Microsoft essentials deaktiviert und verschwinden..nach neuinstallionsversuch fehlermeldung

LordDrygin · 05.01.2016, 19:20

Hi bekam heute die Meldung dass Microsoft essentials deaktiviert ist. Wollte es dann wieder aktivieren aber es war i-wie gar nicht mehr auf meinen Rechner. Habe es dann versucht neuzuinstallieren...aber bekamm dann den fehlercode Fehlercode 0x8004FF91
Bitte um Hilfe

Deathkid535 · 06.01.2016, 10:43

Hi,

wir können ja mal auf Malware checken

Schritt # 1: FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt # 2: Bitte Posten

Die FRST.txt
Die Additions.txt

LordDrygin · 06.01.2016, 18:43

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:06-01-2015
durchgeführt von LordDrygin (Administrator) auf LORDDRYGIN-PC (06-01-2016 18:36:07)
Gestartet von C:\Users\LordDrygin\Desktop
Geladene Profile: LordDrygin (Verfügbare Profile: LordDrygin & postgres & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Atheros) C:\Program Files\Atheros\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [6471168 2015-10-05] (Broadcom Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-03-09] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2016-01-02]
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
Startup: C:\Users\LordDrygin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-12-17] ()
BootExecute: autocheck autochk * sdnclean.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9142A077-4E62-4396-9E04-485F96D7E296}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E86470D2-02C4-44FF-B049-3CFD719CC2DE}: [NameServer] 212.7.160.109 212.7.160.3

Internet Explorer:
==================
HKU\S-1-5-21-817323750-2849227344-2509689014-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-817323750-2849227344-2509689014-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-817323750-2849227344-2509689014-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.com/?pr=manycam&id=manycam_ot&v=5_0
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-13] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default
FF Homepage: hxxp://mystart.com/?pr=manycam&id=manycam_ot&v=5_0
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\searchplugins\google-images.xml [2014-06-28]
FF SearchPlugin: C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\searchplugins\google-maps.xml [2014-06-28]
FF SearchPlugin: C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\searchplugins\youtube.xml [2015-10-28]
FF Extension: Viewtubes - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\extensions\FF_AddOn@viewtubes.de.xpi [2015-10-04]
FF Extension: NoScript - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-25]
FF Extension: WOT - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-03]
FF Extension: Kein Name - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\Extensions\cliqz@cliqz.com.xpi [2015-12-08] [ist nicht signiert]
FF Extension: The Addon Bar (restored) - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2015-09-21]
FF Extension: Adblock Plus - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]
FF Extension: FoxClocks - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}.xpi [2015-10-27]
FF HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\extensions\cliqz@cliqz.com => nicht gefunden
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-10-09]

Chrome: 
=======
CHR Profile: C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Google Drive) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Google-Suche) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (Google Mail) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [peefembmkccmkodbcpgilfjgkligpbba] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-12-18] (BitRaider, LLC)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290224 2015-08-27] (Intel Corporation)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
S4 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [283568 2015-08-27] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [126464 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5179392 2015-10-05] (Broadcom Corporation) [Datei ist nicht signiert]
R2 ZAtheros Wlan Agent; C:\Program Files\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [60968 2011-11-04] (Broadcom Corporation)
R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [17960 2011-11-04] (Broadcom Corporation)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2015-10-05] (Broadcom Corporation)
R3 BcmVWL; C:\Windows\System32\DRIVERS\bcmvwl32.sys [17728 2015-10-05] (Broadcom Corporation)
S3 BRDriver_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [66824 2015-12-18] (BitRaider)
R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [43560 2011-09-02] (Broadcom Corporation)
R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [47104 2012-05-03] (Broadcom Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [Datei ist nicht signiert]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [48280 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [30488 2014-12-29] (Visicom Media Inc.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [25376 2013-09-05] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\LORDDR~1\AppData\Local\Temp\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-06 18:36 - 2016-01-06 18:36 - 00014596 _____ C:\Users\LordDrygin\Desktop\FRST.txt
2016-01-06 18:35 - 2016-01-06 18:35 - 01721856 _____ (Farbar) C:\Users\LordDrygin\Desktop\FRST.exe
2016-01-05 19:19 - 2016-01-05 19:20 - 00000000 ____D C:\208ce27585344a0b30
2016-01-05 19:08 - 2016-01-05 19:19 - 00000000 ____D C:\bb9869e3f31f254d2d29d01e
2016-01-05 19:01 - 2016-01-05 19:03 - 11615576 _____ (Microsoft Corporation) C:\Users\LordDrygin\Downloads\mseinstall.exe
2016-01-05 02:00 - 2016-01-05 02:02 - 00000000 ____D C:\Users\LordDrygin\workspace
2016-01-05 01:57 - 2016-01-05 01:58 - 00000000 ____D C:\Neuer Ordner
2016-01-05 00:02 - 2016-01-05 00:02 - 00000000 ____D C:\Users\LordDrygin\Documents\FH
2016-01-02 16:47 - 2016-01-02 16:47 - 00000000 ____D C:\ProgramData\Sophos
2016-01-02 16:46 - 2016-01-02 18:45 - 00000000 ____D C:\Program Files\Sophos
2016-01-02 16:13 - 2016-01-02 16:40 - 00002266 ____H C:\Users\LordDrygin\Documents\Default.rdp
2016-01-02 16:00 - 2016-01-02 16:02 - 00001594 _____ C:\Windows\VPNInstall.MIF
2016-01-02 16:00 - 2016-01-02 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
2016-01-02 16:00 - 2016-01-02 16:00 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks
2016-01-02 16:00 - 2016-01-02 16:00 - 00000000 ____D C:\Program Files\Cisco Systems
2016-01-02 15:59 - 2016-01-02 15:59 - 07944972 _____ C:\Users\LordDrygin\Downloads\W2k_XP_2003_Vista_7_8.zip
2016-01-02 15:59 - 2016-01-02 15:59 - 00000000 ____D C:\Users\LordDrygin\Downloads\W2k_XP_2003_Vista_7_8
2015-12-18 10:05 - 2015-12-18 10:05 - 00000000 ____D C:\Users\LordDrygin\Documents\HeroBlade Logs
2015-12-18 10:05 - 2015-12-18 10:05 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\SWTOR
2015-12-18 04:55 - 2015-12-18 04:55 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2015-12-18 04:55 - 2015-12-18 04:55 - 00000000 ____D C:\ProgramData\BitRaider
2015-12-18 04:54 - 2015-12-18 04:54 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\SWTORPerf
2015-12-18 04:47 - 2015-12-18 04:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-12-18 04:47 - 2015-12-18 04:47 - 00000000 ____D C:\Program Files\Electronic Arts
2015-12-18 04:47 - 2015-12-18 04:47 - 00000000 ____D C:\Program Files\Common Files\BioWare
2015-12-18 04:47 - 2015-12-18 04:47 - 00000000 _____ C:\end
2015-12-18 04:45 - 2015-12-18 04:45 - 29720272 _____ C:\Users\LordDrygin\Downloads\SWTOR_setup.exe
2015-12-17 04:02 - 2015-12-17 04:05 - 00000000 ____D C:\Users\LordDrygin\AppData\Roaming\Curse Advertising
2015-12-17 04:02 - 2015-12-17 04:02 - 00000000 ____D C:\Users\LordDrygin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-12-17 03:59 - 2016-01-05 19:09 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\Deployment
2015-12-17 03:58 - 2015-12-17 03:58 - 00402696 _____ () C:\Users\LordDrygin\Downloads\setup.exe
2015-12-16 20:56 - 2015-12-16 20:56 - 00086406 _____ C:\Users\LordDrygin\Downloads\ich.jpeg
2015-12-14 11:43 - 2016-01-06 18:31 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1365c38017478.job
2015-12-14 11:43 - 2016-01-06 18:30 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1365c36b8ebc9.job
2015-12-09 12:44 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 12:44 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 12:44 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 12:44 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 12:44 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 12:44 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 12:44 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 12:44 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 12:44 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 12:44 - 2015-11-10 19:39 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 12:44 - 2015-11-10 19:39 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 12:44 - 2015-11-10 18:40 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 12:44 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 12:44 - 2015-11-10 01:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 12:44 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 12:44 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 12:44 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 12:44 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 12:44 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 12:44 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 12:44 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 12:44 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 12:44 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 12:44 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 12:44 - 2015-11-10 01:03 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 12:44 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 12:44 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 12:44 - 2015-11-10 00:57 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 12:44 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 12:44 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 12:44 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 12:44 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 12:44 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 12:44 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 12:44 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 12:44 - 2015-11-10 00:36 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 12:44 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 12:44 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 12:44 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 12:44 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 02956800 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 12:42 - 2015-11-20 19:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 12:42 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 12:42 - 2015-11-20 19:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 12:42 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 12:42 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 12:42 - 2015-11-05 10:48 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 12:42 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 12:42 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 00:54 - 2015-12-09 00:54 - 00000000 ____D C:\Users\LordDrygin\Documents\StarCraft II

