 0x1868 FileInfo - ok
12:40:28.0018 0x1868 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:40:28.0096 0x1868 Filetrace - ok
12:40:28.0284 0x1868 [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:40:28.0346 0x1868 FLEXnet Licensing Service - ok
12:40:28.0377 0x1868 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:40:28.0424 0x1868 flpydisk - ok
12:40:28.0456 0x1868 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:40:28.0487 0x1868 FltMgr - ok
12:40:28.0549 0x1868 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
12:40:28.0674 0x1868 FontCache - ok
12:40:28.0752 0x1868 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:40:28.0784 0x1868 FontCache3.0.0.0 - ok
12:40:28.0940 0x1868 [ 5F40D70E8A5626EBB26A9E655779ADCE, D31B76480B2FF244A9ED9A91F3E4CA9AF7B5688A0CDE93661605DA9732583004 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
12:40:28.0987 0x1868 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
12:40:32.0178 0x1868 Detect skipped due to KSN trusted
12:40:32.0178 0x1868 Freemake Improver - ok
12:40:32.0194 0x1868 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:40:32.0225 0x1868 FsDepends - ok
12:40:32.0272 0x1868 [ 790A4CA68F44BE35967B3DF61F3E4675, 7CBC77C620ABA75FEF4BA8AD9C38766D50CD18106EBA4693F162F2C5A7D46AA8 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
12:40:32.0288 0x1868 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
12:40:35.0451 0x1868 Detect skipped due to KSN trusted
12:40:35.0451 0x1868 FsUsbExDisk - ok
12:40:35.0498 0x1868 [ D3F9205CC4CB07553F2F9472C767EA87, B1DF2B8D718CF7958E5E0B367859EEFB45CC9042B1B88E0C4DA884DF2608B59A ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
12:40:35.0565 0x1868 FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
12:40:38.0675 0x1868 Detect skipped due to KSN trusted
12:40:38.0675 0x1868 FsUsbExService - ok
12:40:38.0707 0x1868 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:40:38.0738 0x1868 Fs_Rec - ok
12:40:38.0785 0x1868 Fun4IM Coordinator - ok
12:40:38.0832 0x1868 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:40:38.0863 0x1868 fvevol - ok
12:40:38.0925 0x1868 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:40:38.0957 0x1868 gagp30kx - ok
12:40:39.0019 0x1868 [ ED45E9A16610562C5A727715B4346404, A25C31EE37398066140D7195DB2E0809989AE209E5E4D765F48B412388332984 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
12:40:39.0066 0x1868 GDBehave - ok
12:40:39.0231 0x1868 [ 0D625E2F0EB33A98051D07C74DFA0340, B4C6747BC6603E7B3DAB0FB4EFDA2A71F51A3F9AA29F6AE5E3D7372C330B0348 ] GDFwSvc C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
12:40:39.0372 0x1868 GDFwSvc - ok
12:40:39.0418 0x1868 [ 6322B54A21D32432FEAED1F8477D3399, 2A486063E1E8A248D25857E9614275A6792DC7B64AD4BA52BE9432CB6C364668 ] GDKBB C:\Windows\system32\drivers\GDKBB32.sys
12:40:39.0465 0x1868 GDKBB - ok
12:40:39.0481 0x1868 [ 0A68BE0CAA1DA360A5FDD4B6AD24A5F6, 0F31F4E2928CC8BEC663E92DAD466A569DE30964F3F04A0E5A2CDDA6DBCFDF4D ] GDKBFlt C:\Windows\system32\drivers\GDKBFlt32.sys
12:40:39.0512 0x1868 GDKBFlt - ok
12:40:39.0559 0x1868 [ 40BE38547E3F53E04F26DB375DB1227D, 6B91A805C9C39A64C7DC667AFC4F3D53749DADA756F508904A92A123F4029782 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
12:40:39.0606 0x1868 GDMnIcpt - ok
12:40:39.0653 0x1868 [ 446FBDA0218AB95442365DA74BBD5201, D137558A02A4910E913A166974E3FCBCA6F26F242B739771474CC022FCE45999 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
12:40:39.0684 0x1868 GDPkIcpt - ok
12:40:39.0747 0x1868 [ 2FC204FF990827303D9184B390F5C15E, A194ACE75ADD2E105C1C5555621A2E4292617C37BA17070F88D4CA56B24D9291 ] GDScan C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
12:40:39.0793 0x1868 GDScan - ok
12:40:39.0825 0x1868 [ A0775BDDD8B45D200C8B9B06DC0E304A, 11DFF8E9EC74C57C74AC81800611EE019E90104BF7F58599C8A1BF91E127B577 ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd32.sys
12:40:39.0840 0x1868 gdwfpcd - ok
12:40:39.0872 0x1868 gel90xne - ok
12:40:39.0887 0x1868 GLogin - ok
12:40:39.0965 0x1868 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
12:40:40.0012 0x1868 gpsvc - ok
12:40:40.0043 0x1868 [ 3CC33DAB9350C99538BB8CC2D675E1F2, 9ADB2B8CDC87E3CF6E707635EF6EB8EB4DBF14ADFE059E6C7FABCD771592066B ] GRD C:\Windows\system32\drivers\GRD.sys
12:40:40.0075 0x1868 GRD - ok
12:40:40.0177 0x1868 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:40:40.0208 0x1868 gupdate - ok
12:40:40.0224 0x1868 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:40:40.0240 0x1868 gupdatem - ok
12:40:40.0287 0x1868 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:40:40.0365 0x1868 hcw85cir - ok
12:40:40.0412 0x1868 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:40:40.0458 0x1868 HDAudBus - ok
12:40:40.0505 0x1868 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:40:40.0583 0x1868 HidBatt - ok
12:40:40.0615 0x1868 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:40:40.0646 0x1868 HidBth - ok
12:40:40.0693 0x1868 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:40:40.0802 0x1868 HidIr - ok
12:40:40.0943 0x1868 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
12:40:41.0005 0x1868 hidserv - ok
12:40:41.0068 0x1868 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:40:41.0165 0x1868 HidUsb - ok
12:40:41.0211 0x1868 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
12:40:41.0305 0x1868 hkmsvc - ok
12:40:41.0352 0x1868 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:40:41.0446 0x1868 HomeGroupListener - ok
12:40:41.0493 0x1868 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:40:41.0540 0x1868 HomeGroupProvider - ok
12:40:41.0586 0x1868 [ 965DF80FA281AEEB3487F75372F07468, 592752CA4C7B892F4448F821CCEE4EBDAC4C180A8A5417C14536138C1F65EBF4 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
12:40:41.0805 0x1868 HookCentre - ok
12:40:41.0868 0x1868 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:40:41.0899 0x1868 HpSAMD - ok
12:40:41.0977 0x1868 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:40:42.0040 0x1868 HTTP - ok
12:40:42.0086 0x1868 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:40:42.0102 0x1868 hwpolicy - ok
12:40:42.0118 0x1868 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:40:42.0165 0x1868 i8042prt - ok
