Pc/Internet läuft nicht Flüssig

DarkNeo · 25.05.2015, 10:26

Hallo,

habe seit einigen Tagen das Problem das mein Pc nicht flüssig läuft.

Wenn ich Videos ansehe zum Beispiel dann hängt er im Sekundentackt und läuft nicht flüssig.
Auch beim Laden von Seiten oder beim Tabwechsel hängt er dauernt hinterher.

Hatte auch vor 2 Tagen ein seltsammes Problem.
Nach der benutzung von TFC hat er ein Kritischen Fehler festgestellt und wollte sich in 1 Minute neu Starten.
Nach dem Neustart blieb er allerdings beim Windows zeichen hängen und ich musste ihn Resetten.
Dachnach sagte er mir das mein Startprotokol beschädigt sei und habe es Windows reaparieren lassen und musste einen System wiederherstellungspunkt aktivieren.

Hatte sowas auch noch nicht gehabt, zum Glück lief alles reibungslos ab und mein Pc ging dann wieder an.

Hoffe man kann mir hier Helfen.

Mfg

M-K-D-B · 25.05.2015, 10:35

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

DarkNeo · 25.05.2015, 12:17

Danke für deine hilfe, hier die geforderten logs =)

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-05-2015 01
Ran by Noname at 2015-05-25 13:04:34
Running from C:\Users\Noname\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4277079510-974402927-3430589439-500 - Administrator - Disabled)
Gast (S-1-5-21-4277079510-974402927-3430589439-501 - Limited - Disabled)
Noname (S-1-5-21-4277079510-974402927-3430589439-1000 - Administrator - Enabled) => C:\Users\Noname

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v3.00 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
devolo dLAN-Konfigurationsassistent (HKLM\...\dlanconf) (Version: 9.0.0.0 - devolo AG)
EPSON BX935FWD Series Printer Uninstall (HKLM\...\EPSON BX935FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 38.0.1 (x86 de) (HKLM\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.6 r0 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.6 r0 - YGOPro DevPro Online)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

07-05-2015 20:36:55 Geplanter Prüfpunkt
07-05-2015 21:03:25 Windows Update
14-05-2015 09:43:38 Windows Update
22-05-2015 19:01:40 Geplanter Prüfpunkt
23-05-2015 01:39:08 avast! antivirus system restore point
23-05-2015 10:02:52 Windows Update
23-05-2015 10:25:55 Windows Update
23-05-2015 12:00:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {29685E1F-2228-4284-9DC9-FAEFF9BB948A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {39DDFCC5-E8AC-4F5B-97A1-B24E438B9DC8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {42CFF66B-FAA9-4A2F-835A-E27393A0A8C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {58047848-E115-4783-A426-B8BF351EDBF6} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {6BD417A8-55DA-4A68-A3F4-18673D05CB17} - System32\Tasks\{7D875AB7-3E75-497C-AB92-4FB7316BA69B} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NVMonitor\setup.exe -d C:\NVIDIA\SystemTools\6.08\NVMonitor
Task: {792E9B8B-3FB4-4AB8-911A-D351030994BD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B935C073-F4F3-4A4A-87DB-C5C49AC45E61} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D0312B56-C217-411B-9D8F-279D5554DE17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {E1167BF6-4954-40E6-B211-AD8D334DF636} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {E5BD3B27-E2C1-49FF-8741-9E7EF099CA37} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-06] (Avast Software s.r.o.)
Task: {EC094005-C3EB-4024-9B3F-749E08A80221} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FA0A119B-0531-4F26-BB07-9319C2D3A3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-06 20:36 - 2015-05-06 20:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-06 20:36 - 2015-05-06 20:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-25 10:04 - 2015-05-25 10:04 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052500\algo.dll
2015-03-08 11:45 - 2015-02-05 20:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll
2015-03-08 21:39 - 2015-03-08 21:40 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Noname\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 193.189.244.202

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\startupreg: 20150107 => C:\Program Files\AVAST Software\Avast\setup\emupdate\0c77843d-45d3-4614-b019-2825c352d570.exe /check
MSCONFIG\startupreg: Adobe Speed Launcher => 1429258026
MSCONFIG\startupreg: EPLTarget => 

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{715EE703-F93C-4A44-8433-4487EAA472BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0E62E5B5-D95D-4C74-9672-067A8283FB31}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{343CF004-505E-43E0-B5C5-64A5342A5BCE}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{5882E574-3AB9-4943-9427-290DFD43AE43}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{8D830128-61A4-4C27-83DC-98C026C9FEAB}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{9F3417D6-7FBA-4577-869E-CE5F3EF6B507}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{92CFA8D8-52E0-4E0E-A205-336FA9B4287E}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [UDP Query User{995C1756-466E-4FE5-95FD-F12A5A59A412}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{AC67BA12-D3E1-46DB-993F-DC19E2F8F34B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{BFFDA09B-DAF9-4A8B-877B-7E0A8C8018F0}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [UDP Query User{66319B40-A6D3-4DA1-AA0F-C2107234B2BC}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [{96BFA00F-1B66-42E5-A3AF-A50384CB2563}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7144E11B-5FFA-4FF8-B747-B77002728DAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9795B38A-E7EB-44D8-830E-73B27CA72A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9C7E7BD3-D018-495B-BA7E-CCFA05089F0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CE973D5-AF1B-40B6-A222-E1C510502349}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8B262E26-295F-4326-AA3A-16FDE0F1BC86}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D26899A5-6F3E-4DDF-A679-AA009B13BC63}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4E341B75-8D2A-4D7C-800C-2DF4C81B18FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D483C699-5F8E-466F-B3AA-2EAF0B521B5C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: VIA USB erweiterter Hostcontroller
Description: VIA USB erweiterter Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: VIA Technologies
Service: usbehci
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2015 11:54:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 10:05:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 09:36:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 02:03:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 02:02:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1868) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Noname\AppData\Local\Microsoft\Windows\WebCache\V010000C.log.

Error: (05/24/2015 02:00:25 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\Windows\system32\lsm.exe ist fehlgeschlagen mit den Statuscode 255. Der Computer muss neu gestartet werden.

Error: (05/24/2015 02:00:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: lsm.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7a1ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8801
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00030362
ID des fehlerhaften Prozesses: 0x25c
Startzeit der fehlerhaften Anwendung: 0xlsm.exe0
Pfad der fehlerhaften Anwendung: lsm.exe1
Pfad des fehlerhaften Moduls: lsm.exe2
Berichtskennung: lsm.exe3

Error: (05/23/2015 10:09:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0xbbc
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (05/23/2015 10:04:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2015 09:57:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ee8

Startzeit: 01d095928d652ca4

Endzeit: 60

Anwendungspfad: C:\Program Files\Minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe

Berichts-ID: db75ba2f-0185-11e5-ba68-00192150032f


System errors:
=============
Error: (05/25/2015 01:25:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/24/2015 02:02:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎05.‎2015 um 02:00:32 unerwartet heruntergefahren.

Error: (05/24/2015 02:00:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/23/2015 10:09:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/23/2015 10:00:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2015 10:00:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2015 10:00:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2015 10:00:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2015 10:00:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/23/2015 10:00:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia Update Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (05/25/2015 11:54:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 10:05:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 09:36:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 02:03:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 02:02:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost1868WebCacheLocal: C:\Users\Noname\AppData\Local\Microsoft\Windows\WebCache\V010000C.log-1811

Error: (05/24/2015 02:00:25 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: C:\Windows\system32\lsm.exe255

Error: (05/24/2015 02:00:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: lsm.exe6.1.7601.175144ce7a1bantdll.dll6.1.7601.18839553e8801c00000050003036225c01d095937d43073cC:\Windows\system32\lsm.exeC:\Windows\SYSTEM32\ntdll.dlle05eb807-01a7-11e5-9827-00192150032f

Error: (05/23/2015 10:09:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a824000001500093534bbc01d09593ba6c2abfC:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exe98d4f56f-0187-11e5-9827-00192150032f

Error: (05/23/2015 10:04:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/23/2015 09:57:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.18ee801d095928d652ca460C:\Program Files\Minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exedb75ba2f-0185-11e5-ba68-00192150032f


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 2047.37 MB
Available physical RAM: 1231.09 MB
Total Pagefile: 4094.73 MB
Available Pagefile: 2834.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:182.48 GB) NTFS
Drive e: (Neo`s Daten) (Fixed) (Total:232.88 GB) (Free:225.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 04170417)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 0ACB0595)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

FRST

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2015 01
Ran by Noname (administrator) on NONAME-PC on 25-05-2015 13:02:41
Running from C:\Users\Noname\Downloads
Loaded Profiles: Noname (Available Profiles: Noname)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Minecraft\runtime\jre-x32\1.8.0_25\bin\java.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
AppInit_DLLs: °ö# => °ö# File not found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-06] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mega.co.nz/#login
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194

FireFox:
========
FF ProfilePath: C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587
FF Homepage: hxxp://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-03] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\artur.dubovoy@gmail.com [2015-05-23]
FF Extension: WOT - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-10-24]
FF Extension: MEGA - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\firefox@mega.co.nz.xpi [2014-10-24]
FF Extension: Stylish - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-10-24]
FF Extension: Video DownloadHelper - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF Extension: Adblock Plus - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF Extension: Adblock Edge - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-08]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-06] (Avast Software)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-06] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-06] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-11-06] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-06] ()
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () []
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 PLCNDIS5; C:\Windows\system32\plcndis5.sys [17280 2004-05-17] (Intellon, Inc.) []
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-09-25] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-06] (Avast Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 catchme; \??\C:\Users\Noname\AppData\Local\Temp\catchme.sys [X]
S3 crliycos; \SystemRoot\system32\drivers\ngiodriver_x86 [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-03 14:15 - 2015-03-07 15:37 - 00000987 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-05-25 13:02 - 2015-05-25 13:03 - 00010163 _____ () C:\Users\Noname\Downloads\FRST.txt
2015-05-25 13:01 - 2015-05-25 13:02 - 01146880 _____ (Farbar) C:\Users\Noname\Downloads\FRST.exe
2015-05-25 10:04 - 2015-05-25 11:53 - 00000112 _____ () C:\Windows\setupact.log
2015-05-25 10:04 - 2015-05-25 10:04 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-24 12:11 - 2015-05-24 12:45 - 300710528 _____ () C:\Users\Noname\Downloads\Mistress T - Soul Sucking Milking.rar
2015-05-23 20:04 - 2015-05-23 20:04 - 04685607 _____ () C:\Users\Noname\Downloads\Minecraft-Modpack_1.6.2.zip
2015-05-23 20:03 - 2015-05-23 20:03 - 01196832 _____ () C:\Users\Noname\Downloads\Minecraft Mods Pack - CHIP-Installer.exe
2015-05-23 20:00 - 2015-05-23 20:00 - 01047704 _____ () C:\Users\Noname\Downloads\Minecraft_-Rei's-Minimap-Mod-1.2.5-lnstall.exe
2015-05-23 19:51 - 2015-05-23 19:51 - 00000000 ____D () C:\ProgramData\Sun
2015-05-23 19:51 - 2015-05-23 19:51 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-05-23 19:50 - 2015-05-23 19:49 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-23 19:49 - 2015-05-23 19:49 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-23 19:49 - 2015-05-23 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-23 19:49 - 2015-05-23 19:49 - 00000000 ____D () C:\Program Files\Java
2015-05-23 19:44 - 2015-05-23 19:44 - 01196832 _____ () C:\Users\Noname\Downloads\Java Runtime Environment 32 Bit - CHIP-Installer.exe
2015-05-23 19:34 - 2015-05-23 19:34 - 00956887 _____ () C:\Users\Noname\Downloads\OptiFine_1.8.4_HD_U_D4.jar
2015-05-23 13:36 - 2015-05-23 14:38 - 557715754 _____ () C:\Users\Noname\Downloads\ssssskinnnyyy531.wmv
2015-05-23 12:36 - 2015-05-23 12:36 - 266535580 _____ () C:\Users\Noname\Downloads\jackivore2.m4v
2015-05-23 10:50 - 2015-05-23 10:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-23 10:47 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-23 10:25 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-23 10:25 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-23 10:25 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-23 10:25 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-23 10:25 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-23 10:25 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-23 10:25 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-23 10:25 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-23 10:25 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-23 10:25 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-23 10:25 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-23 10:25 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-23 10:25 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-23 10:25 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-23 10:25 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-23 10:25 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-23 10:25 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-23 10:25 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-23 10:25 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-23 10:25 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-23 10:25 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-23 10:25 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-23 10:25 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-23 10:25 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-23 10:25 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-23 10:25 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-23 10:25 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-23 10:25 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-23 10:25 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-23 10:25 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-23 10:25 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-23 10:25 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-23 10:25 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-23 10:24 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-23 10:24 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-23 10:24 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-23 10:24 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-23 10:24 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-23 10:24 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-23 10:24 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-23 10:24 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-23 10:24 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-23 10:24 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-23 10:24 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-23 10:24 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-23 10:24 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-23 10:24 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-23 10:24 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-23 10:24 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-23 10:24 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-23 10:24 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-23 10:24 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-23 10:22 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-23 10:22 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-23 10:22 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-23 10:22 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-23 10:22 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-23 10:19 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-23 10:19 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-23 10:19 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-23 10:02 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-23 01:40 - 2015-05-06 20:36 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-06 20:36 - 2015-05-06 20:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-02 22:34 - 2015-05-23 12:15 - 00000000 ____D () C:\Users\Noname\Downloads\Neuer Ordner (4)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-03 13:54 - 2013-09-06 00:00 - 00000000 ____D () C:\Users\Noname\AppData\Local\Adobe
2015-05-25 13:02 - 2015-03-08 14:40 - 00000000 ____D () C:\FRST
2015-05-25 12:47 - 2014-05-07 23:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-25 12:02 - 2009-07-14 06:34 - 00031104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-25 12:02 - 2009-07-14 06:34 - 00031104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-25 11:57 - 2013-08-22 12:47 - 01953507 _____ () C:\Windows\WindowsUpdate.log
2015-05-25 11:53 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-23 22:03 - 2013-10-01 08:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-23 22:00 - 2015-01-06 16:08 - 00000000 ____D () C:\AdwCleaner
2015-05-23 20:12 - 2015-04-07 23:04 - 00000000 ____D () C:\Users\Noname\AppData\Roaming\.minecraft
2015-05-23 15:52 - 2010-11-20 23:01 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-23 14:57 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-05-23 14:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-23 12:15 - 2015-03-17 22:42 - 00000000 ____D () C:\Users\Noname\Downloads\Neuer Ordner (3)
2015-05-23 12:15 - 2014-10-25 16:51 - 00000000 ____D () C:\Users\Noname\Downloads\Neuer Ordner
2015-05-23 12:01 - 2011-04-12 03:39 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-23 11:51 - 2009-07-14 06:33 - 00287344 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-23 11:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-05-23 11:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-23 10:45 - 2013-09-05 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-23 10:38 - 2013-09-05 21:20 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-23 10:03 - 2015-04-04 17:39 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-23 02:27 - 2011-04-12 03:39 - 00000000 ____D () C:\Windows\ShellNew
2015-05-23 02:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-23 02:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2015-05-23 02:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-23 02:24 - 2014-06-28 19:33 - 00000000 ____D () C:\Users\Noname\AppData\Roaming\LiveSnap
2015-05-23 01:38 - 2013-08-22 12:57 - 00000000 ____D () C:\Users\Noname
2015-05-18 18:17 - 2015-02-10 20:46 - 00000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag
2015-05-07 00:17 - 2011-01-24 00:21 - 00001127 _____ () C:\Users\Noname\AppData\Roaming\neo.ini
2015-05-06 20:36 - 2015-03-08 21:40 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-06 20:35 - 2015-03-08 21:40 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-03 11:40 - 2013-09-14 00:52 - 00000000 ____D () C:\ProgramData\Freemake
2015-05-03 11:40 - 2013-09-14 00:52 - 00000000 ____D () C:\Program Files\Freemake