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-06 18:36 - 2014-04-19 12:37 - 00000000 ____D C:\FRST
2016-01-06 06:42 - 2009-07-14 05:34 - 00022368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-06 06:42 - 2009-07-14 05:34 - 00022368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-05 19:40 - 2014-03-30 20:10 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\Windows Live
2016-01-05 19:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-05 19:22 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-05 19:20 - 2015-10-04 02:39 - 00002115 _____ C:\Windows\epplauncher.mif
2016-01-05 19:08 - 2015-08-01 19:50 - 00000000 __SHD C:\Users\LordDrygin\IntelGraphicsProfiles
2016-01-05 19:08 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\inetsrv
2016-01-05 19:06 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-05 02:00 - 2014-05-05 16:48 - 00000000 ____D C:\Users\LordDrygin
2016-01-05 00:03 - 2014-05-05 16:52 - 01910900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-05 00:03 - 2009-07-14 09:47 - 00849374 _____ C:\Windows\system32\perfh007.dat
2016-01-05 00:03 - 2009-07-14 09:47 - 00222568 _____ C:\Windows\system32\perfc007.dat
2016-01-05 00:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-02 16:46 - 2015-10-04 02:38 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-12-21 06:50 - 2015-12-02 00:26 - 00000000 ____D C:\Users\LordDrygin\Documents\wetten
2015-12-18 14:29 - 2014-04-27 01:02 - 00000000 ____D C:\Users\LordDrygin\Desktop\Spiele
2015-12-18 14:07 - 2015-04-15 05:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-18 04:47 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-17 15:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2015-12-17 04:47 - 2014-03-15 15:13 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\Battle.net
2015-12-17 04:08 - 2015-11-11 03:23 - 00000000 ____D C:\Program Files\StarCraft II
2015-12-17 04:08 - 2014-05-04 05:08 - 00000000 ____D C:\Program Files\World of Warcraft
2015-12-17 04:07 - 2014-03-15 15:12 - 00000000 ____D C:\Program Files\Battle.net
2015-12-17 03:59 - 2014-06-10 19:09 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\Apps\2.0
2015-12-15 22:55 - 2015-10-05 21:47 - 00458752 _____ C:\Windows\system32\Ikeext.etl
2015-12-15 22:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2015-12-14 17:35 - 2014-07-13 18:14 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 13:40 - 2014-09-21 00:14 - 00000000 ____D C:\Program Files\AVG
2015-12-14 13:40 - 2014-09-21 00:13 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\AvgSetupLog
2015-12-14 13:40 - 2014-03-09 18:03 - 00000000 ____D C:\ProgramData\AVG
2015-12-14 11:43 - 2014-07-13 18:14 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 19:24 - 2015-10-07 18:07 - 00286616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 19:19 - 2014-08-17 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 19:19 - 2014-08-17 23:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 19:13 - 2014-03-08 07:42 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 19:12 - 2014-03-08 07:42 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 18:42 - 2015-11-30 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-12-09 04:39 - 2015-10-04 02:43 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-22 14:09 - 2015-07-22 14:09 - 6420480 _____ () C:\Program Files\GUT1D50.tmp

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-24 03:46

==================== Ende vom FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:06-01-2015
durchgeführt von LordDrygin (2016-01-06 18:36:43)
Gestartet von C:\Users\LordDrygin\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2014-05-05 15:48:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-817323750-2849227344-2509689014-500 - Administrator - Disabled)
Gast (S-1-5-21-817323750-2849227344-2509689014-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-817323750-2849227344-2509689014-1002 - Limited - Enabled)
LordDrygin (S-1-5-21-817323750-2849227344-2509689014-1000 - Administrator - Enabled) => C:\Users\LordDrygin
postgres (S-1-5-21-817323750-2849227344-2509689014-1005 - Limited - Enabled) => C:\Users\postgres

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.120 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0410 (HKLM\...\{1CE60928-8325-49A8-8B06-633E48DD2B67}) (Version: 5.0.7 - Cisco Systems, Inc.)
Curse Client (HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{8862F11A-A9A0-4899-9F50-B5A79F12F3C2}) (Version: 12.3.1.23 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
ManyCam 5.0.5 (HKLM\...\ManyCam) (Version: 5.0.5 - Visicom Media Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PokerStars.eu (HKLM\...\PokerStars.eu) (Version:  - PokerStars.eu)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Star Wars The Old Republic (HKLM\...\swtor_swtor) (Version: 11.0.0.3 - Bioware/EA)
Star Wars: The Old Republic (HKLM\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM\...\StarCraft II) (Version:  - Blizzard Entertainment)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.340 - TuneUp Software) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.10 beta 2 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-817323750-2849227344-2509689014-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06A5F8A7-2453-454C-B7AE-08F7A0ED1D72} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {3FC1A8A7-2360-4E8B-864F-6A79FCA00318} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {59BAA834-0D71-4757-99C5-21BC0EEAAF53} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {75DDADE5-662E-4541-B223-788F93D36362} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {772BC8BB-CF32-4522-ABF6-305D93B36F75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {7951DC62-5F45-4988-873D-013AAF461805} - System32\Tasks\{1E340A69-A807-4988-A911-D15C4F74B41C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsPlugin
Task: {7FC502B6-999B-4A3C-8816-3E2586803EC3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1365c38017478 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {8B521110-800B-46E5-9F43-DF863DF880FE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {90396E75-7BBC-4191-BA6C-7074800841D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG
Task: {AA6B7AEC-21F0-40B0-8331-8D5F3B22BB41} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {AD54871A-CDD8-4F87-9FD5-DA4D531FDFFC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {BEF936DD-2E2F-4E45-94F5-A4ACF154911F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {DAE785D1-9D6B-4CFD-88ED-BB832C4B56CC} - System32\Tasks\GoogleUpdateTaskMachineCore1d1365c36b8ebc9 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {E55AA914-1C7C-426A-B94B-9423837E8934} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {F2756CA3-3E54-44CB-9DFF-46D8731A1A95} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1365c36b8ebc9.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1365c38017478.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-09-27 12:03 - 2010-09-27 12:03 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2015-10-19 21:00 - 2015-10-19 21:00 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-16 22:54 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 22:54 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows\grep.exe:$CmdTcID
AlternateDataStreams: C:\Windows\MBR.exe:$CmdTcID
AlternateDataStreams: C:\Windows\NIRCMD.exe:$CmdTcID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\PEV.exe:$CmdTcID
AlternateDataStreams: C:\Windows\sed.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWREG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWSC.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWXCACLS.exe:$CmdTcID
AlternateDataStreams: C:\Windows\zip.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\GEARAspi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxCoIn_v3958.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\1-se.com -> 1-se.com