12:40:42.0243 0x1868 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:40:42.0306 0x1868 iaStorV - ok
12:40:42.0416 0x1868 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:40:42.0509 0x1868 idsvc - ok
12:40:42.0541 0x1868 IEEtwCollectorService - ok
12:40:42.0572 0x1868 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:40:42.0611 0x1868 iirsp - ok
12:40:42.0698 0x1868 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
12:40:42.0760 0x1868 IKEEXT - ok
12:40:42.0932 0x1868 [ FD1D5F1609126831F49D6CFBB61F9DDD, 0BA741FBDD63495D6DF131C2FA3BCBFC4A7FB4919FA598564CA15630CF3A86EF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:40:43.0104 0x1868 IntcAzAudAddService - ok
12:40:43.0165 0x1868 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
12:40:43.0196 0x1868 intelide - ok
12:40:43.0243 0x1868 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:40:43.0290 0x1868 intelppm - ok
12:40:43.0336 0x1868 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:40:43.0415 0x1868 IPBusEnum - ok
12:40:43.0446 0x1868 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:40:43.0508 0x1868 IpFilterDriver - ok
12:40:43.0586 0x1868 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:40:43.0735 0x1868 iphlpsvc - ok
12:40:43.0782 0x1868 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:40:43.0844 0x1868 IPMIDRV - ok
12:40:43.0891 0x1868 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:40:43.0985 0x1868 IPNAT - ok
12:40:44.0016 0x1868 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:40:44.0094 0x1868 IRENUM - ok
12:40:44.0125 0x1868 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:40:44.0176 0x1868 isapnp - ok
12:40:44.0208 0x1868 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:40:44.0254 0x1868 iScsiPrt - ok
12:40:44.0286 0x1868 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:40:44.0317 0x1868 kbdclass - ok
12:40:44.0361 0x1868 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:40:44.0392 0x1868 kbdhid - ok
12:40:44.0408 0x1868 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] KeyIso C:\Windows\system32\lsass.exe
12:40:44.0423 0x1868 KeyIso - ok
12:40:44.0486 0x1868 [ 4DAC97CF81FAE4B2988AEF0DF40D04AE, 5560304972693DE5D5B21CE010A76067FA5B64AD5968122EE9F8248B3EA4878E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:40:44.0517 0x1868 KSecDD - ok
12:40:44.0548 0x1868 [ 9EED5E0B7BF784C491C2289A09920BDA, 9E82EB777A01AB32EDA2AE0420546602A82C850D68D2C0AEDB4EA5ADEDF835E6 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:40:44.0564 0x1868 KSecPkg - ok
12:40:44.0611 0x1868 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:40:44.0720 0x1868 KtmRm - ok
12:40:44.0751 0x1868 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:40:44.0798 0x1868 LanmanServer - ok
12:40:44.0845 0x1868 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:40:44.0908 0x1868 LanmanWorkstation - ok
12:40:44.0986 0x1868 [ 6AC289AB3DE19BEE4868666EA3EEF34B, D6024085CDF0C9C55AA27A4B4260F10121F4AB94023006D7A96BAC4D7C30CFD6 ] limsgt C:\Windows\system32\DRIVERS\limsgt.sys
12:40:45.0001 0x1868 limsgt - detected UnsignedFile.Multi.Generic ( 1 )
12:40:48.0320 0x1868 Detect skipped due to KSN trusted
12:40:48.0320 0x1868 limsgt - ok
12:40:48.0379 0x1868 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:40:48.0458 0x1868 lltdio - ok
12:40:48.0520 0x1868 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:40:48.0614 0x1868 lltdsvc - ok
12:40:48.0645 0x1868 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:40:48.0687 0x1868 lmhosts - ok
12:40:48.0718 0x1868 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:40:48.0750 0x1868 LSI_FC - ok
12:40:48.0765 0x1868 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:40:48.0781 0x1868 LSI_SAS - ok
12:40:48.0812 0x1868 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:40:48.0828 0x1868 LSI_SAS2 - ok
12:40:48.0843 0x1868 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:40:48.0875 0x1868 LSI_SCSI - ok
12:40:48.0890 0x1868 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
12:40:48.0937 0x1868 luafv - ok
12:40:48.0984 0x1868 [ A3E700D78EEC390F1208098CDCA5C6B6, 37D92D4AF24C43B4C468974CBBD55B6DF3AB92780560285039A0B078E566985A ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
12:40:49.0046 0x1868 MarvinBus - ok
12:40:49.0093 0x1868 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:40:49.0152 0x1868 Mcx2Svc - ok
12:40:49.0261 0x1868 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:40:49.0339 0x1868 MDM - detected UnsignedFile.Multi.Generic ( 1 )
12:40:52.0780 0x1868 Detect skipped due to KSN trusted
12:40:52.0780 0x1868 MDM - ok
12:40:52.0811 0x1868 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:40:52.0842 0x1868 megasas - ok
12:40:52.0874 0x1868 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:40:52.0920 0x1868 MegaSR - ok
12:40:52.0967 0x1868 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
12:40:53.0030 0x1868 MMCSS - ok
12:40:53.0045 0x1868 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
12:40:53.0108 0x1868 Modem - ok
12:40:53.0139 0x1868 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:40:53.0186 0x1868 monitor - ok
12:40:53.0233 0x1868 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:40:53.0280 0x1868 mouclass - ok
12:40:53.0311 0x1868 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:40:53.0374 0x1868 mouhid - ok
12:40:53.0420 0x1868 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:40:53.0452 0x1868 mountmgr - ok
12:40:53.0514 0x1868 [ FD5E45969B82B83E33CB05B5C9B0E3F2, A6C21F7A0A97683DA50FC102131618CC1BE5CA0C3625D2FDAF5861B9B6523E45 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:40:53.0545 0x1868 MozillaMaintenance - ok
12:40:53.0577 0x1868 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
12:40:53.0608 0x1868 mpio - ok
12:40:53.0624 0x1868 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:40:53.0671 0x1868 mpsdrv - ok
12:40:53.0738 0x1868 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:40:53.0847 0x1868 MpsSvc - ok
12:40:53.0878 0x1868 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:40:53.0972 0x1868 MRxDAV - ok
12:40:54.0019 0x1868 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:40:54.0082 0x1868 mrxsmb - ok
12:40:54.0135 0x1868 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:40:54.0176 0x1868 mrxsmb10 - ok