==================== Files in the root of some directories =======

2013-11-07 10:37 - 2013-11-07 10:37 - 50063360 _____ () C:\Program Files\GUT13CF.tmp
2013-12-22 18:28 - 2013-12-22 18:28 - 0000000 _____ () C:\Program Files\Web Data
2015-02-10 20:46 - 2015-05-18 18:17 - 0000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag
2010-10-26 23:05 - 2014-05-31 19:25 - 0496128 _____ (cURL, hxxp://curl.haxx.se/) C:\Users\Noname\AppData\Roaming\curlchk.exe
2011-01-24 00:21 - 2015-05-07 00:17 - 0001127 _____ () C:\Users\Noname\AppData\Roaming\neo.ini
2011-01-24 00:21 - 2014-07-26 20:12 - 0001112 _____ () C:\Users\Noname\AppData\Roaming\neo98.ini
2014-07-10 08:56 - 2014-07-10 08:56 - 0000017 _____ () C:\Users\Noname\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 00:53

==================== End of log ============================

DarkNeo · 25.05.2015, 12:18

TDSS

Code:

ATTFilter

13:11:34.0401 0x0098  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:11:41.0116 0x0098  ============================================================
13:11:41.0116 0x0098  Current date / time: 2015/05/25 13:11:41.0116
13:11:41.0116 0x0098  SystemInfo:
13:11:41.0116 0x0098  
13:11:41.0116 0x0098  OS Version: 6.1.7601 ServicePack: 1.0
13:11:41.0116 0x0098  Product type: Workstation
13:11:41.0117 0x0098  ComputerName: NONAME-PC
13:11:41.0119 0x0098  UserName: Noname
13:11:41.0119 0x0098  Windows directory: C:\Windows
13:11:41.0119 0x0098  System windows directory: C:\Windows
13:11:41.0119 0x0098  Processor architecture: Intel x86
13:11:41.0119 0x0098  Number of processors: 2
13:11:41.0119 0x0098  Page size: 0x1000
13:11:41.0119 0x0098  Boot type: Normal boot
13:11:41.0119 0x0098  ============================================================
13:11:42.0942 0x0098  KLMD registered as C:\Windows\system32\drivers\95029194.sys
13:11:43.0292 0x0098  System UUID: {62A8C2EA-8805-A944-480E-DAAB76E85153}
13:11:44.0528 0x0098  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x1C042, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
13:11:44.0536 0x0098  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:11:44.0570 0x0098  ============================================================
13:11:44.0570 0x0098  \Device\Harddisk0\DR0:
13:11:44.0586 0x0098  MBR partitions:
13:11:44.0586 0x0098  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:11:44.0586 0x0098  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
13:11:44.0586 0x0098  \Device\Harddisk1\DR1:
13:11:44.0595 0x0098  MBR partitions:
13:11:44.0595 0x0098  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
13:11:44.0595 0x0098  ============================================================
13:11:44.0683 0x0098  C: <-> \Device\Harddisk0\DR0\Partition2
13:11:44.0700 0x0098  E: <-> \Device\Harddisk1\DR1\Partition1
13:11:44.0701 0x0098  ============================================================
13:11:44.0701 0x0098  Initialize success
13:11:44.0701 0x0098  ============================================================
13:12:31.0555 0x0fdc  ============================================================
13:12:31.0555 0x0fdc  Scan started
13:12:31.0555 0x0fdc  Mode: Manual; SigCheck; TDLFS; 
13:12:31.0555 0x0fdc  ============================================================
13:12:31.0555 0x0fdc  KSN ping started
13:12:34.0359 0x0fdc  KSN ping finished: true
13:12:35.0818 0x0fdc  ================ Scan system memory ========================
13:12:35.0818 0x0fdc  System memory - ok
13:12:35.0826 0x0fdc  ================ Scan services =============================
13:12:35.0987 0x0fdc  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:12:36.0171 0x0fdc  1394ohci - ok
13:12:36.0236 0x0fdc  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:12:36.0272 0x0fdc  ACPI - ok
13:12:36.0311 0x0fdc  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:12:36.0357 0x0fdc  AcpiPmi - ok
13:12:36.0458 0x0fdc  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:12:36.0493 0x0fdc  AdobeARMservice - ok
13:12:36.0607 0x0fdc  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:12:36.0645 0x0fdc  AdobeFlashPlayerUpdateSvc - ok
13:12:36.0718 0x0fdc  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:12:36.0764 0x0fdc  adp94xx - ok
13:12:36.0819 0x0fdc  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:12:36.0869 0x0fdc  adpahci - ok
13:12:36.0897 0x0fdc  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:12:36.0935 0x0fdc  adpu320 - ok
13:12:36.0999 0x0fdc  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:12:37.0037 0x0fdc  AeLookupSvc - ok
13:12:37.0118 0x0fdc  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
13:12:37.0165 0x0fdc  AFD - ok
13:12:37.0195 0x0fdc  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
13:12:37.0234 0x0fdc  agp440 - ok
13:12:37.0262 0x0fdc  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:12:37.0292 0x0fdc  aic78xx - ok
13:12:37.0350 0x0fdc  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
13:12:37.0396 0x0fdc  ALG - ok
13:12:37.0440 0x0fdc  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:12:37.0471 0x0fdc  aliide - ok
13:12:37.0511 0x0fdc  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:12:37.0549 0x0fdc  amdagp - ok
13:12:37.0597 0x0fdc  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:12:37.0632 0x0fdc  amdide - ok
13:12:37.0674 0x0fdc  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:12:37.0718 0x0fdc  AmdK8 - ok
13:12:37.0751 0x0fdc  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:12:37.0805 0x0fdc  AmdPPM - ok
13:12:37.0863 0x0fdc  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:12:37.0899 0x0fdc  amdsata - ok
13:12:37.0949 0x0fdc  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:12:37.0992 0x0fdc  amdsbs - ok
13:12:38.0009 0x0fdc  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:12:38.0077 0x0fdc  amdxata - ok
13:12:38.0097 0x0fdc  Andbus - ok
13:12:38.0115 0x0fdc  AndDiag - ok
13:12:38.0137 0x0fdc  AndGps - ok
13:12:38.0157 0x0fdc  ANDModem - ok
13:12:38.0194 0x0fdc  AndNetDiag - ok
13:12:38.0224 0x0fdc  ANDNetModem - ok
13:12:38.0240 0x0fdc  andnetndis - ok
13:12:38.0308 0x0fdc  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
13:12:38.0344 0x0fdc  AppID - ok
13:12:38.0369 0x0fdc  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:12:38.0400 0x0fdc  AppIDSvc - ok
13:12:38.0441 0x0fdc  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
13:12:38.0476 0x0fdc  Appinfo - ok
13:12:38.0558 0x0fdc  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:12:38.0580 0x0fdc  Apple Mobile Device - ok
13:12:38.0638 0x0fdc  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:12:38.0673 0x0fdc  AppMgmt - ok
13:12:38.0718 0x0fdc  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
13:12:38.0743 0x0fdc  arc - ok
13:12:38.0782 0x0fdc  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:12:38.0806 0x0fdc  arcsas - ok
13:12:38.0914 0x0fdc  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:12:38.0964 0x0fdc  aspnet_state - ok
13:12:39.0018 0x0fdc  [ EFDEF61C488A193986D4672658E91532, B2E97542F7C608937005A2ABFA10F7FD8F3E8F1AB3FBE621772E41048BBDDDBE ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
13:12:39.0058 0x0fdc  aswHwid - ok
13:12:39.0077 0x0fdc  [ 91AAF4792987B43C0653D74516F092C8, DFFB5D0BA6537E2B6A45292B8A2B566F848D54A2FB54017711236E2D3BCBEBBE ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:12:39.0110 0x0fdc  aswMonFlt - ok
13:12:39.0152 0x0fdc  [ 8C8FEC9F50898BB814BDFB5F5B2D566C, C72472C413550144E10A995A1CF28EB68519B147BD7AE6DF195512014083F9A8 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
13:12:39.0195 0x0fdc  aswRdr - ok
13:12:39.0228 0x0fdc  [ 2DB91CE80C367ACDD1331DE9B1E3EAEF, 7AF35FBA1DB6A44928A6DF554E9428C3E21191B376756718832FCD66F9F9D07C ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:12:39.0264 0x0fdc  aswRvrt - ok
13:12:39.0398 0x0fdc  [ 83DF5B3DE1C6527972946CDB328446F7, F4CA80903EE6FCB7E5A7B0E989692B6B5177CE03D3BFFE6A93D53C8B364EE833 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:12:39.0570 0x0fdc  aswSnx - ok
13:12:39.0651 0x0fdc  [ CB2B9FBFF7A3104A6AA60E797156800F, CFFA414258FB793CB34344A5B398335554F4A1BB22B26C843939D58CF53F3DB5 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:12:39.0699 0x0fdc  aswSP - ok
13:12:39.0745 0x0fdc  [ A5F0A2EB182C8A137E2C43CB4109EC1E, 0A95F497FCB51CC1F36D740833FD4766A42C287A34A8E0FA9078F1533AD9D75E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
13:12:39.0774 0x0fdc  aswStm - ok
13:12:39.0826 0x0fdc  [ 1D472E0E2AB962AA7F70B9AF85BF3C72, A428D76C47E354BCF9042A384445BCEE97C46BF9A98A65D9C48117B5FAE56819 ] aswTap          C:\Windows\system32\DRIVERS\aswTap.sys
13:12:39.0848 0x0fdc  aswTap - ok
13:12:39.0901 0x0fdc  [ D45875D018F9FB9BF19B976AD8791DE9, 9AA70417A9AAFF5515C6B1FFADD563FBDC0BC62AA0B9FDA8A771E67203C12270 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:12:39.0926 0x0fdc  aswVmm - ok
13:12:39.0960 0x0fdc  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:12:40.0011 0x0fdc  AsyncMac - ok
13:12:40.0045 0x0fdc  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:12:40.0072 0x0fdc  atapi - ok
13:12:40.0157 0x0fdc  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:12:40.0208 0x0fdc  AudioEndpointBuilder - ok
13:12:40.0243 0x0fdc  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:12:40.0290 0x0fdc  Audiosrv - ok
13:12:40.0365 0x0fdc  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:12:40.0407 0x0fdc  avast! Antivirus - ok
13:12:40.0602 0x0fdc  [ E5CA07C1A5A4C7095FC8937D84B37243, A881B253767305ED181DB0A270C3D6CFC5FA2293F1BB050793289DD86B1C20BB ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
13:12:40.0753 0x0fdc  AvastVBoxSvc - ok
13:12:40.0813 0x0fdc  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:12:40.0844 0x0fdc  AxInstSV - ok
13:12:40.0906 0x0fdc  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
13:12:40.0949 0x0fdc  b06bdrv - ok
13:12:40.0991 0x0fdc  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
13:12:41.0026 0x0fdc  b57nd60x - ok
13:12:41.0071 0x0fdc  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
13:12:41.0105 0x0fdc  BDESVC - ok
13:12:41.0137 0x0fdc  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:12:41.0196 0x0fdc  Beep - ok
13:12:41.0281 0x0fdc  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
13:12:41.0329 0x0fdc  BFE - ok
13:12:41.0381 0x0fdc  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
13:12:41.0510 0x0fdc  BITS - ok
13:12:41.0545 0x0fdc  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:12:41.0571 0x0fdc  blbdrive - ok
13:12:41.0663 0x0fdc  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:12:41.0694 0x0fdc  Bonjour Service - ok
13:12:41.0743 0x0fdc  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:12:41.0780 0x0fdc  bowser - ok
13:12:41.0807 0x0fdc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:12:41.0858 0x0fdc  BrFiltLo - ok
13:12:41.0882 0x0fdc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:12:41.0917 0x0fdc  BrFiltUp - ok
13:12:41.0964 0x0fdc  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:12:42.0018 0x0fdc  BridgeMP - ok
13:12:42.0051 0x0fdc  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
13:12:42.0098 0x0fdc  Browser - ok
13:12:42.0133 0x0fdc  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:12:42.0196 0x0fdc  Brserid - ok
13:12:42.0225 0x0fdc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:12:42.0262 0x0fdc  BrSerWdm - ok
13:12:42.0302 0x0fdc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:12:42.0338 0x0fdc  BrUsbMdm - ok
13:12:42.0365 0x0fdc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:12:42.0398 0x0fdc  BrUsbSer - ok
13:12:42.0423 0x0fdc  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:12:42.0468 0x0fdc  BTHMODEM - ok
13:12:42.0527 0x0fdc  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
13:12:42.0580 0x0fdc  bthserv - ok
13:12:42.0671 0x0fdc  catchme - ok
13:12:42.0714 0x0fdc  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:12:42.0808 0x0fdc  cdfs - ok
13:12:42.0841 0x0fdc  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:12:42.0886 0x0fdc  cdrom - ok
13:12:42.0931 0x0fdc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:12:43.0009 0x0fdc  CertPropSvc - ok
13:12:43.0032 0x0fdc  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:12:43.0077 0x0fdc  circlass - ok
13:12:43.0137 0x0fdc  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
13:12:43.0186 0x0fdc  CLFS - ok
13:12:43.0261 0x0fdc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:12:43.0300 0x0fdc  clr_optimization_v2.0.50727_32 - ok
13:12:43.0350 0x0fdc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:12:43.0462 0x0fdc  clr_optimization_v4.0.30319_32 - ok
13:12:43.0495 0x0fdc  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:12:43.0528 0x0fdc  CmBatt - ok
13:12:43.0561 0x0fdc  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:12:43.0588 0x0fdc  cmdide - ok
13:12:43.0651 0x0fdc  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
13:12:43.0701 0x0fdc  CNG - ok
13:12:43.0731 0x0fdc  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:12:43.0753 0x0fdc  Compbatt - ok
13:12:43.0782 0x0fdc  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:12:43.0822 0x0fdc  CompositeBus - ok
13:12:43.0835 0x0fdc  COMSysApp - ok
13:12:43.0869 0x0fdc  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:12:43.0890 0x0fdc  crcdisk - ok
13:12:43.0929 0x0fdc  crliycos - ok
13:12:43.0994 0x0fdc  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:12:44.0031 0x0fdc  CryptSvc - ok
13:12:44.0073 0x0fdc  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
13:12:44.0169 0x0fdc  CSC - ok
13:12:44.0263 0x0fdc  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
13:12:44.0329 0x0fdc  CscService - ok
13:12:44.0481 0x0fdc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:12:44.0570 0x0fdc  DcomLaunch - ok
13:12:44.0632 0x0fdc  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