Da befinden sich 12581 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2014-04-19 20:05 - 2015-02-16 09:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-817323750-2849227344-2509689014-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LordDrygin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.7.160.109 - 212.7.160.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ManyCam => "C:\Program Files\ManyCam\ManyCam.exe" --silent

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{83FE6455-41DC-4EDE-8670-5C0AE8273239}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{0F4E0430-9D5F-4523-88FD-83D186953C25}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3039D0E-4200-4B26-8C7F-770985C1EDF8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{78A14537-4C5A-4087-BBB5-F44DE271A3A9}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CC0F386D-3963-4E82-80C2-DF655348D0FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C1E8C271-EC0B-4148-95F7-4D3CAB1769D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6431C326-C545-49C8-8030-72B55EF1FC0D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2249D7B4-7527-45BF-9342-EE4B0D7834E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{767521B3-9E29-4181-A72D-7351890B1287}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{566F5CC0-9EB0-4C68-861E-9672D88D4F0E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8BF896ED-723C-4894-BB82-796A0A03E13D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{3E295709-4918-4491-836F-F48702C7B300}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{470E727C-DE13-4207-B44E-BDC4F14A73C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{1AF0C0FF-580D-474A-875B-43AEBC0F68CD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{DDFDA23C-9F60-4705-8508-404FA644758C}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{D1B0FD98-7AAC-4BB8-901E-684909D9BA68}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{4BFC9C00-B600-440B-874D-572DC383AD42}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{55A020F3-4DA9-4FB7-A8FF-FB150FEA8F43}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe

==================== Wiederherstellungspunkte =========================

30-11-2015 09:42:08 Windows Update
07-12-2015 10:36:23 Windows Update
09-12-2015 19:12:18 Windows Update
14-12-2015 11:51:35 Windows Update
18-12-2015 04:38:11 Windows Update
18-12-2015 14:06:33 Windows Update
22-12-2015 13:08:24 Windows Update
27-12-2015 10:37:06 Windows Update
31-12-2015 16:41:43 Windows Update
02-01-2016 16:00:20 Installed Cisco Systems VPN Client 5.0.07.0410
02-01-2016 16:46:12 Installed Sophos Virus Removal Tool.
02-01-2016 18:44:38 Removed Sophos Virus Removal Tool.
05-01-2016 19:20:18 Windows Live Essentials
05-01-2016 19:20:48 WLSetup

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/06/2016 03:13:42 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={B7875A78-A80B-46BF-BAF8-4F3A4E6E2DDA}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.

Error: (01/06/2016 02:19:46 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={811A3A5D-1A9D-491D-B342-6D68782C6FB8}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.

Error: (01/05/2016 10:46:51 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={44141724-CA9D-48F6-A677-85F1CDFCCF31}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 10:46:24 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={61C91417-BB54-426A-868E-5A2F91D19410}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 10:35:30 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={3D6AB9EE-3DFD-4822-A27D-75F33DE06542}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 10:34:34 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={A382C51D-3094-4CC7-AE5D-E31720DB2E75}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 10:34:16 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={4D8C43EB-6E5B-48D6-B198-C59AB5AA5FEC}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 07:20:44 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: LordDrygin-PC)
Description: HRESULT:0x8004FF91
Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91.

Error: (01/05/2016 07:20:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {753c2204-eae8-4638-93d0-aaa05c522fd4}

Error: (01/05/2016 07:19:16 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: LordDrygin-PC)
Description: HRESULT:0x8004FF91
Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91.


Systemfehler:
=============
Error: (01/05/2016 05:40:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet: 
%%-2147024894

Error: (01/04/2016 10:08:52 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/04/2016 10:08:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/04/2016 10:08:26 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/04/2016 10:08:04 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/04/2016 10:07:41 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/04/2016 10:06:14 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/04/2016 10:06:11 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/04/2016 10:06:08 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/02/2016 05:49:42 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 2388.36 MB
Verfügbarer physikalischer RAM: 958.53 MB
Summe virtueller Speicher: 4775.02 MB
Verfügbarer virtueller Speicher: 2819.22 MB

==================== Laufwerke ================================

Drive c: (BOOT) (Fixed) (Total:275.41 GB) (Free:106.95 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:22.66 GB) (Free:12.73 GB) FAT32
Drive f: (081217_1316) (CDROM) (Total:2.18 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 19F509E3)
Partition 1: (Not Active) - (Size=22.7 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=275.4 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================

Deathkid535 · 06.01.2016, 19:13

Hi,

Schritt # 1: TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Schritt # 2: Bitte Posten

Das Log von TDSS-Killer

LordDrygin · 06.01.2016, 20:00

Code:

ATTFilter

19:52:14.0204 0x0f44  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
19:52:17.0183 0x0f44  ============================================================
19:52:17.0183 0x0f44  Current date / time: 2016/01/06 19:52:17.0183
19:52:17.0183 0x0f44  SystemInfo:
19:52:17.0183 0x0f44  
19:52:17.0183 0x0f44  OS Version: 6.1.7601 ServicePack: 1.0
19:52:17.0183 0x0f44  Product type: Workstation
19:52:17.0183 0x0f44  ComputerName: LORDDRYGIN-PC
19:52:17.0183 0x0f44  UserName: LordDrygin
19:52:17.0183 0x0f44  Windows directory: C:\Windows
19:52:17.0183 0x0f44  System windows directory: C:\Windows
19:52:17.0183 0x0f44  Processor architecture: Intel x86
19:52:17.0183 0x0f44  Number of processors: 8
19:52:17.0183 0x0f44  Page size: 0x1000
19:52:17.0183 0x0f44  Boot type: Normal boot
19:52:17.0183 0x0f44  ============================================================
19:52:19.0539 0x0f44  KLMD registered as C:\Windows\system32\drivers\48614035.sys
19:52:19.0882 0x0f44  System UUID: {1EE20921-DB77-90B3-650B-7ED76C5367A7}
19:52:20.0342 0x0f44  Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:52:20.0342 0x0f44  ============================================================
19:52:20.0342 0x0f44  \Device\Harddisk0\DR0:
19:52:20.0374 0x0f44  MBR partitions:
19:52:20.0389 0x0f44  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x226D3F70, BlocksNum 0x2D59751
19:52:20.0389 0x0f44  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x226D3EF2
19:52:20.0389 0x0f44  ============================================================
19:52:20.0436 0x0f44  C: <-> \Device\Harddisk0\DR0\Partition2
19:52:20.0467 0x0f44  D: <-> \Device\Harddisk0\DR0\Partition1
19:52:20.0467 0x0f44  ============================================================
19:52:20.0467 0x0f44  Initialize success
19:52:20.0467 0x0f44  ============================================================
19:52:49.0186 0x10fc  ============================================================
19:52:49.0186 0x10fc  Scan started
19:52:49.0186 0x10fc  Mode: Manual; SigCheck; TDLFS; 
19:52:49.0186 0x10fc  ============================================================
19:52:49.0186 0x10fc  KSN ping started
19:53:03.0118 0x10fc  KSN ping finished: true
19:53:04.0563 0x10fc  ================ Scan system memory ========================
19:53:04.0563 0x10fc  System memory - ok
19:53:04.0563 0x10fc  ================ Scan services =============================
19:53:04.0647 0x10fc  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:53:04.0694 0x10fc  !SASCORE - ok
19:53:04.0865 0x10fc  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:53:04.0979 0x10fc  1394ohci - ok
19:53:05.0025 0x10fc  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:53:05.0057 0x10fc  ACPI - ok
19:53:05.0072 0x10fc  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:53:05.0150 0x10fc  AcpiPmi - ok
19:53:05.0244 0x10fc  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:53:05.0275 0x10fc  AdobeARMservice - ok
19:53:05.0337 0x10fc  [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:53:05.0369 0x10fc  AdobeFlashPlayerUpdateSvc - ok
19:53:05.0431 0x10fc  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:53:05.0478 0x10fc  adp94xx - ok
19:53:05.0493 0x10fc  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:53:05.0509 0x10fc  adpahci - ok
19:53:05.0525 0x10fc  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:53:05.0540 0x10fc  adpu320 - ok
19:53:05.0571 0x10fc  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:53:05.0618 0x10fc  AeLookupSvc - ok
19:53:05.0665 0x10fc  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
19:53:05.0727 0x10fc  AFD - ok
19:53:05.0743 0x10fc  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
19:53:05.0774 0x10fc  agp440 - ok
19:53:05.0774 0x10fc  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
19:53:05.0790 0x10fc  aic78xx - ok
19:53:05.0821 0x10fc  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
19:53:05.0852 0x10fc  ALG - ok
19:53:05.0883 0x10fc  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:53:05.0899 0x10fc  aliide - ok
19:53:05.0915 0x10fc  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:53:05.0930 0x10fc  amdagp - ok
19:53:05.0930 0x10fc  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:53:05.0946 0x10fc  amdide - ok
19:53:05.0977 0x10fc  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:53:06.0008 0x10fc  AmdK8 - ok
19:53:06.0024 0x10fc  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:53:06.0055 0x10fc  AmdPPM - ok
19:53:06.0071 0x10fc  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:53:06.0086 0x10fc  amdsata - ok
19:53:06.0133 0x10fc  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:53:06.0149 0x10fc  amdsbs - ok
19:53:06.0164 0x10fc  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:53:06.0180 0x10fc  amdxata - ok
19:53:06.0211 0x10fc  [ D1AF38FBAC0DC7E6D796B0ED01707EE0, FAFD2C36594A1628293E7623C8CAB2D47EDF8C6C0E18CC2FB37F9A6CA1F0E57C ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
19:53:06.0258 0x10fc  AppHostSvc - ok
19:53:06.0289 0x10fc  [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID           C:\Windows\system32\drivers\appid.sys
19:53:06.0320 0x10fc  AppID - ok
19:53:06.0351 0x10fc  [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:53:06.0398 0x10fc  AppIDSvc - ok
19:53:06.0414 0x10fc  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo         C:\Windows\System32\appinfo.dll
19:53:06.0507 0x10fc  Appinfo - ok
19:53:06.0585 0x10fc  [ BB6093AD659360CB350F4E84B445F36D, 16E16AD8E58C3777E2C858C8223BEB3CC9999E6FDCD23A0013C39AAADC54193C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:53:06.0617 0x10fc  Apple Mobile Device - ok
19:53:06.0648 0x10fc  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:53:06.0663 0x10fc  arc - ok
19:53:06.0679 0x10fc  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:53:06.0695 0x10fc  arcsas - ok
19:53:06.0788 0x10fc  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:53:06.0819 0x10fc  aspnet_state - ok
19:53:06.0835 0x10fc  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:53:06.0929 0x10fc  AsyncMac - ok
19:53:06.0960 0x10fc  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:53:06.0975 0x10fc  atapi - ok
19:53:07.0085 0x10fc  [ 7F14F983659714C2B3332A8DE416EEFB, 76EB3D940E66968A48BB36D30AF7907FC20EDE5B27294EF79D1A76850F800F1F ] athr            C:\Windows\system32\DRIVERS\athr.sys
19:53:07.0225 0x10fc  athr - ok
19:53:07.0272 0x10fc  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:53:07.0319 0x10fc  AudioEndpointBuilder - ok
19:53:07.0334 0x10fc  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:53:07.0350 0x10fc  Audiosrv - ok
19:53:07.0365 0x10fc  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:53:07.0459 0x10fc  AxInstSV - ok
19:53:07.0506 0x10fc  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
19:53:07.0553 0x10fc  b06bdrv - ok
19:53:07.0599 0x10fc  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
19:53:07.0615 0x10fc  b57nd60x - ok
19:53:07.0646 0x10fc  [ 0FEBD51BA19FC5079B61D8C374C8809A, E83B655E4DD425B4BF6280EF3E10972824A4EC083423733C41DAB7EBD8D10CA9 ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys
19:53:07.0693 0x10fc  b57xdbd - ok
19:53:07.0709 0x10fc  [ 2AB28236A9671A4867F9FECC104F6AB7, 08FFB0492DB6FF28E5AD5A24A64219D7C114C41EB226E1F740A544E54599D22A ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys
19:53:07.0724 0x10fc  b57xdmp - ok
19:53:07.0740 0x10fc  [ C5E041727C96D0A0B1224E6203D5EA02, F46347247894BCCB95C6331DDA124D8843201BAC6E6097EA9379C296A03153C3 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
19:53:07.0755 0x10fc  BCM42RLY - ok
19:53:07.0787 0x10fc  [ EAD07C7532AE52638FB7E13626C2312F, B65EDF99CFF0C423D472825743E0A8D13532E65B15C43F09941F3095677DDF7A ] BcmVWL          C:\Windows\system32\DRIVERS\bcmvwl32.sys
19:53:07.0787 0x10fc  BcmVWL - ok
19:53:07.0818 0x10fc  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
19:53:07.0865 0x10fc  BDESVC - ok
19:53:07.0880 0x10fc  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:53:07.0911 0x10fc  Beep - ok
19:53:07.0943 0x10fc  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
19:53:07.0989 0x10fc  BFE - ok
19:53:08.0052 0x10fc  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
19:53:08.0208 0x10fc  BITS - ok
19:53:08.0239 0x10fc  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:53:08.0255 0x10fc  blbdrive - ok
19:53:08.0317 0x10fc  [ 5EA9C80F18CBC393EA7D9A2991DED4B5, 7E5EB1CE44FEBE93686174058D51581FA00BDFF0EBB84BD74BC08F6386019253 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:53:08.0348 0x10fc  Bonjour Service - ok
19:53:08.0395 0x10fc  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:53:08.0489 0x10fc  bowser - ok
19:53:08.0598 0x10fc  [ 0C4D83F01A5D3A1EF88945AB70F2BB7A, 413542C46C8BCDF3802FF9F98CEC22A0A82A961DFE438CA6C2AE89F7480FFF5E ] BRDriver_1_3_3_E02B25FC C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys
19:53:08.0613 0x10fc  BRDriver_1_3_3_E02B25FC - ok
19:53:08.0645 0x10fc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:53:08.0676 0x10fc  BrFiltLo - ok
19:53:08.0707 0x10fc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:53:08.0738 0x10fc  BrFiltUp - ok
19:53:08.0754 0x10fc  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:53:08.0801 0x10fc  BridgeMP - ok
19:53:08.0832 0x10fc  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
19:53:08.0863 0x10fc  Browser - ok
19:53:08.0879 0x10fc  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:53:08.0910 0x10fc  Brserid - ok
19:53:08.0925 0x10fc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:53:08.0957 0x10fc  BrSerWdm - ok
19:53:09.0019 0x10fc  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
19:53:09.0066 0x10fc  BRSptStub - ok
19:53:09.0081 0x10fc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:53:09.0113 0x10fc  BrUsbMdm - ok
19:53:09.0128 0x10fc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:53:09.0159 0x10fc  BrUsbSer - ok
19:53:09.0191 0x10fc  [ 9C01DC83392D5DDC4CEC3AC18A7B10CF, 61D7AB75C5AA0FDC6D73C0B8537A8F7DD5F5CC7FE5C86A38D898384318C12803 ] bScsiMSx        C:\Windows\system32\DRIVERS\bScsiMSx.sys
19:53:09.0206 0x10fc  bScsiMSx - ok
19:53:09.0237 0x10fc  [ 3BFDFBA82581175DC54630B7FA159898, DBC818116CA9DCCB04D5EA9723DCD7EFC029D323BD0B9086EBBEE9211F1BF335 ] bScsiSDx        C:\Windows\system32\DRIVERS\bScsiSDx.sys
19:53:09.0284 0x10fc  bScsiSDx - ok
19:53:09.0300 0x10fc  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
19:53:09.0347 0x10fc  BthEnum - ok
19:53:09.0362 0x10fc  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:53:09.0393 0x10fc  BTHMODEM - ok
19:53:09.0425 0x10fc  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:53:09.0456 0x10fc  BthPan - ok
19:53:09.0518 0x10fc  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:53:09.0565 0x10fc  BTHPORT - ok
19:53:09.0612 0x10fc  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
19:53:09.0643 0x10fc  bthserv - ok
19:53:09.0659 0x10fc  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:53:09.0674 0x10fc  BTHUSB - ok
19:53:09.0768 0x10fc  catchme - ok
19:53:09.0783 0x10fc  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:53:09.0846 0x10fc  cdfs - ok
19:53:09.0861 0x10fc  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
19:53:09.0893 0x10fc  cdrom - ok
19:53:09.0924 0x10fc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:53:09.0971 0x10fc  CertPropSvc - ok
19:53:10.0002 0x10fc  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:53:10.0017 0x10fc  circlass - ok
19:53:10.0049 0x10fc  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
19:53:10.0080 0x10fc  CLFS - ok
19:53:10.0142 0x10fc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:53:10.0158 0x10fc  clr_optimization_v2.0.50727_32 - ok
19:53:10.0189 0x10fc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:53:10.0236 0x10fc  clr_optimization_v4.0.30319_32 - ok
19:53:10.0251 0x10fc  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:53:10.0283 0x10fc  CmBatt - ok
19:53:10.0298 0x10fc  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:53:10.0298 0x10fc  cmdide - ok
19:53:10.0329 0x10fc  [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG             C:\Windows\system32\Drivers\cng.sys
19:53:10.0345 0x10fc  CNG - ok
19:53:10.0361 0x10fc  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:53:10.0361 0x10fc  Compbatt - ok
19:53:10.0407 0x10fc  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:53:10.0439 0x10fc  CompositeBus - ok
19:53:10.0439 0x10fc  COMSysApp - ok
19:53:10.0485 0x10fc  [ 3F9E28BCDF8E1620C1E505D37E4193AB, 95824B3BD730603A56425E45C6DC0B3D98D99F7EAF77219AF32F4937E812BD97 ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
19:53:10.0548 0x10fc  cphs - ok
19:53:10.0563 0x10fc  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:53:10.0579 0x10fc  crcdisk - ok
19:53:10.0610 0x10fc  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:53:10.0657 0x10fc  CryptSvc - ok
19:53:10.0673 0x10fc  [ B5ECADF7708960F1818C7FA015F4C239, A58BA71B08A9D46EB79EB3DF0858F553A11DE3461E13B6D926E25D21D4CBB2D8 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
19:53:10.0688 0x10fc  CVirtA - ok
19:53:10.0829 0x10fc  [ 30443EEF52F5FB043654859EAA8E5247, 887ED8C4FE2259542E05A17973FE1549B636DA2C6888CC3A66F97D7D2600DC49 ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
19:53:10.0891 0x10fc  CVPND - ok
19:53:10.0938 0x10fc  [ CB90B2762B1A1D0B40496400C55B6ADE, 7A8D86B223FD8A2C4A75AD0849041D56255277D491387C613E62BC76E6730F06 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
19:53:10.0985 0x10fc  CVPNDRVA - detected UnsignedFile.Multi.Generic ( 1 )
19:53:18.0947 0x10fc  Detect skipped due to KSN trusted
19:53:18.0947 0x10fc  CVPNDRVA - ok
19:53:19.0019 0x10fc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:53:19.0077 0x10fc  DcomLaunch - ok
19:53:19.0112 0x10fc  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
19:53:19.0149 0x10fc  defragsvc - ok
19:53:19.0177 0x10fc  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:53:19.0211 0x10fc  DfsC - ok
19:53:19.0261 0x10fc  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:53:19.0308 0x10fc  Dhcp - ok
19:53:19.0371 0x10fc  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:53:19.0417 0x10fc  DiagTrack - ok