12:40:54.0192 0x1868 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:40:54.0239 0x1868 mrxsmb20 - ok
12:40:54.0286 0x1868 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
12:40:54.0317 0x1868 msahci - ok
12:40:54.0364 0x1868 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:40:54.0416 0x1868 msdsm - ok
12:40:54.0457 0x1868 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
12:40:54.0522 0x1868 MSDTC - ok
12:40:54.0553 0x1868 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:40:54.0616 0x1868 Msfs - ok
12:40:54.0631 0x1868 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:40:54.0709 0x1868 mshidkmdf - ok
12:40:54.0741 0x1868 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:40:54.0772 0x1868 msisadrv - ok
12:40:54.0834 0x1868 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:40:54.0897 0x1868 MSiSCSI - ok
12:40:54.0913 0x1868 msiserver - ok
12:40:54.0928 0x1868 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:40:54.0991 0x1868 MSKSSRV - ok
12:40:55.0038 0x1868 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:40:55.0100 0x1868 MSPCLOCK - ok
12:40:55.0147 0x1868 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:40:55.0209 0x1868 MSPQM - ok
12:40:55.0241 0x1868 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:40:55.0272 0x1868 MsRPC - ok
12:40:55.0288 0x1868 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:40:55.0319 0x1868 mssmbios - ok
12:40:55.0334 0x1868 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:40:55.0381 0x1868 MSTEE - ok
12:40:55.0413 0x1868 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:40:55.0459 0x1868 MTConfig - ok
12:40:55.0491 0x1868 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
12:40:55.0522 0x1868 Mup - ok
12:40:55.0569 0x1868 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
12:40:55.0663 0x1868 napagent - ok
12:40:55.0723 0x1868 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:40:55.0801 0x1868 NativeWifiP - ok
12:40:55.0895 0x1868 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:40:55.0942 0x1868 NDIS - ok
12:40:55.0973 0x1868 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:40:56.0051 0x1868 NdisCap - ok
12:40:56.0083 0x1868 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:40:56.0129 0x1868 NdisTapi - ok
12:40:56.0176 0x1868 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:40:56.0239 0x1868 Ndisuio - ok
12:40:56.0270 0x1868 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:40:56.0317 0x1868 NdisWan - ok
12:40:56.0333 0x1868 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:40:56.0395 0x1868 NDProxy - ok
12:40:56.0599 0x1868 [ 6D4028D458EAAA1782099750790DC8C9, 0D863A61D049235D5BBEC998185814B798674AD861DEBF0C903D28E310CE2768 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
12:40:56.0677 0x1868 Nero BackItUp Scheduler 3 - ok
12:40:56.0724 0x1868 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:40:56.0755 0x1868 NetBIOS - ok
12:40:56.0802 0x1868 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:40:56.0912 0x1868 NetBT - ok
12:40:56.0927 0x1868 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] Netlogon C:\Windows\system32\lsass.exe
12:40:56.0974 0x1868 Netlogon - ok
12:40:57.0037 0x1868 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
12:40:57.0135 0x1868 Netman - ok
12:40:57.0223 0x1868 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:40:57.0270 0x1868 NetMsmqActivator - ok
12:40:57.0286 0x1868 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:40:57.0317 0x1868 NetPipeActivator - ok
12:40:57.0348 0x1868 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
12:40:57.0395 0x1868 netprofm - ok
12:40:57.0487 0x1868 [ 27EE4B406E2F26F6117A9A420BD4CB65, D4EB07F56A1D1F0DA2197AB80917036A057A543F837CE5B102EE4F4ACA4606A7 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
12:40:57.0549 0x1868 netr28u - ok
12:40:57.0581 0x1868 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:40:57.0612 0x1868 NetTcpActivator - ok
12:40:57.0612 0x1868 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:40:57.0643 0x1868 NetTcpPortSharing - ok
12:40:57.0674 0x1868 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:40:57.0690 0x1868 nfrd960 - ok
12:40:57.0768 0x1868 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:40:57.0831 0x1868 NlaSvc - ok
12:40:57.0909 0x1868 [ D36107465E716CF2335A25C54B6D11C2, B4A3415B221FC12A58F2067358CFB124D48C359363D5A1FDC784F655D73D0405 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
12:40:57.0971 0x1868 NMIndexingService - ok
12:40:58.0002 0x1868 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:40:58.0065 0x1868 Npfs - ok
12:40:58.0168 0x1868 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
12:40:58.0215 0x1868 nsi - ok
12:40:58.0231 0x1868 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:40:58.0293 0x1868 nsiproxy - ok
12:40:58.0434 0x1868 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:40:58.0528 0x1868 Ntfs - ok
12:40:58.0543 0x1868 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
12:40:58.0622 0x1868 Null - ok
12:40:59.0208 0x1868 [ 2995ADDEE2335B0DDDE8AF7F200248AF, 99954E127BDB5164EB3928C60F5830582A44A9D2D38660DE19E36192C6F3CF7A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:40:59.0807 0x1868 nvlddmkm - ok
12:41:00.0010 0x1868 [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
12:41:00.0104 0x1868 NvNetworkService - ok
12:41:00.0166 0x1868 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:41:00.0212 0x1868 nvraid - ok
12:41:00.0244 0x1868 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:41:00.0306 0x1868 nvstor - ok
12:41:00.0384 0x1868 [ 5C207306A999FDAA9C608E09B740DD60, ECBA9CB3A11B6F61E346CA2D6ABE1B77230A358FF08EDEBAE53326C1ED88A5CC ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:41:00.0416 0x1868 NvStreamKms - ok
12:41:01.0293 0x1868 [ 8B1066DFFEDDEE45887E1EE621BE4FB4, 02C8922B3CEDE480BAE72171BAEBEF04D9376E009811B065D2DC1533CA8F70F6 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:41:02.0072 0x1868 NvStreamSvc - ok
12:41:02.0244 0x1868 [ FAE39454D10CC50212BC96D182F82C33, 819D225313565BC454045FB622B2C05EB1398133162905FB1E0D89D0D4DDBD8E ] nvsvc C:\Windows\system32\nvvsvc.exe
12:41:02.0291 0x1868 nvsvc - ok
12:41:02.0337 0x1868 [ FA3B7E6BD974251CE1160A471B497072, 0ABB83CAECAF9F8E9AD8D3FDD2F2F33419B7317B42D3C0AA62C414A6D887AB38 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