13:12:44.0729 0x0fdc  defragsvc - ok
13:12:44.0815 0x0fdc  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:12:44.0970 0x0fdc  DfsC - ok
13:12:45.0021 0x0fdc  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:12:45.0067 0x0fdc  Dhcp - ok
13:12:45.0191 0x0fdc  [ E95DE5B790B2D16706DAC8472E51F31A, 9D7A72742D369B9F0E4ACEC9C1850D0D60E975AEBEFF5BA06B954EA3AB3E9FF6 ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:12:45.0253 0x0fdc  DiagTrack - ok
13:12:45.0282 0x0fdc  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
13:12:45.0327 0x0fdc  discache - ok
13:12:45.0385 0x0fdc  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
13:12:45.0408 0x0fdc  Disk - ok
13:12:45.0442 0x0fdc  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:12:45.0485 0x0fdc  dmvsc - ok
13:12:45.0526 0x0fdc  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:12:45.0565 0x0fdc  Dnscache - ok
13:12:45.0597 0x0fdc  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:12:45.0658 0x0fdc  dot3svc - ok
13:12:45.0690 0x0fdc  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
13:12:45.0752 0x0fdc  DPS - ok
13:12:45.0801 0x0fdc  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:12:45.0831 0x0fdc  drmkaud - ok
13:12:45.0899 0x0fdc  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:12:45.0955 0x0fdc  DXGKrnl - ok
13:12:46.0003 0x0fdc  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
13:12:46.0050 0x0fdc  EapHost - ok
13:12:46.0222 0x0fdc  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
13:12:46.0362 0x0fdc  ebdrv - ok
13:12:46.0437 0x0fdc  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] EFS             C:\Windows\System32\lsass.exe
13:12:46.0474 0x0fdc  EFS - ok
13:12:46.0553 0x0fdc  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:12:46.0601 0x0fdc  ehRecvr - ok
13:12:46.0625 0x0fdc  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
13:12:46.0657 0x0fdc  ehSched - ok
13:12:46.0714 0x0fdc  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:12:46.0758 0x0fdc  elxstor - ok
13:12:46.0785 0x0fdc  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:12:46.0813 0x0fdc  ErrDev - ok
13:12:46.0875 0x0fdc  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
13:12:46.0948 0x0fdc  EventSystem - ok
13:12:46.0981 0x0fdc  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:12:47.0035 0x0fdc  exfat - ok
13:12:47.0065 0x0fdc  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:12:47.0121 0x0fdc  fastfat - ok
13:12:47.0186 0x0fdc  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
13:12:47.0241 0x0fdc  Fax - ok
13:12:47.0277 0x0fdc  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:12:47.0309 0x0fdc  fdc - ok
13:12:47.0338 0x0fdc  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
13:12:47.0387 0x0fdc  fdPHost - ok
13:12:47.0402 0x0fdc  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:12:47.0455 0x0fdc  FDResPub - ok
13:12:47.0487 0x0fdc  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:12:47.0511 0x0fdc  FileInfo - ok
13:12:47.0528 0x0fdc  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:12:47.0585 0x0fdc  Filetrace - ok
13:12:47.0596 0x0fdc  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:12:47.0634 0x0fdc  flpydisk - ok
13:12:47.0666 0x0fdc  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:12:47.0699 0x0fdc  FltMgr - ok
13:12:47.0766 0x0fdc  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
13:12:47.0828 0x0fdc  FontCache - ok
13:12:47.0887 0x0fdc  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:12:47.0913 0x0fdc  FontCache3.0.0.0 - ok
13:12:47.0946 0x0fdc  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:12:47.0979 0x0fdc  FsDepends - ok
13:12:48.0006 0x0fdc  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:12:48.0041 0x0fdc  Fs_Rec - ok
13:12:48.0094 0x0fdc  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:12:48.0138 0x0fdc  fvevol - ok
13:12:48.0171 0x0fdc  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:12:48.0211 0x0fdc  gagp30kx - ok
13:12:48.0265 0x0fdc  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:12:48.0282 0x0fdc  GEARAspiWDM - ok
13:12:48.0338 0x0fdc  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\Windows\system32\giveio.sys
13:12:48.0348 0x0fdc  giveio - detected UnsignedFile.Multi.Generic ( 1 )
13:12:51.0226 0x0fdc  Detect skipped due to KSN trusted
13:12:51.0227 0x0fdc  giveio - ok
13:12:51.0282 0x0fdc  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:12:51.0363 0x0fdc  gpsvc - ok
13:12:51.0432 0x0fdc  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:12:51.0473 0x0fdc  hcw85cir - ok
13:12:51.0535 0x0fdc  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:12:51.0576 0x0fdc  HdAudAddService - ok
13:12:51.0626 0x0fdc  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:12:51.0674 0x0fdc  HDAudBus - ok
13:12:51.0699 0x0fdc  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:12:51.0733 0x0fdc  HidBatt - ok
13:12:51.0764 0x0fdc  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:12:51.0823 0x0fdc  HidBth - ok
13:12:51.0857 0x0fdc  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:12:51.0899 0x0fdc  HidIr - ok
13:12:51.0921 0x0fdc  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
13:12:51.0978 0x0fdc  hidserv - ok
13:12:52.0030 0x0fdc  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:12:52.0061 0x0fdc  HidUsb - ok
13:12:52.0102 0x0fdc  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:12:52.0157 0x0fdc  hkmsvc - ok
13:12:52.0211 0x0fdc  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:12:52.0271 0x0fdc  HomeGroupListener - ok
13:12:52.0307 0x0fdc  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:12:52.0364 0x0fdc  HomeGroupProvider - ok
13:12:52.0414 0x0fdc  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:12:52.0464 0x0fdc  HpSAMD - ok
13:12:52.0566 0x0fdc  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:12:52.0639 0x0fdc  HTTP - ok
13:12:52.0658 0x0fdc  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:12:52.0697 0x0fdc  hwpolicy - ok
13:12:52.0739 0x0fdc  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:12:52.0805 0x0fdc  i8042prt - ok
13:12:52.0874 0x0fdc  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:12:52.0946 0x0fdc  iaStorV - ok
13:12:53.0079 0x0fdc  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:12:53.0167 0x0fdc  idsvc - ok
13:12:53.0192 0x0fdc  IEEtwCollectorService - ok
13:12:53.0223 0x0fdc  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:12:53.0258 0x0fdc  iirsp - ok
13:12:53.0339 0x0fdc  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:12:53.0418 0x0fdc  IKEEXT - ok
13:12:53.0452 0x0fdc  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:12:53.0487 0x0fdc  intelide - ok
13:12:53.0536 0x0fdc  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:12:53.0579 0x0fdc  intelppm - ok
13:12:53.0628 0x0fdc  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:12:53.0701 0x0fdc  IPBusEnum - ok
13:12:53.0725 0x0fdc  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:12:53.0772 0x0fdc  IpFilterDriver - ok
13:12:53.0833 0x0fdc  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:12:53.0884 0x0fdc  iphlpsvc - ok
13:12:53.0921 0x0fdc  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:12:53.0952 0x0fdc  IPMIDRV - ok
13:12:53.0976 0x0fdc  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:12:54.0033 0x0fdc  IPNAT - ok
13:12:54.0107 0x0fdc  [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:12:54.0152 0x0fdc  iPod Service - ok
13:12:54.0179 0x0fdc  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:12:54.0227 0x0fdc  IRENUM - ok
13:12:54.0255 0x0fdc  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:12:54.0285 0x0fdc  isapnp - ok
13:12:54.0338 0x0fdc  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:12:54.0376 0x0fdc  iScsiPrt - ok
13:12:54.0418 0x0fdc  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:12:54.0441 0x0fdc  kbdclass - ok
13:12:54.0479 0x0fdc  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:12:54.0511 0x0fdc  kbdhid - ok
13:12:54.0537 0x0fdc  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] KeyIso          C:\Windows\system32\lsass.exe
13:12:54.0579 0x0fdc  KeyIso - ok
13:12:54.0624 0x0fdc  [ 6DD2A1064DD8AFBED22E71176E2AF59B, 915F36860DAA72DA89E906A7F6F255A854A2A91EEA536A7C2EDB4A63250F66CC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:12:54.0652 0x0fdc  KSecDD - ok
13:12:54.0686 0x0fdc  [ 76C0D35167B1369C68388FEDB56A3048, 2788962AB21DBB0A4D130AE5F822E9FDB96D7FF6320E2798714BF18BCB9CAE4F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:12:54.0745 0x0fdc  KSecPkg - ok
13:12:54.0788 0x0fdc  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:12:54.0848 0x0fdc  KtmRm - ok
13:12:54.0895 0x0fdc  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:12:54.0957 0x0fdc  LanmanServer - ok
13:12:55.0000 0x0fdc  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:12:55.0064 0x0fdc  LanmanWorkstation - ok
13:12:55.0126 0x0fdc  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:12:55.0206 0x0fdc  lltdio - ok
13:12:55.0249 0x0fdc  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:12:55.0340 0x0fdc  lltdsvc - ok
13:12:55.0364 0x0fdc  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:12:55.0409 0x0fdc  lmhosts - ok
13:12:55.0466 0x0fdc  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:12:55.0512 0x0fdc  LSI_FC - ok
13:12:55.0572 0x0fdc  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:12:55.0606 0x0fdc  LSI_SAS - ok
13:12:55.0645 0x0fdc  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:12:55.0683 0x0fdc  LSI_SAS2 - ok
13:12:55.0725 0x0fdc  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:12:55.0759 0x0fdc  LSI_SCSI - ok
13:12:55.0811 0x0fdc  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:12:55.0885 0x0fdc  luafv - ok
13:12:55.0935 0x0fdc  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:12:55.0973 0x0fdc  Mcx2Svc - ok
13:12:56.0012 0x0fdc  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:12:56.0043 0x0fdc  megasas - ok
13:12:56.0072 0x0fdc  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:12:56.0110 0x0fdc  MegaSR - ok
13:12:56.0135 0x0fdc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
13:12:56.0191 0x0fdc  MMCSS - ok
13:12:56.0222 0x0fdc  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
13:12:56.0272 0x0fdc  Modem - ok
13:12:56.0322 0x0fdc  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:12:56.0356 0x0fdc  monitor - ok
13:12:56.0392 0x0fdc  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:12:56.0420 0x0fdc  mouclass - ok
13:12:56.0451 0x0fdc  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:12:56.0517 0x0fdc  mouhid - ok
13:12:56.0556 0x0fdc  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:12:56.0586 0x0fdc  mountmgr - ok
13:12:56.0667 0x0fdc  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:12:56.0694 0x0fdc  MozillaMaintenance - ok
13:12:56.0734 0x0fdc  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:12:56.0763 0x0fdc  mpio - ok
13:12:56.0797 0x0fdc  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:12:56.0854 0x0fdc  mpsdrv - ok
13:12:56.0936 0x0fdc  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:12:57.0001 0x0fdc  MpsSvc - ok
13:12:57.0035 0x0fdc  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:12:57.0074 0x0fdc  MRxDAV - ok
13:12:57.0111 0x0fdc  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:12:57.0148 0x0fdc  mrxsmb - ok
13:12:57.0178 0x0fdc  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:12:57.0220 0x0fdc  mrxsmb10 - ok
13:12:57.0246 0x0fdc  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:12:57.0288 0x0fdc  mrxsmb20 - ok
13:12:57.0323 0x0fdc  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:12:57.0352 0x0fdc  msahci - ok
13:12:57.0381 0x0fdc  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:12:57.0405 0x0fdc  msdsm - ok
13:12:57.0438 0x0fdc  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
13:12:57.0485 0x0fdc  MSDTC - ok
13:12:57.0517 0x0fdc  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:12:57.0587 0x0fdc  Msfs - ok
13:12:57.0615 0x0fdc  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:12:57.0661 0x0fdc  mshidkmdf - ok
13:12:57.0677 0x0fdc  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:12:57.0711 0x0fdc  msisadrv - ok
13:12:57.0745 0x0fdc  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:12:57.0798 0x0fdc  MSiSCSI - ok
13:12:57.0819 0x0fdc  msiserver - ok
13:12:57.0863 0x0fdc  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:12:57.0909 0x0fdc  MSKSSRV - ok
13:12:57.0929 0x0fdc  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:12:57.0984 0x0fdc  MSPCLOCK - ok
13:12:58.0001 0x0fdc  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:12:58.0067 0x0fdc  MSPQM - ok
13:12:58.0095 0x0fdc  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:12:58.0130 0x0fdc  MsRPC - ok
13:12:58.0156 0x0fdc  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:12:58.0184 0x0fdc  mssmbios - ok
13:12:58.0194 0x0fdc  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:12:58.0245 0x0fdc  MSTEE - ok
13:12:58.0272 0x0fdc  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:12:58.0313 0x0fdc  MTConfig - ok
13:12:58.0341 0x0fdc  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:12:58.0364 0x0fdc  Mup - ok
13:12:58.0415 0x0fdc  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
13:12:58.0494 0x0fdc  napagent - ok
13:12:58.0566 0x0fdc  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:12:58.0624 0x0fdc  NativeWifiP - ok
13:12:58.0712 0x0fdc  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:12:58.0791 0x0fdc  NDIS - ok
13:12:58.0830 0x0fdc  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:12:58.0880 0x0fdc  NdisCap - ok
13:12:58.0912 0x0fdc  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:12:58.0959 0x0fdc  NdisTapi - ok