19:53:19.0417 0x10fc  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
19:53:19.0449 0x10fc  discache - ok
19:53:19.0495 0x10fc  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:53:19.0558 0x10fc  Disk - ok
19:53:19.0664 0x10fc  [ B5AA5AA5AC327BD7C1AEC0C58F0C1144, 14C147B79786C5DCEC54AF191E8815D871906E30DE90B00C7929F0E6CC025E6A ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
19:53:19.0680 0x10fc  DNE - ok
19:53:19.0806 0x10fc  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:53:19.0881 0x10fc  Dnscache - ok
19:53:19.0912 0x10fc  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:53:19.0959 0x10fc  dot3svc - ok
19:53:19.0990 0x10fc  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
19:53:20.0037 0x10fc  DPS - ok
19:53:20.0053 0x10fc  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:53:20.0084 0x10fc  drmkaud - ok
19:53:20.0146 0x10fc  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:53:20.0177 0x10fc  DXGKrnl - ok
19:53:20.0209 0x10fc  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
19:53:20.0244 0x10fc  EapHost - ok
19:53:20.0378 0x10fc  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
19:53:20.0534 0x10fc  ebdrv - ok
19:53:20.0560 0x10fc  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] EFS             C:\Windows\System32\lsass.exe
19:53:20.0583 0x10fc  EFS - ok
19:53:20.0657 0x10fc  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:53:20.0716 0x10fc  ehRecvr - ok
19:53:20.0752 0x10fc  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
19:53:20.0766 0x10fc  ehSched - ok
19:53:20.0813 0x10fc  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:53:20.0844 0x10fc  elxstor - ok
19:53:20.0876 0x10fc  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:53:20.0907 0x10fc  ErrDev - ok
19:53:20.0934 0x10fc  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
19:53:20.0965 0x10fc  EventSystem - ok
19:53:20.0981 0x10fc  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:53:21.0012 0x10fc  exfat - ok
19:53:21.0028 0x10fc  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:53:21.0067 0x10fc  fastfat - ok
19:53:21.0098 0x10fc  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
19:53:21.0173 0x10fc  Fax - ok
19:53:21.0201 0x10fc  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:53:21.0216 0x10fc  fdc - ok
19:53:21.0247 0x10fc  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
19:53:21.0279 0x10fc  fdPHost - ok
19:53:21.0279 0x10fc  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:53:21.0310 0x10fc  FDResPub - ok
19:53:21.0325 0x10fc  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:53:21.0325 0x10fc  FileInfo - ok
19:53:21.0341 0x10fc  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:53:21.0390 0x10fc  Filetrace - ok
19:53:21.0415 0x10fc  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:53:21.0462 0x10fc  flpydisk - ok
19:53:21.0517 0x10fc  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:53:21.0548 0x10fc  FltMgr - ok
19:53:21.0595 0x10fc  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
19:53:21.0666 0x10fc  FontCache - ok
19:53:21.0700 0x10fc  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:53:21.0715 0x10fc  FontCache3.0.0.0 - ok
19:53:21.0746 0x10fc  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:53:21.0762 0x10fc  FsDepends - ok
19:53:21.0802 0x10fc  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:53:21.0817 0x10fc  Fs_Rec - ok
19:53:21.0848 0x10fc  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:53:21.0885 0x10fc  fvevol - ok
19:53:21.0906 0x10fc  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:53:21.0914 0x10fc  gagp30kx - ok
19:53:21.0933 0x10fc  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:53:21.0933 0x10fc  GEARAspiWDM - ok
19:53:21.0997 0x10fc  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:53:22.0059 0x10fc  gpsvc - ok
19:53:22.0137 0x10fc  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:53:22.0149 0x10fc  gupdate - ok
19:53:22.0155 0x10fc  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:53:22.0165 0x10fc  gupdatem - ok
19:53:22.0183 0x10fc  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:53:22.0201 0x10fc  hcw85cir - ok
19:53:22.0232 0x10fc  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:53:22.0264 0x10fc  HdAudAddService - ok
19:53:22.0279 0x10fc  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:53:22.0310 0x10fc  HDAudBus - ok
19:53:22.0326 0x10fc  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:53:22.0354 0x10fc  HidBatt - ok
19:53:22.0368 0x10fc  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:53:22.0399 0x10fc  HidBth - ok
19:53:22.0414 0x10fc  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:53:22.0430 0x10fc  HidIr - ok
19:53:22.0461 0x10fc  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
19:53:22.0501 0x10fc  hidserv - ok
19:53:22.0518 0x10fc  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:53:22.0549 0x10fc  HidUsb - ok
19:53:22.0565 0x10fc  [ C193FE8507607B2917A6F9B554132559, 962B065219D305B2DE1B4816D234438FBF8F6A79D45389683A21657733C14D5B ] HiPatchService  C:\Program Files\Hi-Rez Studios\HiPatchService.exe
19:53:22.0580 0x10fc  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
19:53:26.0865 0x10fc  HiPatchService ( UnsignedFile.Multi.Generic ) - warning
19:53:29.0900 0x10fc  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:53:29.0918 0x10fc  hkmsvc - ok
19:53:29.0946 0x10fc  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:53:29.0974 0x10fc  HomeGroupListener - ok
19:53:29.0994 0x10fc  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:53:30.0020 0x10fc  HomeGroupProvider - ok
19:53:30.0063 0x10fc  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:53:30.0071 0x10fc  HpSAMD - ok
19:53:30.0107 0x10fc  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:53:30.0153 0x10fc  HTTP - ok
19:53:30.0202 0x10fc  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:53:30.0228 0x10fc  hwpolicy - ok
19:53:30.0264 0x10fc  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:53:30.0282 0x10fc  i8042prt - ok
19:53:30.0315 0x10fc  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:53:30.0333 0x10fc  iaStorV - ok
19:53:30.0390 0x10fc  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:53:30.0431 0x10fc  idsvc - ok
19:53:30.0434 0x10fc  IEEtwCollectorService - ok
19:53:30.0554 0x10fc  [ CC91B67B0763CF44E4282BC8E7891689, 3151DE6028A87BF097EC566C22892BE472BAC8DBAAE75D746938643DB7C57477 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
19:53:30.0711 0x10fc  igfx - ok
19:53:30.0750 0x10fc  [ AF4EAD6335AAC1F01D632A9BA4594908, 65B36F3FA1CAE61FAA0ACA841DD337E237BC0DE800BF5DDFD35212B21885871A ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:53:30.0782 0x10fc  igfxCUIService1.0.0.0 - ok
19:53:30.0824 0x10fc  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:53:30.0873 0x10fc  iirsp - ok
19:53:30.0906 0x10fc  [ FC9735B66850CF8AEBBC1E207ECB2AD8, A2546FFB6E49784F052EFA036776E246CADA34D7146B3AA2D19AC1463D20B480 ] IISADMIN        C:\Windows\system32\inetsrv\inetinfo.exe
19:53:30.0956 0x10fc  IISADMIN - ok