12:41:02.0384 0x1868 nvvad_WaveExtensible - ok
12:41:02.0400 0x1868 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:41:02.0431 0x1868 nv_agp - ok
12:41:02.0494 0x1868 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:41:02.0541 0x1868 odserv - ok
12:41:02.0587 0x1868 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:41:02.0650 0x1868 ohci1394 - ok
12:41:02.0681 0x1868 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:41:02.0748 0x1868 ose - ok
12:41:02.0813 0x1868 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:41:02.0875 0x1868 p2pimsvc - ok
12:41:02.0938 0x1868 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
12:41:03.0047 0x1868 p2psvc - ok
12:41:03.0094 0x1868 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:41:03.0141 0x1868 Parport - ok
12:41:03.0172 0x1868 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:41:03.0219 0x1868 partmgr - ok
12:41:03.0235 0x1868 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:41:03.0266 0x1868 Parvdm - ok
12:41:03.0313 0x1868 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
12:41:03.0360 0x1868 PcaSvc - ok
12:41:03.0407 0x1868 [ 175CC28DCF819F78CAA3FBD44AD9E52A, C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:41:03.0499 0x1868 pccsmcfd - ok
12:41:03.0545 0x1868 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
12:41:03.0561 0x1868 pci - ok
12:41:03.0624 0x1868 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
12:41:03.0655 0x1868 pciide - ok
12:41:03.0686 0x1868 [ 1BEBE7DE8508A02650CDCE45C664C2A2, 67841EA7F1F6B7F19ABD38A004B23610A21AD5BD5E508EED16CC7856CBE44D9C ] PCLEPCI C:\Windows\system32\drivers\pclepci.sys
12:41:03.0717 0x1868 PCLEPCI - detected UnsignedFile.Multi.Generic ( 1 )
12:41:07.0372 0x1868 Detect skipped due to KSN trusted
12:41:07.0372 0x1868 PCLEPCI - ok
12:41:07.0418 0x1868 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:41:07.0465 0x1868 pcmcia - ok
12:41:07.0481 0x1868 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
12:41:07.0518 0x1868 pcw - ok
12:41:07.0605 0x1868 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:41:07.0683 0x1868 PEAUTH - ok
12:41:07.0824 0x1868 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
12:41:07.0996 0x1868 pla - ok
12:41:08.0058 0x1868 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:41:08.0152 0x1868 PlugPlay - ok
12:41:08.0292 0x1868 [ 7C725A94A89E3C1EA7D492D5E79698A2, 0E678DF8D5B54FF671912DF103623ACF3264E86BDACF744D0A7BA80C51A79110 ] PMBDeviceInfoProvider C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
12:41:08.0390 0x1868 PMBDeviceInfoProvider - ok
12:41:08.0437 0x1868 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:41:08.0468 0x1868 PNRPAutoReg - ok
12:41:08.0500 0x1868 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:41:08.0531 0x1868 PNRPsvc - ok
12:41:08.0578 0x1868 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:41:08.0687 0x1868 PolicyAgent - ok
12:41:08.0750 0x1868 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
12:41:08.0834 0x1868 Power - ok
12:41:08.0897 0x1868 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:41:08.0975 0x1868 PptpMiniport - ok
12:41:09.0006 0x1868 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:41:09.0053 0x1868 Processor - ok
12:41:09.0084 0x1868 Profos - ok
12:41:09.0147 0x1868 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
12:41:09.0241 0x1868 ProfSvc - ok
12:41:09.0256 0x1868 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:41:09.0288 0x1868 ProtectedStorage - ok
12:41:09.0350 0x1868 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:41:09.0428 0x1868 Psched - ok
12:41:09.0522 0x1868 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:41:09.0616 0x1868 ql2300 - ok
12:41:09.0647 0x1868 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:41:09.0663 0x1868 ql40xx - ok
12:41:09.0709 0x1868 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
12:41:09.0772 0x1868 QWAVE - ok
12:41:09.0803 0x1868 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:41:09.0841 0x1868 QWAVEdrv - ok
12:41:09.0873 0x1868 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:41:09.0935 0x1868 RasAcd - ok
12:41:09.0966 0x1868 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:41:10.0044 0x1868 RasAgileVpn - ok
12:41:10.0076 0x1868 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
12:41:10.0123 0x1868 RasAuto - ok
12:41:10.0169 0x1868 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:41:10.0279 0x1868 Rasl2tp - ok
12:41:10.0341 0x1868 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
12:41:10.0451 0x1868 RasMan - ok
12:41:10.0466 0x1868 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:41:10.0560 0x1868 RasPppoe - ok
12:41:10.0591 0x1868 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:41:10.0669 0x1868 RasSstp - ok
12:41:10.0732 0x1868 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:41:10.0826 0x1868 rdbss - ok
12:41:10.0857 0x1868 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:41:10.0935 0x1868 rdpbus - ok
12:41:10.0982 0x1868 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:41:11.0076 0x1868 RDPCDD - ok
12:41:11.0123 0x1868 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:41:11.0193 0x1868 RDPENCDD - ok
12:41:11.0224 0x1868 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:41:11.0287 0x1868 RDPREFMP - ok
12:41:11.0349 0x1868 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:41:11.0458 0x1868 RDPWD - ok
12:41:11.0521 0x1868 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:41:11.0583 0x1868 rdyboost - ok
12:41:11.0614 0x1868 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:41:11.0676 0x1868 RemoteAccess - ok
12:41:11.0723 0x1868 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:41:11.0770 0x1868 RemoteRegistry - ok
12:41:11.0786 0x1868 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:41:11.0879 0x1868 RpcEptMapper - ok
12:41:11.0911 0x1868 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
12:41:11.0973 0x1868 RpcLocator - ok
12:41:12.0020 0x1868 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
12:41:12.0098 0x1868 RpcSs - ok
12:41:12.0124 0x1868 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:41:12.0186 0x1868 rspndr - ok