13:12:58.0990 0x0fdc  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:12:59.0039 0x0fdc  Ndisuio - ok
13:12:59.0075 0x0fdc  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:12:59.0126 0x0fdc  NdisWan - ok
13:12:59.0150 0x0fdc  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:12:59.0199 0x0fdc  NDProxy - ok
13:12:59.0222 0x0fdc  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:12:59.0277 0x0fdc  NetBIOS - ok
13:12:59.0305 0x0fdc  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:12:59.0361 0x0fdc  NetBT - ok
13:12:59.0394 0x0fdc  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] Netlogon        C:\Windows\system32\lsass.exe
13:12:59.0430 0x0fdc  Netlogon - ok
13:12:59.0475 0x0fdc  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
13:12:59.0539 0x0fdc  Netman - ok
13:12:59.0592 0x0fdc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:12:59.0640 0x0fdc  NetMsmqActivator - ok
13:12:59.0669 0x0fdc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:12:59.0706 0x0fdc  NetPipeActivator - ok
13:12:59.0747 0x0fdc  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
13:12:59.0810 0x0fdc  netprofm - ok
13:12:59.0838 0x0fdc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:12:59.0883 0x0fdc  NetTcpActivator - ok
13:12:59.0905 0x0fdc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:12:59.0935 0x0fdc  NetTcpPortSharing - ok
13:12:59.0987 0x0fdc  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:13:00.0011 0x0fdc  nfrd960 - ok
13:13:00.0059 0x0fdc  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:13:00.0112 0x0fdc  NlaSvc - ok
13:13:00.0172 0x0fdc  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\Windows\system32\drivers\npf.sys
13:13:00.0191 0x0fdc  npf - ok
13:13:00.0207 0x0fdc  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:13:00.0277 0x0fdc  Npfs - ok
13:13:00.0304 0x0fdc  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
13:13:00.0406 0x0fdc  nsi - ok
13:13:00.0434 0x0fdc  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:13:00.0505 0x0fdc  nsiproxy - ok
13:13:00.0593 0x0fdc  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:13:00.0668 0x0fdc  Ntfs - ok
13:13:00.0692 0x0fdc  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
13:13:00.0744 0x0fdc  Null - ok
13:13:00.0788 0x0fdc  [ B5E37E31C053BC9950455A257526514B, 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
13:13:00.0828 0x0fdc  NVENETFD - ok
13:13:00.0876 0x0fdc  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
13:13:00.0906 0x0fdc  NVHDA - ok
13:13:01.0305 0x0fdc  [ FCEA6786A7222DF6C26B008279139952, 9E96776417B45DC1ABDA5DE0CD36913FC6E6A38486D470BCBE01D09CE7388C4A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:13:01.0647 0x0fdc  nvlddmkm - ok
13:13:01.0769 0x0fdc  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:13:01.0803 0x0fdc  nvraid - ok
13:13:01.0840 0x0fdc  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:13:01.0873 0x0fdc  nvstor - ok
13:13:01.0947 0x0fdc  [ F4B2AAFDB72CC6A54A14A0D6DC82657A, CBC6F3E8BEE4920886A4A3F3269132719E520898590104BCD3391D77F435FD13 ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:13:01.0993 0x0fdc  nvsvc - ok
13:13:02.0024 0x0fdc  nvvad_WaveExtensible - ok
13:13:02.0051 0x0fdc  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:13:02.0081 0x0fdc  nv_agp - ok
13:13:02.0116 0x0fdc  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:13:02.0148 0x0fdc  ohci1394 - ok
13:13:02.0184 0x0fdc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:13:02.0227 0x0fdc  p2pimsvc - ok
13:13:02.0269 0x0fdc  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:13:02.0319 0x0fdc  p2psvc - ok
13:13:02.0356 0x0fdc  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:13:02.0395 0x0fdc  Parport - ok
13:13:02.0436 0x0fdc  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:13:02.0470 0x0fdc  partmgr - ok
13:13:02.0501 0x0fdc  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
13:13:02.0535 0x0fdc  Parvdm - ok
13:13:02.0592 0x0fdc  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:13:02.0647 0x0fdc  PcaSvc - ok
13:13:02.0682 0x0fdc  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
13:13:02.0735 0x0fdc  pci - ok
13:13:02.0802 0x0fdc  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:13:02.0849 0x0fdc  pciide - ok
13:13:02.0892 0x0fdc  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:13:02.0937 0x0fdc  pcmcia - ok
13:13:02.0958 0x0fdc  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:13:02.0993 0x0fdc  pcw - ok
13:13:03.0073 0x0fdc  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:13:03.0156 0x0fdc  PEAUTH - ok
13:13:03.0278 0x0fdc  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:13:03.0390 0x0fdc  PeerDistSvc - ok
13:13:03.0551 0x0fdc  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
13:13:03.0664 0x0fdc  pla - ok
13:13:03.0724 0x0fdc  [ 2ABA2F545B35F9C6CC2CFC4E1D539A80, 4771ED8E1FE3F9F2B999BDC8D5D8D437615117E5150E1677811954C6C802850F ] PLCNDIS5        C:\Windows\system32\plcndis5.sys
13:13:03.0742 0x0fdc  PLCNDIS5 - detected UnsignedFile.Multi.Generic ( 1 )
13:13:06.0758 0x0fdc  Detect skipped due to KSN trusted
13:13:06.0758 0x0fdc  PLCNDIS5 - ok
13:13:06.0822 0x0fdc  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:13:06.0874 0x0fdc  PlugPlay - ok
13:13:06.0897 0x0fdc  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:13:06.0948 0x0fdc  PNRPAutoReg - ok
13:13:07.0003 0x0fdc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:13:07.0057 0x0fdc  PNRPsvc - ok
13:13:07.0130 0x0fdc  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:13:07.0211 0x0fdc  PolicyAgent - ok
13:13:07.0247 0x0fdc  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
13:13:07.0302 0x0fdc  Power - ok
13:13:07.0357 0x0fdc  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:13:07.0410 0x0fdc  PptpMiniport - ok
13:13:07.0435 0x0fdc  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
13:13:07.0470 0x0fdc  Processor - ok
13:13:07.0510 0x0fdc  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:13:07.0553 0x0fdc  ProfSvc - ok
13:13:07.0576 0x0fdc  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] ProtectedStorage C:\Windows\system32\lsass.exe
13:13:07.0622 0x0fdc  ProtectedStorage - ok
13:13:07.0652 0x0fdc  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:13:07.0721 0x0fdc  Psched - ok
13:13:07.0789 0x0fdc  [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_x86.sys
13:13:07.0809 0x0fdc  PSI - ok
13:13:07.0910 0x0fdc  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:13:07.0988 0x0fdc  ql2300 - ok
13:13:08.0021 0x0fdc  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:13:08.0046 0x0fdc  ql40xx - ok
13:13:08.0091 0x0fdc  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
13:13:08.0163 0x0fdc  QWAVE - ok
13:13:08.0208 0x0fdc  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:13:08.0261 0x0fdc  QWAVEdrv - ok
13:13:08.0288 0x0fdc  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:13:08.0373 0x0fdc  RasAcd - ok
13:13:08.0424 0x0fdc  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:13:08.0478 0x0fdc  RasAgileVpn - ok
13:13:08.0503 0x0fdc  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
13:13:08.0574 0x0fdc  RasAuto - ok
13:13:08.0607 0x0fdc  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:13:08.0663 0x0fdc  Rasl2tp - ok
13:13:08.0704 0x0fdc  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
13:13:08.0762 0x0fdc  RasMan - ok
13:13:08.0789 0x0fdc  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:13:08.0873 0x0fdc  RasPppoe - ok
13:13:08.0926 0x0fdc  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:13:08.0985 0x0fdc  RasSstp - ok
13:13:09.0019 0x0fdc  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:13:09.0084 0x0fdc  rdbss - ok
13:13:09.0123 0x0fdc  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:13:09.0166 0x0fdc  rdpbus - ok
13:13:09.0196 0x0fdc  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:13:09.0257 0x0fdc  RDPCDD - ok
13:13:09.0296 0x0fdc  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:13:09.0344 0x0fdc  RDPDR - ok
13:13:09.0397 0x0fdc  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:13:09.0547 0x0fdc  RDPENCDD - ok
13:13:09.0617 0x0fdc  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:13:09.0772 0x0fdc  RDPREFMP - ok
13:13:09.0884 0x0fdc  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:13:09.0924 0x0fdc  RdpVideoMiniport - ok
13:13:09.0987 0x0fdc  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:13:10.0023 0x0fdc  RDPWD - ok
13:13:10.0067 0x0fdc  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:13:10.0106 0x0fdc  rdyboost - ok
13:13:10.0156 0x0fdc  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:13:10.0211 0x0fdc  RemoteAccess - ok
13:13:10.0250 0x0fdc  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:13:10.0308 0x0fdc  RemoteRegistry - ok
13:13:10.0334 0x0fdc  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:13:10.0397 0x0fdc  RpcEptMapper - ok
13:13:10.0420 0x0fdc  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
13:13:10.0454 0x0fdc  RpcLocator - ok
13:13:10.0500 0x0fdc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
13:13:10.0592 0x0fdc  RpcSs - ok
13:13:10.0648 0x0fdc  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:13:10.0734 0x0fdc  rspndr - ok
13:13:10.0765 0x0fdc  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:13:10.0810 0x0fdc  s3cap - ok
13:13:10.0843 0x0fdc  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] SamSs           C:\Windows\system32\lsass.exe
13:13:10.0881 0x0fdc  SamSs - ok
13:13:10.0922 0x0fdc  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:13:10.0953 0x0fdc  sbp2port - ok
13:13:10.0980 0x0fdc  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:13:11.0037 0x0fdc  SCardSvr - ok
13:13:11.0054 0x0fdc  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:13:11.0117 0x0fdc  scfilter - ok
13:13:11.0191 0x0fdc  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
13:13:11.0315 0x0fdc  Schedule - ok
13:13:11.0356 0x0fdc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:13:11.0439 0x0fdc  SCPolicySvc - ok
13:13:11.0469 0x0fdc  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:13:11.0510 0x0fdc  SDRSVC - ok
13:13:11.0540 0x0fdc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:13:11.0590 0x0fdc  secdrv - ok
13:13:11.0621 0x0fdc  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
13:13:11.0752 0x0fdc  seclogon - ok
13:13:11.0896 0x0fdc  [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
13:13:12.0018 0x0fdc  Secunia PSI Agent - ok
13:13:12.0129 0x0fdc  [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
13:13:12.0197 0x0fdc  Secunia Update Agent - ok
13:13:12.0242 0x0fdc  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
13:13:12.0319 0x0fdc  SENS - ok
13:13:12.0371 0x0fdc  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:13:12.0404 0x0fdc  SensrSvc - ok
13:13:12.0436 0x0fdc  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:13:12.0483 0x0fdc  Serenum - ok
13:13:12.0533 0x0fdc  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:13:12.0561 0x0fdc  Serial - ok
13:13:12.0595 0x0fdc  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:13:12.0638 0x0fdc  sermouse - ok
13:13:12.0705 0x0fdc  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:13:12.0843 0x0fdc  SessionEnv - ok
13:13:12.0880 0x0fdc  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:13:12.0925 0x0fdc  sffdisk - ok
13:13:12.0941 0x0fdc  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:13:12.0993 0x0fdc  sffp_mmc - ok
13:13:13.0011 0x0fdc  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:13:13.0059 0x0fdc  sffp_sd - ok
13:13:13.0071 0x0fdc  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:13:13.0126 0x0fdc  sfloppy - ok
13:13:13.0190 0x0fdc  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:13:13.0287 0x0fdc  SharedAccess - ok
13:13:13.0333 0x0fdc  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:13:13.0430 0x0fdc  ShellHWDetection - ok
13:13:13.0460 0x0fdc  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:13:13.0502 0x0fdc  sisagp - ok
13:13:13.0535 0x0fdc  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:13:13.0572 0x0fdc  SiSRaid2 - ok
13:13:13.0600 0x0fdc  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:13:13.0647 0x0fdc  SiSRaid4 - ok
13:13:13.0683 0x0fdc  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:13:13.0776 0x0fdc  Smb - ok
13:13:13.0836 0x0fdc  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:13:13.0890 0x0fdc  SNMPTRAP - ok
13:13:13.0963 0x0fdc  [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan        C:\Windows\system32\speedfan.sys
13:13:14.0009 0x0fdc  speedfan - ok
13:13:14.0051 0x0fdc  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:13:14.0081 0x0fdc  spldr - ok
13:13:14.0148 0x0fdc  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
13:13:14.0202 0x0fdc  Spooler - ok
13:13:14.0448 0x0fdc  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
13:13:14.0711 0x0fdc  sppsvc - ok
13:13:14.0785 0x0fdc  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:13:14.0882 0x0fdc  sppuinotify - ok
13:13:14.0943 0x0fdc  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:13:14.0990 0x0fdc  srv - ok
13:13:15.0033 0x0fdc  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:13:15.0077 0x0fdc  srv2 - ok
13:13:15.0107 0x0fdc  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:13:15.0155 0x0fdc  srvnet - ok
13:13:15.0219 0x0fdc  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:13:15.0308 0x0fdc  SSDPSRV - ok
13:13:15.0347 0x0fdc  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:13:15.0451 0x0fdc  SstpSvc - ok
13:13:15.0485 0x0fdc  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:13:15.0523 0x0fdc  stexstor - ok
13:13:15.0586 0x0fdc  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
13:13:15.0683 0x0fdc  StiSvc - ok
13:13:15.0736 0x0fdc  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:13:15.0776 0x0fdc  storflt - ok