19:53:31.0006 0x10fc  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:53:31.0066 0x10fc  IKEEXT - ok
19:53:31.0107 0x10fc  [ D01C750421277EDAD729CDE1FA3BF36C, 90D297D887E6139E1C496A6F024781AEF456AB913D7AB69E4952B5AFA75041F6 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:53:31.0142 0x10fc  IntcDAud - ok
19:53:31.0170 0x10fc  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:53:31.0177 0x10fc  intelide - ok
19:53:31.0187 0x10fc  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:53:31.0205 0x10fc  intelppm - ok
19:53:31.0273 0x10fc  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:53:31.0303 0x10fc  IPBusEnum - ok
19:53:31.0321 0x10fc  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:53:31.0363 0x10fc  IpFilterDriver - ok
19:53:31.0410 0x10fc  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:53:31.0454 0x10fc  iphlpsvc - ok
19:53:31.0488 0x10fc  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:53:31.0512 0x10fc  IPMIDRV - ok
19:53:31.0524 0x10fc  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:53:31.0559 0x10fc  IPNAT - ok
19:53:31.0618 0x10fc  [ 3EBDA8B348A231CF1E98D4BCA31731D7, E7D8A87DEFD9531421671F5A8CCB9C52CC33CCB235C88788B4566284F506A6D7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:53:31.0647 0x10fc  iPod Service - ok
19:53:31.0662 0x10fc  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:53:31.0686 0x10fc  IRENUM - ok
19:53:31.0702 0x10fc  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:53:31.0710 0x10fc  isapnp - ok
19:53:31.0741 0x10fc  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:53:31.0752 0x10fc  iScsiPrt - ok
19:53:31.0781 0x10fc  [ D053F0D41A71D3C13C7DD3825BE362AC, 90C801E13095E8A0587B0923991BC8CDB7E31B302207AF843EDD040325E769B1 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
19:53:31.0795 0x10fc  k57nd60x - ok
19:53:31.0802 0x10fc  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:53:31.0809 0x10fc  kbdclass - ok
19:53:31.0824 0x10fc  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:53:31.0847 0x10fc  kbdhid - ok
19:53:31.0856 0x10fc  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] KeyIso          C:\Windows\system32\lsass.exe
19:53:31.0864 0x10fc  KeyIso - ok
19:53:31.0883 0x10fc  [ A061E519ACDE34843DFA3F1C7358DAA2, 457417DF5BDC267EA4649A2E65D72FC8308899C1E4F0D26113D31F42767E618E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:53:31.0891 0x10fc  KSecDD - ok
19:53:31.0904 0x10fc  [ 523091605C05F5DE880426A2FBA0F87C, 96884B50032B70F455D519934671940ED2493CA62CAACF68E89CCC2E5B0D3F01 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:53:31.0914 0x10fc  KSecPkg - ok
19:53:31.0943 0x10fc  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:53:31.0975 0x10fc  KtmRm - ok
19:53:32.0014 0x10fc  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:53:32.0041 0x10fc  LanmanServer - ok
19:53:32.0104 0x10fc  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:53:32.0133 0x10fc  LanmanWorkstation - ok
19:53:32.0154 0x10fc  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:53:32.0182 0x10fc  lltdio - ok
19:53:32.0205 0x10fc  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:53:32.0226 0x10fc  lltdsvc - ok
19:53:32.0240 0x10fc  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:53:32.0257 0x10fc  lmhosts - ok
19:53:32.0279 0x10fc  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:53:32.0287 0x10fc  LSI_FC - ok
19:53:32.0296 0x10fc  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:53:32.0305 0x10fc  LSI_SAS - ok
19:53:32.0317 0x10fc  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:53:32.0325 0x10fc  LSI_SAS2 - ok
19:53:32.0343 0x10fc  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:53:32.0352 0x10fc  LSI_SCSI - ok
19:53:32.0366 0x10fc  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:53:32.0385 0x10fc  luafv - ok
19:53:32.0403 0x10fc  [ 2AB04CA91EA1554D04F1C7C2C0B39CEF, B603A33F2DA1394F75F048653D1DA8E23DDE9CFCCF76DBAECC19CB6BAEE6D4F5 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv.sys
19:53:32.0410 0x10fc  ManyCam - ok
19:53:32.0425 0x10fc  MBAMSwissArmy - ok
19:53:32.0440 0x10fc  [ DEBD10FEE6BEA7ED7B03E75B67714FED, 1F70CCCDD503717E5B55E167A04D6093819635283B76A7CE149DE60845EA61F8 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv.sys
19:53:32.0446 0x10fc  mcaudrv_simple - ok
19:53:32.0465 0x10fc  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:53:32.0475 0x10fc  Mcx2Svc - ok
19:53:32.0481 0x10fc  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:53:32.0488 0x10fc  megasas - ok
19:53:32.0505 0x10fc  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:53:32.0517 0x10fc  MegaSR - ok
19:53:32.0542 0x10fc  [ 9E0A56C77E9244D2CAAC3811F4B47FCB, 0E70544BBA78DD8E43C5746C064C895A0990373F667A0B6AEA832FBEA2D2B764 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
19:53:32.0549 0x10fc  MEI - ok
19:53:32.0574 0x10fc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
19:53:32.0600 0x10fc  MMCSS - ok
19:53:32.0616 0x10fc  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
19:53:32.0651 0x10fc  Modem - ok
19:53:32.0666 0x10fc  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:53:32.0685 0x10fc  monitor - ok
19:53:32.0729 0x10fc  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:53:32.0737 0x10fc  mouclass - ok
19:53:32.0740 0x10fc  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:53:32.0763 0x10fc  mouhid - ok
19:53:32.0783 0x10fc  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:53:32.0791 0x10fc  mountmgr - ok
19:53:32.0825 0x10fc  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:53:32.0836 0x10fc  MozillaMaintenance - ok
19:53:32.0862 0x10fc  [ F112DA773EC3E9D3CDE9221ED300E033, 693C416B281DA3489C096812D0E4E0413C05798D36AF534624C3B29551CE68A4 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:53:32.0876 0x10fc  MpFilter - ok
19:53:32.0903 0x10fc  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:53:32.0912 0x10fc  mpio - ok
19:53:32.0927 0x10fc  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:53:32.0945 0x10fc  mpsdrv - ok
19:53:32.0989 0x10fc  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:53:33.0033 0x10fc  MpsSvc - ok
19:53:33.0117 0x10fc  [ A5888C609EFCC07B060DD823FA3D474A, 47BB2A40FD1D67F7F6FDAF420E67F769A015F07138908179EEFAC7ED051C2FF0 ] MQAC            C:\Windows\system32\drivers\mqac.sys
19:53:33.0183 0x10fc  MQAC - ok
19:53:33.0199 0x10fc  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:53:33.0246 0x10fc  MRxDAV - ok
19:53:33.0277 0x10fc  [ C7492026F6691A92C4508DDDB041CE4E, 98B05C6B7EE5FE4F4BFCFDB807612897E692B4C07524506EB84B318535076ADD ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:53:33.0339 0x10fc  mrxsmb - ok
19:53:33.0371 0x10fc  [ 34779EBCFEAB87A236B33C365A637144, B2091C423A4767CC0616B4385FF3B8AC2CBDBCC9BF82F2C79670CC1BC1E49A02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:53:33.0402 0x10fc  mrxsmb10 - ok
19:53:33.0432 0x10fc  [ C34DE43FDAD9C32383BB4A5EE60126D4, 5F82D803ABB2817D9384D87435849A5EEE946B1C431348F26FA0220262DB1798 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:53:33.0434 0x10fc  mrxsmb20 - ok
19:53:33.0450 0x10fc  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:53:33.0466 0x10fc  msahci - ok