12:41:12.0249 0x1868 [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
12:41:12.0311 0x1868 RTL8167 - ok
12:41:12.0342 0x1868 [ ABBE0F54BA3A378262C9CB86CF7D91F8, 573D336A4A40B303498628FCA7685102F5CC69FC371100CF519126086C60732F ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
12:41:12.0436 0x1868 RTL8169 - ok
12:41:12.0452 0x1868 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] SamSs C:\Windows\system32\lsass.exe
12:41:12.0483 0x1868 SamSs - ok
12:41:12.0562 0x1868 [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:41:12.0593 0x1868 SASDIFSV - ok
12:41:12.0625 0x1868 [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:41:12.0656 0x1868 SASKUTIL - ok
12:41:12.0703 0x1868 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:41:12.0734 0x1868 sbp2port - ok
12:41:12.0796 0x1868 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:41:12.0878 0x1868 SCardSvr - ok
12:41:12.0910 0x1868 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:41:12.0972 0x1868 scfilter - ok
12:41:13.0082 0x1868 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
12:41:13.0191 0x1868 Schedule - ok
12:41:13.0222 0x1868 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:41:13.0269 0x1868 SCPolicySvc - ok
12:41:13.0285 0x1868 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:41:13.0378 0x1868 SDRSVC - ok
12:41:13.0535 0x1868 [ 11D94599270AA1603F75CB5ACBBD266F, 950746109BD7AA5BCF2F4320F40CFD268B34CB3DBE6073616B75A5254FE00469 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
12:41:13.0597 0x1868 SDScannerService - ok
12:41:13.0738 0x1868 [ D91D8344E73283999777083BF17D54E2, 018F500DD49A192617E57998A2E9833C5C9EB72A2B186AF25B5CB91329B1E267 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:41:13.0816 0x1868 SDUpdateService - ok
12:41:13.0847 0x1868 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:41:13.0878 0x1868 SDWSCService - ok
12:41:13.0972 0x1868 [ 4A5809A1D796E2675AC0332BF7B0CB11, 7EEEC85A397F04A9460DC37A070D115E19114D9A3E5D9D7E8021F60A7986C8C1 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:41:14.0003 0x1868 SeaPort - ok
12:41:14.0050 0x1868 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:41:14.0144 0x1868 secdrv - ok
12:41:14.0176 0x1868 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
12:41:14.0254 0x1868 seclogon - ok
12:41:14.0286 0x1868 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
12:41:14.0379 0x1868 SENS - ok
12:41:14.0411 0x1868 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:41:14.0489 0x1868 SensrSvc - ok
12:41:14.0520 0x1868 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:41:14.0567 0x1868 Serenum - ok
12:41:14.0614 0x1868 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:41:14.0676 0x1868 Serial - ok
12:41:14.0723 0x1868 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:41:14.0786 0x1868 sermouse - ok
12:41:14.0869 0x1868 ServiceLayer - ok
12:41:14.0931 0x1868 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
12:41:14.0978 0x1868 SessionEnv - ok
12:41:15.0025 0x1868 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:41:15.0072 0x1868 sffdisk - ok
12:41:15.0072 0x1868 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:41:15.0119 0x1868 sffp_mmc - ok
12:41:15.0148 0x1868 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:41:15.0179 0x1868 sffp_sd - ok
12:41:15.0195 0x1868 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:41:15.0242 0x1868 sfloppy - ok
12:41:15.0320 0x1868 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:41:15.0398 0x1868 SharedAccess - ok
12:41:15.0445 0x1868 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:41:15.0507 0x1868 ShellHWDetection - ok
12:41:15.0539 0x1868 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:41:15.0577 0x1868 sisagp - ok
12:41:15.0592 0x1868 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:41:15.0624 0x1868 SiSRaid2 - ok
12:41:15.0639 0x1868 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:41:15.0670 0x1868 SiSRaid4 - ok
12:41:15.0780 0x1868 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:41:15.0827 0x1868 SkypeUpdate - ok
12:41:15.0874 0x1868 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:41:15.0920 0x1868 Smb - ok
12:41:15.0983 0x1868 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:41:16.0030 0x1868 SNMPTRAP - ok
12:41:16.0045 0x1868 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
12:41:16.0077 0x1868 spldr - ok
12:41:16.0130 0x1868 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
12:41:16.0193 0x1868 Spooler - ok
12:41:16.0380 0x1868 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
12:41:16.0647 0x1868 sppsvc - ok
12:41:16.0694 0x1868 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:41:16.0788 0x1868 sppuinotify - ok
12:41:16.0834 0x1868 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:41:16.0904 0x1868 srv - ok
12:41:16.0935 0x1868 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:41:16.0998 0x1868 srv2 - ok
12:41:17.0013 0x1868 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:41:17.0060 0x1868 srvnet - ok
12:41:17.0076 0x1868 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:41:17.0138 0x1868 SSDPSRV - ok
12:41:17.0263 0x1868 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:41:17.0341 0x1868 SstpSvc - ok
12:41:17.0404 0x1868 [ EAA66218CD39F5BB1B4853A78C67C787, 59B4B270A24EDE9B30F2613A4904ECC30C60FEC27DDB87C03EC8F97C33178272 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
12:41:17.0451 0x1868 ss_bbus - ok
12:41:17.0498 0x1868 [ 91765F99914ED8693D8BC76524F21581, 2A5D52E05804DED18032646A501047B85FC5C383CC5442349CE525FCD49DC2DC ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
12:41:17.0529 0x1868 ss_bmdfl - ok
12:41:17.0601 0x1868 [ 840E7B738B03C10EE91D9B7D3D6EFF15, DE72972834532588C44CD558BEDEE7189F1E2ABC46DD7D6D55117FDCCF928C4B ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
12:41:17.0632 0x1868 ss_bmdm - ok
12:41:17.0695 0x1868 [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
12:41:17.0773 0x1868 Steam Client Service - ok
12:41:17.0889 0x1868 [ BAD1F0D57B842D3C461B02609A7E7396, 737A17B22945BD04AA6AEF121F2561CC8231480796A7564722A3A08AB70F8F67 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:41:17.0920 0x1868 Stereo Service - ok
12:41:17.0952 0x1868 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:41:17.0983 0x1868 stexstor - ok