13:13:15.0805 0x0fdc  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
13:13:15.0859 0x0fdc  StorSvc - ok
13:13:15.0935 0x0fdc  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:13:15.0971 0x0fdc  storvsc - ok
13:13:16.0029 0x0fdc  [ 75A8EE6F0917AD9355367DBF25DB8415, B6188D940126EDA400E0C75E1DD75CE7542F32B94D8CC5947EC68523845C4307 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
13:13:16.0074 0x0fdc  SWDUMon - ok
13:13:16.0112 0x0fdc  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:13:16.0147 0x0fdc  swenum - ok
13:13:16.0200 0x0fdc  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
13:13:16.0293 0x0fdc  swprv - ok
13:13:16.0377 0x0fdc  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
13:13:16.0505 0x0fdc  SysMain - ok
13:13:16.0546 0x0fdc  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:13:16.0624 0x0fdc  TabletInputService - ok
13:13:16.0679 0x0fdc  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:13:16.0785 0x0fdc  TapiSrv - ok
13:13:16.0810 0x0fdc  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
13:13:16.0901 0x0fdc  TBS - ok
13:13:17.0028 0x0fdc  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:13:17.0145 0x0fdc  Tcpip - ok
13:13:17.0243 0x0fdc  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:13:17.0361 0x0fdc  TCPIP6 - ok
13:13:17.0412 0x0fdc  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:13:17.0446 0x0fdc  tcpipreg - ok
13:13:17.0480 0x0fdc  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:13:17.0513 0x0fdc  TDPIPE - ok
13:13:17.0538 0x0fdc  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:13:17.0574 0x0fdc  TDTCP - ok
13:13:17.0640 0x0fdc  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:13:17.0667 0x0fdc  tdx - ok
13:13:17.0686 0x0fdc  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:13:17.0714 0x0fdc  TermDD - ok
13:13:17.0779 0x0fdc  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
13:13:17.0826 0x0fdc  TermService - ok
13:13:17.0865 0x0fdc  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
13:13:17.0906 0x0fdc  Themes - ok
13:13:17.0931 0x0fdc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:13:17.0997 0x0fdc  THREADORDER - ok
13:13:18.0020 0x0fdc  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
13:13:18.0124 0x0fdc  TrkWks - ok
13:13:18.0202 0x0fdc  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:13:18.0286 0x0fdc  TrustedInstaller - ok
13:13:18.0370 0x0fdc  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:13:18.0412 0x0fdc  tssecsrv - ok
13:13:18.0464 0x0fdc  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:13:18.0510 0x0fdc  TsUsbFlt - ok
13:13:18.0616 0x0fdc  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:13:18.0802 0x0fdc  TsUsbGD - ok
13:13:18.0903 0x0fdc  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:13:19.0014 0x0fdc  tunnel - ok
13:13:19.0043 0x0fdc  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:13:19.0069 0x0fdc  uagp35 - ok
13:13:19.0111 0x0fdc  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:13:19.0167 0x0fdc  udfs - ok
13:13:19.0215 0x0fdc  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:13:19.0250 0x0fdc  UI0Detect - ok
13:13:19.0284 0x0fdc  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:13:19.0319 0x0fdc  uliagpkx - ok
13:13:19.0351 0x0fdc  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:13:19.0377 0x0fdc  umbus - ok
13:13:19.0410 0x0fdc  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:13:19.0436 0x0fdc  UmPass - ok
13:13:19.0460 0x0fdc  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:13:19.0514 0x0fdc  UmRdpService - ok
13:13:19.0574 0x0fdc  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
13:13:19.0686 0x0fdc  upnphost - ok
13:13:19.0739 0x0fdc  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:13:19.0785 0x0fdc  USBAAPL - ok
13:13:19.0843 0x0fdc  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:13:19.0899 0x0fdc  usbccgp - ok
13:13:19.0965 0x0fdc  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:13:20.0011 0x0fdc  usbcir - ok
13:13:20.0060 0x0fdc  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:13:20.0107 0x0fdc  usbehci - ok
13:13:20.0191 0x0fdc  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:13:20.0227 0x0fdc  usbhub - ok
13:13:20.0249 0x0fdc  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:13:20.0275 0x0fdc  usbohci - ok
13:13:20.0327 0x0fdc  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:13:20.0369 0x0fdc  usbprint - ok
13:13:20.0430 0x0fdc  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:13:20.0475 0x0fdc  usbscan - ok
13:13:20.0524 0x0fdc  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:13:20.0566 0x0fdc  USBSTOR - ok
13:13:20.0617 0x0fdc  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:13:20.0649 0x0fdc  usbuhci - ok
13:13:20.0685 0x0fdc  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
13:13:20.0781 0x0fdc  UxSms - ok
13:13:20.0833 0x0fdc  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] VaultSvc        C:\Windows\system32\lsass.exe
13:13:20.0874 0x0fdc  VaultSvc - ok
13:13:20.0960 0x0fdc  [ ACC8107C8CA822972D3E70550DCBF07B, 1FFC80E5FA9B971DF6499ACCC57DB6C07D24991101FE663AFB58A6C07FEFB305 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
13:13:21.0000 0x0fdc  VBoxAswDrv - ok
13:13:21.0055 0x0fdc  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:13:21.0083 0x0fdc  vdrvroot - ok
13:13:21.0137 0x0fdc  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
13:13:21.0231 0x0fdc  vds - ok
13:13:21.0262 0x0fdc  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:13:21.0307 0x0fdc  vga - ok
13:13:21.0344 0x0fdc  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:13:21.0503 0x0fdc  VgaSave - ok
13:13:21.0531 0x0fdc  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:13:21.0559 0x0fdc  vhdmp - ok
13:13:21.0595 0x0fdc  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:13:21.0623 0x0fdc  viaagp - ok
13:13:21.0647 0x0fdc  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
13:13:21.0682 0x0fdc  ViaC7 - ok
13:13:21.0711 0x0fdc  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:13:21.0743 0x0fdc  viaide - ok
13:13:21.0782 0x0fdc  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:13:21.0812 0x0fdc  vmbus - ok
13:13:21.0838 0x0fdc  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:13:21.0867 0x0fdc  VMBusHID - ok
13:13:21.0906 0x0fdc  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:13:21.0959 0x0fdc  volmgr - ok
13:13:22.0100 0x0fdc  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:13:22.0160 0x0fdc  volmgrx - ok
13:13:22.0244 0x0fdc  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:13:22.0304 0x0fdc  volsnap - ok
13:13:22.0350 0x0fdc  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:13:22.0391 0x0fdc  vsmraid - ok
13:13:22.0481 0x0fdc  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
13:13:22.0636 0x0fdc  VSS - ok
13:13:22.0685 0x0fdc  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:13:22.0789 0x0fdc  vwifibus - ok
13:13:22.0849 0x0fdc  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
13:13:22.0946 0x0fdc  W32Time - ok
13:13:22.0991 0x0fdc  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:13:23.0032 0x0fdc  WacomPen - ok
13:13:23.0071 0x0fdc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:13:23.0167 0x0fdc  WANARP - ok
13:13:23.0179 0x0fdc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:13:23.0256 0x0fdc  Wanarpv6 - ok
13:13:23.0393 0x0fdc  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:13:23.0508 0x0fdc  WatAdminSvc - ok
13:13:23.0622 0x0fdc  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
13:13:23.0747 0x0fdc  wbengine - ok
13:13:23.0781 0x0fdc  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:13:23.0848 0x0fdc  WbioSrvc - ok
13:13:23.0886 0x0fdc  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:13:23.0973 0x0fdc  wcncsvc - ok
13:13:24.0002 0x0fdc  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:13:24.0058 0x0fdc  WcsPlugInService - ok
13:13:24.0103 0x0fdc  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
13:13:24.0133 0x0fdc  Wd - ok
13:13:24.0207 0x0fdc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:13:24.0272 0x0fdc  Wdf01000 - ok
13:13:24.0343 0x0fdc  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:13:24.0411 0x0fdc  WdiServiceHost - ok
13:13:24.0431 0x0fdc  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:13:24.0495 0x0fdc  WdiSystemHost - ok
13:13:24.0566 0x0fdc  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
13:13:24.0650 0x0fdc  WebClient - ok
13:13:24.0722 0x0fdc  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:13:24.0824 0x0fdc  Wecsvc - ok
13:13:24.0862 0x0fdc  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:13:24.0939 0x0fdc  wercplsupport - ok
13:13:24.0965 0x0fdc  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
13:13:25.0073 0x0fdc  WerSvc - ok
13:13:25.0135 0x0fdc  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:13:25.0210 0x0fdc  WfpLwf - ok
13:13:25.0247 0x0fdc  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:13:25.0281 0x0fdc  WIMMount - ok
13:13:25.0360 0x0fdc  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:13:25.0446 0x0fdc  WinDefend - ok
13:13:25.0549 0x0fdc  WinHttpAutoProxySvc - ok
13:13:25.0626 0x0fdc  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:13:25.0685 0x0fdc  Winmgmt - ok
13:13:25.0798 0x0fdc  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:13:25.0868 0x0fdc  WinRM - ok
13:13:25.0949 0x0fdc  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
13:13:25.0977 0x0fdc  WinUsb - ok
13:13:26.0034 0x0fdc  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:13:26.0100 0x0fdc  Wlansvc - ok
13:13:26.0150 0x0fdc  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:13:26.0177 0x0fdc  WmiAcpi - ok
13:13:26.0223 0x0fdc  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:13:26.0255 0x0fdc  wmiApSrv - ok
13:13:26.0335 0x0fdc  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:13:26.0407 0x0fdc  WMPNetworkSvc - ok
13:13:26.0437 0x0fdc  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:13:26.0480 0x0fdc  WPCSvc - ok
13:13:26.0509 0x0fdc  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:13:26.0563 0x0fdc  WPDBusEnum - ok
13:13:26.0610 0x0fdc  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:13:26.0676 0x0fdc  ws2ifsl - ok
13:13:26.0699 0x0fdc  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
13:13:26.0737 0x0fdc  wscsvc - ok
13:13:26.0748 0x0fdc  WSearch - ok
13:13:26.0885 0x0fdc  [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv        C:\Windows\system32\wuaueng.dll
13:13:27.0021 0x0fdc  wuauserv - ok
13:13:27.0066 0x0fdc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:13:27.0183 0x0fdc  WudfPf - ok
13:13:27.0230 0x0fdc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
13:13:27.0285 0x0fdc  WUDFRd - ok
13:13:27.0321 0x0fdc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:13:27.0383 0x0fdc  wudfsvc - ok
13:13:27.0424 0x0fdc  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:13:27.0487 0x0fdc  WwanSvc - ok
13:13:27.0607 0x0fdc  [ 30B73EB97218A16CBC6DE535782A1B35, 5B034F39FA5B902BD6899717F7696871CDAFB8698B48BB0E95DAE51234715A28 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
13:13:27.0660 0x0fdc  yukonw7 - ok
13:13:27.0684 0x0fdc  ================ Scan global ===============================
13:13:27.0711 0x0fdc  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
13:13:27.0739 0x0fdc  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:13:27.0769 0x0fdc  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:13:27.0805 0x0fdc  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:13:27.0847 0x0fdc  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
13:13:27.0860 0x0fdc  [ Global ] - ok
13:13:27.0861 0x0fdc  ================ Scan MBR ==================================
13:13:27.0874 0x0fdc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:13:28.0122 0x0fdc  \Device\Harddisk0\DR0 - ok
13:13:28.0151 0x0fdc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:13:28.0224 0x0fdc  \Device\Harddisk1\DR1 - ok
13:13:28.0224 0x0fdc  ================ Scan VBR ==================================
13:13:28.0231 0x0fdc  [ EE7AAF883CFA828A0BCE690433698A05 ] \Device\Harddisk0\DR0\Partition1
13:13:28.0235 0x0fdc  \Device\Harddisk0\DR0\Partition1 - ok
13:13:28.0242 0x0fdc  [ 0195E116EA2037FB531BF43F8D183A6A ] \Device\Harddisk0\DR0\Partition2
13:13:28.0247 0x0fdc  \Device\Harddisk0\DR0\Partition2 - ok
13:13:28.0264 0x0fdc  [ 5EDB229FC627BFF5BE9268D0C0E713F6 ] \Device\Harddisk1\DR1\Partition1
13:13:28.0296 0x0fdc  \Device\Harddisk1\DR1\Partition1 - ok
13:13:28.0297 0x0fdc  ================ Scan generic autorun ======================
13:13:28.0557 0x0fdc  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:13:28.0816 0x0fdc  AvastUI.exe - ok
13:13:28.0924 0x0fdc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
13:13:29.0002 0x0fdc  Sidebar - ok
13:13:29.0241 0x0fdc  [ 805210C8DB11D5799E7172923959BF98, A8DCB8A6FDE5ED583D329D6D8A5979FFD3E844046335529BB2E81A5D310E5894 ] C:\Program Files\CCleaner\CCleaner.exe
13:13:29.0505 0x0fdc  CCleaner Monitoring - ok
13:13:29.0530 0x0fdc  Waiting for KSN requests completion. In queue: 174
13:13:30.0530 0x0fdc  Waiting for KSN requests completion. In queue: 174
13:13:31.0530 0x0fdc  Waiting for KSN requests completion. In queue: 174
13:13:32.0530 0x0fdc  Waiting for KSN requests completion. In queue: 174
13:13:33.0587 0x0fdc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
13:13:33.0611 0x0fdc  Win FW state via NFP2: enabled
13:13:36.0403 0x0fdc  ============================================================
13:13:36.0403 0x0fdc  Scan finished
13:13:36.0403 0x0fdc  ============================================================
13:13:36.0423 0x0edc  Detected object count: 0
13:13:36.0423 0x0edc  Actual detected object count: 0