12:41:18.0045 0x1868 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
12:41:18.0135 0x1868 StiSvc - ok
12:41:18.0182 0x1868 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
12:41:18.0213 0x1868 swenum - ok
12:41:18.0245 0x1868 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
12:41:18.0338 0x1868 swprv - ok
12:41:18.0463 0x1868 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
12:41:18.0557 0x1868 SysMain - ok
12:41:18.0698 0x1868 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
12:41:18.0729 0x1868 TabletInputService - ok
12:41:18.0791 0x1868 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
12:41:18.0854 0x1868 TapiSrv - ok
12:41:18.0901 0x1868 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
12:41:18.0979 0x1868 TBS - ok
12:41:19.0104 0x1868 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:41:19.0213 0x1868 Tcpip - ok
12:41:19.0307 0x1868 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:41:19.0401 0x1868 TCPIP6 - ok
12:41:19.0448 0x1868 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:41:19.0479 0x1868 tcpipreg - ok
12:41:19.0526 0x1868 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:41:19.0573 0x1868 TDPIPE - ok
12:41:19.0604 0x1868 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:41:19.0666 0x1868 TDTCP - ok
12:41:19.0713 0x1868 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:41:19.0760 0x1868 tdx - ok
12:41:19.0807 0x1868 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:41:19.0838 0x1868 TermDD - ok
12:41:19.0906 0x1868 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
12:41:20.0031 0x1868 TermService - ok
12:41:20.0046 0x1868 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
12:41:20.0125 0x1868 Themes - ok
12:41:20.0171 0x1868 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
12:41:20.0234 0x1868 THREADORDER - ok
12:41:20.0265 0x1868 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
12:41:20.0312 0x1868 TrkWks - ok
12:41:20.0406 0x1868 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:41:20.0515 0x1868 TrustedInstaller - ok
12:41:20.0578 0x1868 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:41:20.0624 0x1868 tssecsrv - ok
12:41:20.0686 0x1868 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:41:20.0733 0x1868 TsUsbFlt - ok
12:41:20.0795 0x1868 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:41:20.0842 0x1868 tunnel - ok
12:41:20.0889 0x1868 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:41:20.0905 0x1868 uagp35 - ok
12:41:20.0952 0x1868 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:41:21.0030 0x1868 udfs - ok
12:41:21.0077 0x1868 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:41:21.0144 0x1868 UI0Detect - ok
12:41:21.0175 0x1868 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:41:21.0207 0x1868 uliagpkx - ok
12:41:21.0238 0x1868 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:41:21.0285 0x1868 umbus - ok
12:41:21.0332 0x1868 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:41:21.0378 0x1868 UmPass - ok
12:41:21.0441 0x1868 [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
12:41:21.0472 0x1868 UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
12:41:24.0888 0x1868 Detect skipped due to KSN trusted
12:41:24.0888 0x1868 UnlockerDriver5 - ok
12:41:24.0919 0x1868 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
12:41:25.0013 0x1868 upnphost - ok
12:41:25.0060 0x1868 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:41:25.0138 0x1868 usbccgp - ok
12:41:25.0185 0x1868 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:41:25.0263 0x1868 usbcir - ok
12:41:25.0279 0x1868 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:41:25.0326 0x1868 usbehci - ok
12:41:25.0357 0x1868 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:41:25.0419 0x1868 usbhub - ok
12:41:25.0435 0x1868 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:41:25.0482 0x1868 usbohci - ok
12:41:25.0513 0x1868 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:41:25.0560 0x1868 usbprint - ok
12:41:25.0608 0x1868 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:41:25.0686 0x1868 usbscan - ok
12:41:25.0702 0x1868 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:41:25.0780 0x1868 USBSTOR - ok
12:41:25.0795 0x1868 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:41:25.0858 0x1868 usbuhci - ok
12:41:25.0910 0x1868 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
12:41:25.0984 0x1868 UxSms - ok
12:41:26.0015 0x1868 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] VaultSvc C:\Windows\system32\lsass.exe
12:41:26.0046 0x1868 VaultSvc - ok
12:41:26.0062 0x1868 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:41:26.0093 0x1868 vdrvroot - ok
12:41:26.0147 0x1868 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
12:41:26.0225 0x1868 vds - ok
12:41:26.0241 0x1868 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:41:26.0303 0x1868 vga - ok
12:41:26.0334 0x1868 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:41:26.0381 0x1868 VgaSave - ok
12:41:26.0428 0x1868 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:41:26.0491 0x1868 vhdmp - ok
12:41:26.0506 0x1868 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:41:26.0553 0x1868 viaagp - ok
12:41:26.0569 0x1868 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:41:26.0616 0x1868 ViaC7 - ok
12:41:26.0647 0x1868 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
12:41:26.0678 0x1868 viaide - ok
12:41:26.0694 0x1868 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:41:26.0725 0x1868 volmgr - ok
12:41:26.0756 0x1868 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:41:26.0803 0x1868 volmgrx - ok
12:41:26.0819 0x1868 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:41:26.0866 0x1868 volsnap - ok
12:41:26.0881 0x1868 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:41:26.0913 0x1868 vsmraid - ok
12:41:26.0991 0x1868 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
12:41:27.0100 0x1868 VSS - ok
12:41:27.0131 0x1868 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:41:27.0163 0x1868 vwifibus - ok
12:41:27.0178 0x1868 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:41:27.0209 0x1868 vwififlt - ok
12:41:27.0241 0x1868 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:41:27.0272 0x1868 vwifimp - ok