M-K-D-B · 25.05.2015, 12:20

Servus,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

DarkNeo · 25.05.2015, 12:54

Code:

ATTFilter

ComboFix 15-05-25.01 - Noname 25.05.2015  14:09:21.2.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.2047.984 [GMT 2:00]
ausgeführt von:: c:\desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-04-25 bis 2015-05-25  ))))))))))))))))))))))))))))))
.
.
2015-07-03 11:51 . 2015-07-03 11:51	--------	d-----w-	c:\windows\system32\Wat
2015-05-25 12:20 . 2015-05-25 12:20	--------	d-----w-	c:\users\Public\AppData\Local\temp
2015-05-25 12:20 . 2015-05-25 12:20	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-05-23 17:51 . 2015-05-23 17:51	--------	d-----w-	c:\program files\Common Files\Java
2015-05-23 17:50 . 2015-05-23 17:49	96680	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2015-05-23 17:49 . 2015-05-23 17:49	--------	d-----w-	c:\programdata\Oracle
2015-05-23 17:49 . 2015-05-23 17:49	--------	d-----w-	c:\program files\Java
2015-05-23 08:47 . 2015-05-01 13:16	102608	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-23 08:24 . 2015-04-27 19:05	851456	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-23 08:22 . 2015-04-13 03:19	259072	----a-w-	c:\windows\system32\services.exe
2015-05-23 08:22 . 2015-03-04 04:11	5120	----a-w-	c:\windows\system32\shimeng.dll
2015-05-23 08:22 . 2015-03-04 04:10	295936	----a-w-	c:\windows\system32\apphelp.dll
2015-05-23 08:22 . 2015-03-04 04:10	62464	----a-w-	c:\windows\system32\aelupsvc.dll
2015-05-23 08:22 . 2015-03-04 04:10	20992	----a-w-	c:\windows\system32\sdbinst.exe
2015-05-23 08:02 . 2015-04-11 03:07	54656	----a-w-	c:\windows\system32\drivers\stream.sys
2015-05-22 23:40 . 2015-05-06 18:36	291312	----a-w-	c:\windows\system32\aswBoot.exe
2015-05-06 18:36 . 2015-05-06 18:36	43112	----a-w-	c:\windows\avastSS.scr
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-06 18:36 . 2015-03-08 19:40	106912	----a-w-	c:\windows\system32\drivers\aswStm.sys
2015-05-06 18:36 . 2015-03-08 19:40	209048	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-05-06 18:36 . 2015-03-08 19:40	427992	----a-w-	c:\windows\system32\drivers\aswSP.sys
2015-05-06 18:36 . 2015-03-08 19:40	49904	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-05-06 18:36 . 2015-03-08 19:40	74976	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2015-05-06 18:36 . 2015-03-08 19:40	24144	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-05-06 18:36 . 2015-03-08 19:40	81728	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2015-05-06 18:35 . 2015-03-08 19:40	787760	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2015-04-14 19:49 . 2014-03-21 18:26	778416	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-04-14 19:49 . 2014-03-21 18:26	142512	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-25 03:00 . 2015-04-15 16:36	92672	----a-w-	c:\windows\system32\wudriver.dll
2015-03-25 03:00 . 2015-04-15 16:36	566784	----a-w-	c:\windows\system32\wuapi.dll
2015-03-25 03:00 . 2015-04-15 16:36	35328	----a-w-	c:\windows\system32\wups2.dll
2015-03-25 03:00 . 2015-04-15 16:36	3088384	----a-w-	c:\windows\system32\wucltux.dll
2015-03-25 03:00 . 2015-04-15 16:36	29696	----a-w-	c:\windows\system32\wups.dll
2015-03-25 03:00 . 2015-04-15 16:36	2020864	----a-w-	c:\windows\system32\wuaueng.dll
2015-03-25 03:00 . 2015-04-15 16:36	173056	----a-w-	c:\windows\system32\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 16:36	50176	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-03-25 03:00 . 2015-04-15 16:36	11776	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:00 . 2015-04-15 16:36	33792	----a-w-	c:\windows\system32\wuapp.exe
2015-03-25 03:00 . 2015-04-15 16:36	131584	----a-w-	c:\windows\system32\wuauclt.exe
2015-03-23 03:06 . 2015-04-15 16:36	576000	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 03:06 . 2015-04-15 16:36	630784	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 03:06 . 2015-04-15 16:36	331264	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 03:06 . 2015-04-15 16:36	860160	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 03:06 . 2015-04-15 16:36	26112	----a-w-	c:\windows\system32\acmigration.dll
2015-03-23 03:06 . 2015-04-15 16:36	202752	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 03:06 . 2015-04-15 16:36	159744	----a-w-	c:\windows\system32\aepic.dll
2015-03-23 02:59 . 2015-04-15 16:36	896000	----a-w-	c:\windows\system32\aeinv.dll
2015-03-12 10:05 . 2014-09-03 08:18	114904	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-10 03:08 . 2015-04-15 16:36	1237504	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:05 . 2015-04-15 16:36	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-05 04:06 . 2015-04-15 16:36	305152	----a-w-	c:\windows\system32\gdi32.dll
2015-03-04 04:16 . 2015-04-15 16:36	249784	----a-w-	c:\windows\system32\clfs.sys
2015-03-04 04:10 . 2015-04-15 16:36	58880	----a-w-	c:\windows\system32\clfsw32.dll
2015-03-04 04:10 . 2015-05-23 08:22	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-23 08:22	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-23 08:22	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2015-03-01 16:09 . 2015-03-01 16:12	8192	----a-w-	c:\windows\system32\E_DCINST.DLL
2015-03-01 16:09 . 2015-03-01 16:12	81408	----a-w-	c:\windows\system32\E_TD4BHSE.DLL
2015-02-25 03:03 . 2015-04-15 16:36	514560	----a-w-	c:\windows\system32\drivers\http.sys
2013-11-07 08:37 . 2013-11-07 08:37	50063360	----a-w-	c:\program files\GUT13CF.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-06 18:36	645144	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-12-12 5489944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-22 5515496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Speed Launcher]
1429258026 [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20150107]
2015-03-27 09:08	183232	-c--a-w-	c:\program files\AVAST Software\Avast\setup\emupdate\0c77843d-45d3-4614-b019-2825c352d570.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-05-06 106912]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis.sys [x]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys [2013-11-06 38472]
R3 crliycos;crliycos;c:\windows\system32\drivers\ngiodriver_x86 [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-04-21 102912]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_x86.sys [2014-11-28 16024]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2014-11-28 1363160]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2014-09-25 13464]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2015-07-03 1343400]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-05-06 787760]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-05-06 427992]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-05-06 24144]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-05-06 74976]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;c:\windows\system32\plcndis5.sys [2004-05-17 17280]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2014-11-28 765144]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-05-06 220752]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-05-06 3207800]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc	REG_MULTI_SZ   	DiagTrack
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-05 19:49]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://mega.co.nz/#login
TCP: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
FF - ProfilePath - c:\users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\crliycos]
"ImagePath"="\SystemRoot\system32\drivers\ngiodriver_x86"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-05-25  14:22:38
ComboFix-quarantined-files.txt  2015-05-25 12:22
ComboFix2.txt  2015-05-25 11:52
.
Vor Suchlauf: 11 Verzeichnis(se), 193.736.429.568 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 193.689.182.208 Bytes frei
.
- - End Of File - - 6C3DB4F361C448F72B61C183286931C3
A36C5E4F47E84449FF07ED3517B43A31