12:41:27.0303 0x1868 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
12:41:27.0366 0x1868 W32Time - ok
12:41:27.0413 0x1868 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:41:27.0428 0x1868 WacomPen - ok
12:41:27.0475 0x1868 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:41:27.0538 0x1868 WANARP - ok
12:41:27.0553 0x1868 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:41:27.0600 0x1868 Wanarpv6 - ok
12:41:27.0721 0x1868 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
12:41:27.0862 0x1868 wbengine - ok
12:41:27.0899 0x1868 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:41:27.0932 0x1868 WbioSrvc - ok
12:41:27.0979 0x1868 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:41:28.0057 0x1868 wcncsvc - ok
12:41:28.0114 0x1868 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:41:28.0270 0x1868 WcsPlugInService - ok
12:41:28.0286 0x1868 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:41:28.0348 0x1868 Wd - ok
12:41:28.0426 0x1868 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:41:28.0489 0x1868 Wdf01000 - ok
12:41:28.0567 0x1868 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:41:28.0598 0x1868 WdiServiceHost - ok
12:41:28.0598 0x1868 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:41:28.0629 0x1868 WdiSystemHost - ok
12:41:28.0693 0x1868 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
12:41:28.0802 0x1868 WebClient - ok
12:41:28.0833 0x1868 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:41:28.0943 0x1868 Wecsvc - ok
12:41:28.0958 0x1868 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:41:29.0037 0x1868 wercplsupport - ok
12:41:29.0099 0x1868 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
12:41:29.0177 0x1868 WerSvc - ok
12:41:29.0224 0x1868 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:41:29.0287 0x1868 WfpLwf - ok
12:41:29.0318 0x1868 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:41:29.0349 0x1868 WIMMount - ok
12:41:29.0458 0x1868 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:41:29.0521 0x1868 WinDefend - ok
12:41:29.0537 0x1868 WinHttpAutoProxySvc - ok
12:41:29.0631 0x1868 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:41:29.0708 0x1868 Winmgmt - ok
12:41:29.0833 0x1868 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
12:41:29.0984 0x1868 WinRM - ok
12:41:30.0046 0x1868 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:41:30.0078 0x1868 WinUsb - ok
12:41:30.0171 0x1868 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:41:30.0281 0x1868 Wlansvc - ok
12:41:30.0437 0x1868 [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:41:30.0500 0x1868 wlidsvc - ok
12:41:30.0546 0x1868 [ F4BEFFB095457721F6E678FE4E87A676, 564EC5E73DF27A5EF233FCBEA52F98A7878A664CCDB082CEB8A03BD2A4521A83 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
12:41:30.0625 0x1868 WmBEnum - ok
12:41:30.0656 0x1868 [ F12A6785F34A321AE35762806B97F58C, D933E643E836F858E8E0D3BF75FA428727F0603F6365350727B6EB32608AD1AE ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
12:41:30.0703 0x1868 WmFilter - ok
12:41:30.0734 0x1868 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:41:30.0781 0x1868 WmiAcpi - ok
12:41:30.0828 0x1868 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:41:30.0890 0x1868 wmiApSrv - ok
12:41:31.0015 0x1868 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:41:31.0127 0x1868 WMPNetworkSvc - ok
12:41:31.0155 0x1868 [ 8818190FB4C78D224B92FF4CD369868C, 2F9D3CA7EC0E10ECE4CEEB4990D864D26970FD372ADCC80E97A7350BEFA61811 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
12:41:31.0217 0x1868 WmVirHid - ok
12:41:31.0233 0x1868 [ E52708C4D0C8406B241260593EC60E0C, 5F6F3AADE3A1CBA079A1580AA4638DBB76A8FD66DF7191BE878C258501A96CC0 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
12:41:31.0264 0x1868 WmXlCore - ok
12:41:31.0311 0x1868 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:41:31.0358 0x1868 WPCSvc - ok
12:41:31.0389 0x1868 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:41:31.0452 0x1868 WPDBusEnum - ok
12:41:31.0499 0x1868 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:41:31.0577 0x1868 ws2ifsl - ok
12:41:31.0608 0x1868 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
12:41:31.0655 0x1868 wscsvc - ok
12:41:31.0670 0x1868 WSearch - ok
12:41:31.0795 0x1868 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
12:41:31.0905 0x1868 wuauserv - ok
12:41:31.0967 0x1868 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:41:32.0030 0x1868 WudfPf - ok
12:41:32.0061 0x1868 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:41:32.0124 0x1868 WUDFRd - ok
12:41:32.0186 0x1868 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:41:32.0233 0x1868 wudfsvc - ok
12:41:32.0264 0x1868 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
12:41:32.0374 0x1868 WwanSvc - ok
12:41:32.0420 0x1868 [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets C:\Program Files\Common Files\X10\Common\X10nets.exe
12:41:32.0436 0x1868 x10nets - detected UnsignedFile.Multi.Generic ( 1 )
12:41:36.0607 0x1868 Detect skipped due to KSN trusted
12:41:36.0607 0x1868 x10nets - ok
12:41:36.0638 0x1868 ================ Scan global ===============================
12:41:36.0669 0x1868 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
12:41:36.0733 0x1868 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
12:41:36.0780 0x1868 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
12:41:36.0811 0x1868 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
12:41:36.0858 0x1868 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
12:41:36.0874 0x1868 [ Global ] - ok
12:41:36.0874 0x1868 ================ Scan MBR ==================================
12:41:36.0889 0x1868 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:41:37.0224 0x1868 \Device\Harddisk0\DR0 - ok
12:41:37.0255 0x1868 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:41:37.0427 0x1868 \Device\Harddisk1\DR1 - ok
12:41:37.0458 0x1868 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
12:41:37.0630 0x1868 \Device\Harddisk5\DR5 - ok
12:41:37.0630 0x1868 ================ Scan VBR ==================================
12:41:37.0646 0x1868 [ 2E9CF32F0C6A07DA2134FC897FE7D481 ] \Device\Harddisk0\DR0\Partition1