M-K-D-B · 25.05.2015, 19:51

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.

Starte die sc-cleaner.exe mit einem Doppelclick.
Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
Eine Logdatei wird sich öffnen (sc-cleaner.txt).
Poste mir den Inhalt mit deiner nächsten Antwort.

Schritt 5

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die Logdatei von Shortcut-Cleaner,
die beiden neuen Logdateien von FRST.

DarkNeo · 25.05.2015, 20:52

Adw cleaner

Code:

ATTFilter

# AdwCleaner v4.205 - Bericht erstellt 25/05/2015 um 21:05:22
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-25.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x86)
# Benutzername : Noname - NONAME-PC
# Gestarted von : C:\Desktop\adwcleaner_4.205.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 de)


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [809 Bytes] - [06/01/2015 16:09:06]
AdwCleaner[R1].txt - [868 Bytes] - [14/01/2015 22:46:32]
AdwCleaner[R2].txt - [1021 Bytes] - [23/01/2015 19:18:59]
AdwCleaner[R3].txt - [1304 Bytes] - [10/02/2015 00:21:26]
AdwCleaner[R4].txt - [1172 Bytes] - [06/03/2015 22:48:21]
AdwCleaner[R5].txt - [1334 Bytes] - [11/03/2015 23:20:37]
AdwCleaner[R6].txt - [1524 Bytes] - [23/05/2015 21:57:54]
AdwCleaner[R7].txt - [1514 Bytes] - [25/05/2015 21:03:33]
AdwCleaner[S0].txt - [1083 Bytes] - [23/01/2015 19:21:31]
AdwCleaner[S1].txt - [1365 Bytes] - [10/02/2015 00:24:15]
AdwCleaner[S2].txt - [1234 Bytes] - [06/03/2015 22:51:11]
AdwCleaner[S3].txt - [1395 Bytes] - [11/03/2015 23:35:25]
AdwCleaner[S4].txt - [1583 Bytes] - [23/05/2015 22:00:44]
AdwCleaner[S5].txt - [1434 Bytes] - [25/05/2015 21:05:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1493  Bytes] ##########

Anti Maleware

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.05.2015
Suchlauf-Zeit: 21:14:05
Logdatei:  Malwarebytes Anti-Malware .txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.25.05
Rootkit Datenbank: v2015.05.24.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Noname

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 323623
Verstrichene Zeit: 18 Min, 8 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 1
PUP.Optional.Giga, C:\Users\Noname\Downloads\Minecraft_-Rei's-Minimap-Mod-1.2.5-lnstall.exe, , [6a6f95025238ce68196c11f50303e917], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.9 (05.24.2015:1)
OS: Windows 7 Professional x86
Ran by Noname on 25.05.2015 at 21:37:23,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] swdumon
Successfully deleted: [Service] swdumon



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\System32\drivers\swdumon.sys



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Noname\AppData\Roaming\mozilla\firefox\profiles\auweyeh8.default-1414175550587\minidumps [29 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.05.2015 at 21:40:49,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

sc Cleaner

Code:

ATTFilter

Shortcut Cleaner 1.3.8 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Professional Service Pack 1
Program started at: 05/25/2015 09:47:23 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Noname\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Noname\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Desktop\

Searching C:\Users\Public\Desktop\


0 bad shortcuts found.

Program finished at: 05/25/2015 09:47:24 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-05-2015
Ran by Noname at 2015-05-25 21:49:28
Running from C:\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4277079510-974402927-3430589439-500 - Administrator - Disabled)
Gast (S-1-5-21-4277079510-974402927-3430589439-501 - Limited - Disabled)
Noname (S-1-5-21-4277079510-974402927-3430589439-1000 - Administrator - Enabled) => C:\Users\Noname

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v3.00 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
devolo dLAN-Konfigurationsassistent (HKLM\...\dlanconf) (Version: 9.0.0.0 - devolo AG)
EPSON BX935FWD Series Printer Uninstall (HKLM\...\EPSON BX935FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 38.0.1 (x86 de) (HKLM\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.6 r0 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.6 r0 - YGOPro DevPro Online)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

07-05-2015 20:36:55 Geplanter Prüfpunkt
07-05-2015 21:03:25 Windows Update
14-05-2015 09:43:38 Windows Update
22-05-2015 19:01:40 Geplanter Prüfpunkt
23-05-2015 01:39:08 avast! antivirus system restore point
23-05-2015 10:02:52 Windows Update
23-05-2015 10:25:55 Windows Update
23-05-2015 12:00:11 Windows Update
25-05-2015 13:35:05 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {29685E1F-2228-4284-9DC9-FAEFF9BB948A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {39DDFCC5-E8AC-4F5B-97A1-B24E438B9DC8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {42CFF66B-FAA9-4A2F-835A-E27393A0A8C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {58047848-E115-4783-A426-B8BF351EDBF6} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {6BD417A8-55DA-4A68-A3F4-18673D05CB17} - System32\Tasks\{7D875AB7-3E75-497C-AB92-4FB7316BA69B} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NVMonitor\setup.exe -d C:\NVIDIA\SystemTools\6.08\NVMonitor
Task: {792E9B8B-3FB4-4AB8-911A-D351030994BD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B935C073-F4F3-4A4A-87DB-C5C49AC45E61} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D0312B56-C217-411B-9D8F-279D5554DE17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {E1167BF6-4954-40E6-B211-AD8D334DF636} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {E5BD3B27-E2C1-49FF-8741-9E7EF099CA37} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-06] (Avast Software s.r.o.)
Task: {EC094005-C3EB-4024-9B3F-749E08A80221} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FA0A119B-0531-4F26-BB07-9319C2D3A3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-06 20:36 - 2015-05-06 20:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-06 20:36 - 2015-05-06 20:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-25 21:15 - 2015-05-25 21:15 - 02948096 _____ () C:\Program Files\AVAST Software\Avast\defs\15052502\algo.dll
2015-03-08 21:39 - 2015-03-08 21:40 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Noname\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 193.189.244.202

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\startupreg: 20150107 => C:\Program Files\AVAST Software\Avast\setup\emupdate\0c77843d-45d3-4614-b019-2825c352d570.exe /check
MSCONFIG\startupreg: Adobe Speed Launcher => 1429258026

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{715EE703-F93C-4A44-8433-4487EAA472BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0E62E5B5-D95D-4C74-9672-067A8283FB31}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{343CF004-505E-43E0-B5C5-64A5342A5BCE}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{5882E574-3AB9-4943-9427-290DFD43AE43}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{8D830128-61A4-4C27-83DC-98C026C9FEAB}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{9F3417D6-7FBA-4577-869E-CE5F3EF6B507}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{92CFA8D8-52E0-4E0E-A205-336FA9B4287E}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [UDP Query User{995C1756-466E-4FE5-95FD-F12A5A59A412}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{AC67BA12-D3E1-46DB-993F-DC19E2F8F34B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{BFFDA09B-DAF9-4A8B-877B-7E0A8C8018F0}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [UDP Query User{66319B40-A6D3-4DA1-AA0F-C2107234B2BC}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [{96BFA00F-1B66-42E5-A3AF-A50384CB2563}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7144E11B-5FFA-4FF8-B747-B77002728DAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9795B38A-E7EB-44D8-830E-73B27CA72A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9C7E7BD3-D018-495B-BA7E-CCFA05089F0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CE973D5-AF1B-40B6-A222-E1C510502349}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8B262E26-295F-4326-AA3A-16FDE0F1BC86}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D26899A5-6F3E-4DDF-A679-AA009B13BC63}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4E341B75-8D2A-4D7C-800C-2DF4C81B18FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D483C699-5F8E-466F-B3AA-2EAF0B521B5C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: VIA USB erweiterter Hostcontroller
Description: VIA USB erweiterter Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: VIA Technologies
Service: usbehci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2015 09:35:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 09:08:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 01:59:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 01:56:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 11:54:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 10:05:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 09:36:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 02:03:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 02:02:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1868) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Noname\AppData\Local\Microsoft\Windows\WebCache\V010000C.log.

Error: (05/24/2015 02:00:25 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\Windows\system32\lsm.exe ist fehlgeschlagen mit den Statuscode 255. Der Computer muss neu gestartet werden.


System errors:
=============
Error: (05/25/2015 09:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2015 09:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2015 09:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2015 09:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2015 09:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2015 09:39:55 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Software Protection" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (05/25/2015 09:37:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2015 09:37:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2015 09:37:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia Update Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/25/2015 09:37:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (05/25/2015 09:35:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 09:08:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 01:59:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 01:56:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 11:54:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 10:05:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 09:36:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 02:03:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2015 02:02:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost1868WebCacheLocal: C:\Users\Noname\AppData\Local\Microsoft\Windows\WebCache\V010000C.log-1811

Error: (05/24/2015 02:00:25 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: C:\Windows\system32\lsm.exe255


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 43%
Total physical RAM: 2047.37 MB
Available physical RAM: 1162.96 MB
Total Pagefile: 4094.73 MB
Available Pagefile: 2934.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:180.22 GB) NTFS
Drive e: (Neo`s Daten) (Fixed) (Total:232.88 GB) (Free:225.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 04170417)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 0ACB0595)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

FRST

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-05-2015
Ran by Noname (administrator) on NONAME-PC on 25-05-2015 21:48:17
Running from C:\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-06] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mega.co.nz/#login
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194

FireFox:
========
FF ProfilePath: C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587
FF Homepage: hxxp://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-03] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\artur.dubovoy@gmail.com [2015-05-23]
FF Extension: WOT - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-10-24]
FF Extension: MEGA - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\firefox@mega.co.nz.xpi [2014-10-24]
FF Extension: Stylish - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-10-24]
FF Extension: Video DownloadHelper - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF Extension: Adblock Plus - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF Extension: Adblock Edge - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-08]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-06] (Avast Software)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-06] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-06] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-11-06] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-06] ()
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () []
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 PLCNDIS5; C:\Windows\system32\plcndis5.sys [17280 2004-05-17] (Intellon, Inc.) []
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-06] (Avast Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 catchme; \??\C:\Users\Noname\AppData\Local\Temp\catchme.sys [X]
S3 crliycos; \SystemRoot\system32\drivers\ngiodriver_x86 [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-03 14:15 - 2015-03-07 15:37 - 00000987 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-05-25 21:37 - 2015-05-25 21:37 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-NONAME-PC-Windows-7-Professional-(32-bit).dat
2015-05-25 21:37 - 2015-05-25 21:37 - 00000000 ____D () C:\RegBackup
2015-05-25 14:22 - 2015-05-25 14:22 - 00011759 _____ () C:\ComboFix.txt
2015-05-25 13:55 - 2015-05-25 21:34 - 00001498 _____ () C:\Windows\PFRO.log
2015-05-25 13:34 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-25 13:34 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-25 13:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-25 13:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-25 13:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-25 13:34 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-25 13:34 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-25 13:34 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-25 13:04 - 2015-05-25 13:05 - 00027570 _____ () C:\Users\Noname\Downloads\Addition.txt
2015-05-25 13:02 - 2015-05-25 13:05 - 00027808 _____ () C:\Users\Noname\Downloads\FRST.txt
2015-05-25 10:04 - 2015-05-25 21:34 - 00000336 _____ () C:\Windows\setupact.log
2015-05-25 10:04 - 2015-05-25 10:04 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-24 12:11 - 2015-05-24 12:45 - 300710528 _____ () C:\Users\Noname\Downloads\Mistress T - Soul Sucking Milking.rar
2015-05-23 20:04 - 2015-05-23 20:04 - 04685607 _____ () C:\Users\Noname\Downloads\Minecraft-Modpack_1.6.2.zip
2015-05-23 20:03 - 2015-05-23 20:03 - 01196832 _____ () C:\Users\Noname\Downloads\Minecraft Mods Pack - CHIP-Installer.exe
2015-05-23 19:51 - 2015-05-23 19:51 - 00000000 ____D () C:\ProgramData\Sun
2015-05-23 19:51 - 2015-05-23 19:51 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-05-23 19:50 - 2015-05-23 19:49 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-23 19:49 - 2015-05-23 19:49 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-23 19:49 - 2015-05-23 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-23 19:49 - 2015-05-23 19:49 - 00000000 ____D () C:\Program Files\Java
2015-05-23 19:44 - 2015-05-23 19:44 - 01196832 _____ () C:\Users\Noname\Downloads\Java Runtime Environment 32 Bit - CHIP-Installer.exe
2015-05-23 19:34 - 2015-05-23 19:34 - 00956887 _____ () C:\Users\Noname\Downloads\OptiFine_1.8.4_HD_U_D4.jar
2015-05-23 13:36 - 2015-05-23 14:38 - 557715754 _____ () C:\Users\Noname\Downloads\ssssskinnnyyy531.wmv
2015-05-23 12:36 - 2015-05-23 12:36 - 266535580 _____ () C:\Users\Noname\Downloads\jackivore2.m4v
2015-05-23 10:50 - 2015-05-23 10:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-23 10:47 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-23 10:25 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-23 10:25 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-23 10:25 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-23 10:25 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-23 10:25 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-23 10:25 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-23 10:25 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-23 10:25 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-23 10:25 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-23 10:25 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-23 10:25 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-23 10:25 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-23 10:25 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-23 10:25 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-23 10:25 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-23 10:25 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-23 10:25 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-23 10:25 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-23 10:25 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-23 10:25 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-23 10:25 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-23 10:25 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-23 10:25 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-23 10:25 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-23 10:25 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-23 10:25 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-23 10:25 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-23 10:25 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-23 10:25 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-23 10:25 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-23 10:25 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-23 10:25 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-23 10:25 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-23 10:24 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-23 10:24 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-23 10:24 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-23 10:24 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-23 10:24 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-23 10:24 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-23 10:24 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-23 10:24 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-23 10:24 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-23 10:24 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-23 10:24 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-23 10:24 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-23 10:24 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-23 10:24 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-23 10:24 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-23 10:24 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-23 10:24 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-23 10:24 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-23 10:24 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-23 10:24 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-23 10:24 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-23 10:24 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-23 10:22 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-23 10:22 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-23 10:22 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-23 10:22 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-23 10:22 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-23 10:19 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-23 10:19 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-23 10:19 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-23 10:02 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-23 01:40 - 2015-05-06 20:36 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-06 20:36 - 2015-05-06 20:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-02 22:34 - 2015-05-23 12:15 - 00000000 ____D () C:\Users\Noname\Downloads\Neuer Ordner (4)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-03 13:54 - 2013-09-06 00:00 - 00000000 ____D () C:\Users\Noname\AppData\Local\Adobe
2015-05-25 21:48 - 2015-03-08 14:40 - 00000000 ____D () C:\FRST
2015-05-25 21:47 - 2014-05-07 23:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-25 21:43 - 2009-07-14 06:34 - 00031104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-25 21:43 - 2009-07-14 06:34 - 00031104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-25 21:39 - 2013-08-22 12:47 - 01973773 _____ () C:\Windows\WindowsUpdate.log
2015-05-25 21:34 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-25 21:13 - 2014-09-03 10:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-25 21:12 - 2014-09-03 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-25 21:12 - 2014-09-03 10:17 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-05-25 21:05 - 2015-01-06 16:08 - 00000000 ____D () C:\AdwCleaner
2015-05-25 14:22 - 2015-01-02 16:47 - 00000000 ____D () C:\Qoobox
2015-05-25 14:20 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2015-05-23 22:03 - 2013-10-01 08:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-23 20:12 - 2015-04-07 23:04 - 00000000 ____D () C:\Users\Noname\AppData\Roaming\.minecraft
2015-05-23 15:52 - 2010-11-20 23:01 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-23 14:57 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-05-23 14:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-23 12:15 - 2015-03-17 22:42 - 00000000 ____D () C:\Users\Noname\Downloads\Neuer Ordner (3)
2015-05-23 12:15 - 2014-10-25 16:51 - 00000000 ____D () C:\Users\Noname\Downloads\Neuer Ordner
2015-05-23 12:01 - 2011-04-12 03:39 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-23 11:51 - 2009-07-14 06:33 - 00287344 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-23 11:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-05-23 11:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-23 10:45 - 2013-09-05 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-23 10:38 - 2013-09-05 21:20 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-23 10:03 - 2015-04-04 17:39 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-23 02:27 - 2011-04-12 03:39 - 00000000 ____D () C:\Windows\ShellNew
2015-05-23 02:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-23 02:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2015-05-23 02:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-23 02:24 - 2014-06-28 19:33 - 00000000 ____D () C:\Users\Noname\AppData\Roaming\LiveSnap
2015-05-23 01:38 - 2013-08-22 12:57 - 00000000 ____D () C:\Users\Noname
2015-05-18 18:17 - 2015-02-10 20:46 - 00000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag
2015-05-07 00:17 - 2011-01-24 00:21 - 00001127 _____ () C:\Users\Noname\AppData\Roaming\neo.ini
2015-05-06 20:36 - 2015-03-08 21:40 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-06 20:36 - 2015-03-08 21:40 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-06 20:35 - 2015-03-08 21:40 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-03 11:40 - 2013-09-14 00:52 - 00000000 ____D () C:\ProgramData\Freemake
2015-05-03 11:40 - 2013-09-14 00:52 - 00000000 ____D () C:\Program Files\Freemake

==================== Files in the root of some directories =======

2013-11-07 10:37 - 2013-11-07 10:37 - 50063360 _____ () C:\Program Files\GUT13CF.tmp
2013-12-22 18:28 - 2013-12-22 18:28 - 0000000 _____ () C:\Program Files\Web Data
2015-02-10 20:46 - 2015-05-18 18:17 - 0000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag
2010-10-26 23:05 - 2014-05-31 19:25 - 0496128 _____ (cURL, hxxp://curl.haxx.se/) C:\Users\Noname\AppData\Roaming\curlchk.exe
2011-01-24 00:21 - 2015-05-07 00:17 - 0001127 _____ () C:\Users\Noname\AppData\Roaming\neo.ini
2011-01-24 00:21 - 2014-07-26 20:12 - 0001112 _____ () C:\Users\Noname\AppData\Roaming\neo98.ini
2014-07-10 08:56 - 2014-07-10 08:56 - 0000017 _____ () C:\Users\Noname\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Noname\AppData\Local\Temp\Quarantine.exe
C:\Users\Noname\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 00:53

==================== End of log ============================

M-K-D-B · 26.05.2015, 08:36

Zitat:

CHIP-Installer.exe

Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?

Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
C:\Users\Noname\Downloads\*CHIP-Installer.exe
C:\Users\Noname\AppData\Roaming\curlchk.exe
RemoveProxy:
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

DarkNeo · 26.05.2015, 20:12

oh das ist echt übel.
ich lade meine sachen oft bei chip runter, normal aber such ich selber die sachen und folge keinen links.
habe ein neues spiel und dazu gabs en mod und bin über nen link zu chip gekommen und da stand per chip installer instalieren =(

in zukunft weis ich das nun auch =)
man lernt eben nie aus ^^

nehme tipps am ende der sitzung gerne an =)
hier erstmal die sachen.

Fixlog

Code:

ATTFilter

Fix result of Farbar Recovery Scan Tool (x86) Version: 25-05-2015
Ran by Noname at 2015-05-26 18:31:41 Run:1
Running from C:\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CloseProcesses:
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
C:\Users\Noname\Downloads\*CHIP-Installer.exe
C:\Users\Noname\AppData\Roaming\curlchk.exe
RemoveProxy:
EmptyTemp:
end
*****************

Processes closed successfully.
"HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully.
"C:\Users\Noname\Downloads\*CHIP-Installer.exe" => File/Folder not found.
C:\Users\Noname\AppData\Roaming\curlchk.exe => Moved successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value Removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value Removed successfully.
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value Removed successfully.
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value Removed successfully.


========= End of RemoveProxy: =========

EmptyTemp: => Removed 66.3 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 18:32:01 ====

Eset

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# engine=24032
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-26 07:02:19
# local_time=2015-05-26 09:02:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 300006 6826974 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6827232 184298130 0 0
# scanned=128900
# found=3
# cleaned=0
# scan_time=8354
sh=A20501E4AC9650540A5B890EE7B9307145E929CD ft=1 fh=81b6e5a76edab2d5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Noname\Downloads\Neuer Ordner\K Lite Mega Codec Pack - CHIP-Installer.exe"
sh=AE8CFAFCE284F18199A6F5B3820E07BB0F9410E2 ft=1 fh=69a90f58dc334ebe vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Noname\Downloads\Neuer Ordner\Windows Product Key Viewer - CHIP-Installer.exe"
sh=E9BA90D1647A7C688E32329749443693393EE059 ft=1 fh=3ad18b2399f8ac76 vn="Variante von Win32/DownloadGuide.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Noname\Downloads\Neuer Ordner\Windows_CB-DL-Manager.exe"

Checkup

Code:

ATTFilter

 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.10004)   
 CCleaner     
 Java 8 Update 45  
 Adobe Flash Player 	17.0.0.169  
 Adobe Reader XI  
 Mozilla Firefox (38.0.1) 
 Google Chrome 34.0.1847.131  Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

M-K-D-B · 26.05.2015, 21:44

Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
C:\Users\Noname\Downloads\Neuer Ordner\*CHIP-Installer.exe
C:\Users\Noname\Downloads\Neuer Ordner\Windows_CB-DL-Manager.exe
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!

Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall CCleaner.

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über

Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)

zu deinstallieren.

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Avast	MSE

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

DarkNeo · 27.05.2015, 12:42

da kann ich dich beruhigen =) ich nutze CCleaner nicht für die registry.
nutze ihn nur um auch die letzten cache und cookis und alles andere zu entfernen was ich über den tag im internet und dem pc gemacht habe.

von der registry versteh ich nichts und seit ich etwas über tune up gelesen habe lass ich die finger erstrecht von der registry.

so hier der log

Code:

ATTFilter

Fix result of Farbar Recovery Scan Tool (x86) Version: 25-05-2015
Ran by Noname at 2015-05-27 13:35:39 Run:2
Running from C:\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CloseProcesses:
C:\Users\Noname\Downloads\Neuer Ordner\*CHIP-Installer.exe
C:\Users\Noname\Downloads\Neuer Ordner\Windows_CB-DL-Manager.exe
end
*****************

Processes closed successfully.
C:\Users\Noname\Downloads\Neuer Ordner\*CHIP-Installer.exe => Moved successfully.
C:\Users\Noname\Downloads\Neuer Ordner\Windows_CB-DL-Manager.exe => Moved successfully.


The system needed a reboot. 

==== End of Fixlog 13:35:40 ====

werde nun die nächsten schritte ausführen und hoffe das alles nun so bleibt.

habe nur noch eine frage.
seit gestern kommt oft beim start von firefox der berricht das er die sitzung beenden musste und ob ich die tab wieder herstellen möchte.
normal ist nix passiert, habe firefox immer normal zu gemacht und ist auch nix abgestürzt oder so.
was kann das sein ?

M-K-D-B · 28.05.2015, 12:07

Zitat:

Zitat von DarkNeo

was kann das sein ?

Schwer zu sagen, du könntest mal Firefox zurücksetzen:
Firefox zurücksetzen

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.