12:41:37.0646 0x1868 \Device\Harddisk0\DR0\Partition1 - ok
12:41:37.0662 0x1868 [ 580205A2746D76973C01D1FDB779ABAE ] \Device\Harddisk0\DR0\Partition2
12:41:37.0662 0x1868 \Device\Harddisk0\DR0\Partition2 - ok
12:41:37.0662 0x1868 [ 7064D8CBA79CEF03DB4967CAD0A36F51 ] \Device\Harddisk1\DR1\Partition1
12:41:37.0755 0x1868 \Device\Harddisk1\DR1\Partition1 - ok
12:41:37.0755 0x1868 [ 55AA18A4881B82E6DF964BF481D0AE25 ] \Device\Harddisk5\DR5\Partition1
12:41:37.0818 0x1868 \Device\Harddisk5\DR5\Partition1 - ok
12:41:37.0818 0x1868 ================ Scan generic autorun ======================
12:41:38.0565 0x1868 [ 089C928526AD18812D5C566654CDE7FE, 17823B248E451EE1199AF8F3C703E758B1B2A8CC061C8E5BEDCEB3F0783A5775 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
12:41:38.0824 0x1868 RtHDVCpl - ok
12:41:39.0059 0x1868 [ 60E91D2BCC467842B478E8F3A5BF7C16, 99C8615D1B5AE1DB13C5B2D1B14F93549F2608F45A957CF25244FA5E13CE86CF ] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
12:41:39.0168 0x1868 NBKeyScan - ok
12:41:39.0231 0x1868 [ 8112D0DACAE746290FC87B3A980FA719, 43CA8CED6AB58EDD97AD476C791D49C7ECD40EB8DA627E8412C0A27699A58F01 ] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
12:41:39.0278 0x1868 NeroFilterCheck - ok
12:41:39.0372 0x1868 [ 8E53B67FA3816E854B07C5DC66E10730, 21DC3B06437B052B693F77D2F579D9C02B7036502DDED16D06A245B966E29556 ] C:\Program Files\Real\RealPlayer\update\realsched.exe
12:41:39.0418 0x1868 TkBellExe - ok
12:41:39.0497 0x1868 [ A7DC47DBBE3C0384BA719DC4188AFA7E, FCC8F68A8E55AE2AB9B877A6E46DFC28411B68D09AEACA4792625B5150EFDCFD ] C:\Windows\ehome\ehTray.exe
12:41:39.0543 0x1868 ehTray.exe - ok
12:41:39.0622 0x1868 [ 068A190F7902A7E96405A446CD495B71, 7309AD46D12D8F0385A3CA25F08C7F08A09B50477ADDD3EA3E3BF9F0DCD798F2 ] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
12:41:39.0684 0x1868 IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
12:41:39.0748 0x1868 [ 41F9001AC50A09EFAC64D60B23521037, AE57324919DDD9BDE46D503A8A35007250159F519756104ECBED60EB56BB681C ] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
12:41:39.0794 0x1868 LaunchList - ok
12:41:39.0873 0x1868 [ 64584E925516568C2F6ACF337991E9BC, 4B5005B95D056D54613F0DF7F8E7F8184EEA6977F1A090A27B7797612C14DEDB ] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
12:41:39.0935 0x1868 AutoStartNPSAgent - detected UnsignedFile.Multi.Generic ( 1 )
12:41:45.0084 0x1868 Detect skipped due to KSN trusted
12:41:45.0084 0x1868 AutoStartNPSAgent - ok
12:41:45.0342 0x1868 [ 4C308A7FE37E91A1EF482F547EEEA7AD, 90512A16A382CF78FD2F392B729D3B53D4D26A963E7E5D19257F323AD6401D5C ] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
12:41:45.0670 0x1868 Spybot-S&D Cleaning - ok
12:41:45.0686 0x1868 Waiting for KSN requests completion. In queue: 8
12:41:46.0686 0x1868 Waiting for KSN requests completion. In queue: 1
12:41:47.0700 0x1868 Waiting for KSN requests completion. In queue: 1
12:41:48.0713 0x1868 Waiting for KSN requests completion. In queue: 1
12:41:49.0719 0x1868 Waiting for KSN requests completion. In queue: 1
12:41:50.0775 0x1868 AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
12:41:50.0775 0x1868 FW detected via SS2: G*DATA Personal Firewall, C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe ( 22.0.0.1 ), 0x41010 ( enabled )
12:41:54.0896 0x1868 ============================================================
12:41:54.0896 0x1868 Scan finished
12:41:54.0896 0x1868 ============================================================
12:41:54.0912 0x1f78 Detected object count: 0
12:41:54.0912 0x1f78 Actual detected object count: 0
|
|
24.04.2015, 07:42
| #8 |
| /// the machine /// TB-Ausbilder | Win7 startet nicht, schwarzer BS, ... Leg bitte mal einen neuen Benutzer an mit Adminrechten, boote in diesen. Dort auch die Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.04.2015, 09:05
| #9 |
| | Win7 startet nicht, schwarzer BS, ... Getan; offenbar funzt wieder alles, auch die Geräte werden ordnungsgemäß erkannt und mit runtergefahren. Was war denn wohl die Ursache und wie kann man so etwas vermeiden? Nachtrag: Eben wurde die externe FP wieder nicht erkannt (unter dem neuen Benutzer). Da werde ich wohl C: plattmachen und Win neu aufspielen.  |
|
25.04.2015, 15:10
| #10 |
| /// the machine /// TB-Ausbilder | Win7 startet nicht, schwarzer BS, ... Was hat die externe mit deinem Windows zu tun? Die Externe kann auch einfach nen Macken haben. Wenn der neue Benutzer sonst fehlerfrei ist ist das alte Benutzerkonto hinüber
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.04.2015, 11:57
| #11 |
| | Win7 startet nicht, schwarzer BS, ... Ich dachte an Probs mit Treibern oder so (auch der Drucker wird unter dem alten Konto nicht runtergefahren). Nun gut, es scheint bis auf die externe alles zu funktionieren, vielen Dank, Schrauber. Ich werd gleich mal 'n Blumenstrauß in das Spendenkonto stecken!;-) |
|
26.04.2015, 18:26
| #12 |
| /// the machine /// TB-Ausbilder | Win7 startet nicht, schwarzer BS, ... Check die Externe mal mit Checkdisk
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.04.2015, 19:35
| #13 |
| | Win7 startet nicht, schwarzer BS, ... Checkdisk hat nix bei der Externen gefunden, trotzdem konnte ich nach dem ersten Mal Scannen die FP nicht mehr sehen, erst nach zig-fachem Ein- und Ausstecken und Neustart unter dem neuen Benutzer, wobei das ohne reguläres Auswerfen der Externen geschehen musste. Wenn alles in Ordnung ist, warum spinnt dann alles?  |
|
28.04.2015, 13:59
| #14 |
| /// the machine /// TB-Ausbilder | Win7 startet nicht, schwarzer BS, ... Es spinnt ja eigentlich nur die Externe. Hast Du die Option die an einem andern Rechner zu testen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.04.2015, 14:32
| #15 |
| | Win7 startet nicht, schwarzer BS, ... Nicht direkt, die interne FP meines Alt-PCs ist abgeraucht. Evt. baue ich mal die jetzige in das alte Gehäuse ein und teste dann die fragliche externe. |
|
| Themen zu Win7 startet nicht, schwarzer BS, ... |
| adobe, bluescreen, browser, defender, desktop, downloader, festplatte, flash player, google, helper, herunterfahren, home, homepage, hängen, kein bluescreen, keine rückmeldung, logfile, mozilla, realtek, registry, rundll, security, services.exe, software, svchost.exe, temp, wird nicht erkannt |
Linear-Darstellung