19:53:33.0466 0x10fc  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:53:33.0481 0x10fc  msdsm - ok
19:53:33.0507 0x10fc  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
19:53:33.0523 0x10fc  MSDTC - ok
19:53:33.0547 0x10fc  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:53:33.0577 0x10fc  Msfs - ok
19:53:33.0595 0x10fc  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:53:33.0612 0x10fc  mshidkmdf - ok
19:53:33.0634 0x10fc  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:53:33.0641 0x10fc  msisadrv - ok
19:53:33.0674 0x10fc  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:53:33.0711 0x10fc  MSiSCSI - ok
19:53:33.0713 0x10fc  msiserver - ok
19:53:33.0725 0x10fc  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:53:33.0761 0x10fc  MSKSSRV - ok
19:53:33.0782 0x10fc  [ E582B9E88EF4980C3B76276620FE667B, BC0817394F5D8156ED7864DEACA2F56C3414BE5B208E02558BE8F0D5BAB8A519 ] MSMQ            C:\Windows\system32\mqsvc.exe
19:53:33.0803 0x10fc  MSMQ - ok
19:53:33.0833 0x10fc  [ 9CCED9B5AD63BECE2F8BC75A5E04CDAB, 0A2A2613956B78A7AFCB4D6239580CAB485F5D4C4EAD16BB25884EABE8111890 ] MSMQTriggers    C:\Windows\system32\mqtgsvc.exe
19:53:33.0866 0x10fc  MSMQTriggers - ok
19:53:33.0882 0x10fc  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:53:33.0934 0x10fc  MSPCLOCK - ok
19:53:33.0948 0x10fc  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:53:33.0965 0x10fc  MSPQM - ok
19:53:33.0977 0x10fc  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:53:33.0991 0x10fc  MsRPC - ok
19:53:34.0014 0x10fc  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:53:34.0023 0x10fc  mssmbios - ok
19:53:34.0037 0x10fc  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:53:34.0075 0x10fc  MSTEE - ok
19:53:34.0094 0x10fc  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:53:34.0115 0x10fc  MTConfig - ok
19:53:34.0131 0x10fc  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:53:34.0139 0x10fc  Mup - ok
19:53:34.0171 0x10fc  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
19:53:34.0199 0x10fc  napagent - ok
19:53:34.0228 0x10fc  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:53:34.0243 0x10fc  NativeWifiP - ok
19:53:34.0287 0x10fc  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:53:34.0348 0x10fc  NDIS - ok
19:53:34.0367 0x10fc  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:53:34.0429 0x10fc  NdisCap - ok
19:53:34.0445 0x10fc  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:53:34.0547 0x10fc  NdisTapi - ok
19:53:34.0581 0x10fc  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:53:34.0632 0x10fc  Ndisuio - ok
19:53:34.0663 0x10fc  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:53:34.0695 0x10fc  NdisWan - ok
19:53:34.0710 0x10fc  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:53:34.0726 0x10fc  NDProxy - ok
19:53:34.0741 0x10fc  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:53:34.0757 0x10fc  NetBIOS - ok
19:53:34.0773 0x10fc  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:53:34.0819 0x10fc  NetBT - ok
19:53:34.0835 0x10fc  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] Netlogon        C:\Windows\system32\lsass.exe
19:53:34.0835 0x10fc  Netlogon - ok
19:53:34.0866 0x10fc  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
19:53:34.0897 0x10fc  Netman - ok
19:53:34.0929 0x10fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:53:34.0944 0x10fc  NetMsmqActivator - ok
19:53:34.0960 0x10fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:53:34.0960 0x10fc  NetPipeActivator - ok
19:53:34.0991 0x10fc  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
19:53:35.0022 0x10fc  netprofm - ok
19:53:35.0022 0x10fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:53:35.0038 0x10fc  NetTcpActivator - ok
19:53:35.0038 0x10fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:53:35.0038 0x10fc  NetTcpPortSharing - ok
19:53:35.0053 0x10fc  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:53:35.0053 0x10fc  nfrd960 - ok
19:53:35.0085 0x10fc  [ 780FF28BCD8470C5FDDEEF69982AA295, 1ED386E87E0AA733F23D554D2BF4EF4168DB9A419B7BA0BA8FBA20F118BE21DF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:53:35.0116 0x10fc  NisDrv - ok
19:53:35.0147 0x10fc  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:53:35.0194 0x10fc  NlaSvc - ok
19:53:35.0216 0x10fc  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:53:35.0232 0x10fc  Npfs - ok
19:53:35.0263 0x10fc  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
19:53:35.0282 0x10fc  nsi - ok
19:53:35.0298 0x10fc  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:53:35.0330 0x10fc  nsiproxy - ok
19:53:35.0392 0x10fc  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:53:35.0439 0x10fc  Ntfs - ok
19:53:35.0455 0x10fc  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
19:53:35.0486 0x10fc  Null - ok
19:53:35.0811 0x10fc  [ 61B13F70B75EE35526549CFEE7850613, 07E8E593188F4A971FDE7D30F4B401A966944CFC268852A35D428C635370BB78 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:53:36.0209 0x10fc  nvlddmkm - ok
19:53:36.0228 0x10fc  [ 8635A871AAFC3C0E48C4F85C0796EAE0, 76684ABB4AD16F9678D780A290F03D018B2CB48D9FBCA468D6D48A8B267B5352 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
19:53:36.0234 0x10fc  nvpciflt - ok
19:53:36.0252 0x10fc  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:53:36.0261 0x10fc  nvraid - ok
19:53:36.0292 0x10fc  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:53:36.0302 0x10fc  nvstor - ok
19:53:36.0335 0x10fc  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:53:36.0344 0x10fc  nv_agp - ok
19:53:36.0386 0x10fc  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:53:36.0408 0x10fc  ohci1394 - ok
19:53:36.0458 0x10fc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:53:36.0499 0x10fc  p2pimsvc - ok
19:53:36.0523 0x10fc  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:53:36.0576 0x10fc  p2psvc - ok
19:53:36.0604 0x10fc  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:53:36.0622 0x10fc  Parport - ok
19:53:36.0638 0x10fc  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:53:36.0645 0x10fc  partmgr - ok
19:53:36.0660 0x10fc  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
19:53:36.0683 0x10fc  Parvdm - ok
19:53:36.0721 0x10fc  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:53:36.0746 0x10fc  PcaSvc - ok
19:53:36.0787 0x10fc  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
19:53:36.0797 0x10fc  pci - ok
19:53:36.0825 0x10fc  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:53:36.0832 0x10fc  pciide - ok
19:53:36.0855 0x10fc  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:53:36.0866 0x10fc  pcmcia - ok
19:53:36.0879 0x10fc  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:53:36.0886 0x10fc  pcw - ok
19:53:36.0914 0x10fc  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:53:36.0945 0x10fc  PEAUTH - ok
19:53:37.0030 0x10fc  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
19:53:37.0121 0x10fc  pla - ok
19:53:37.0161 0x10fc  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:53:37.0203 0x10fc  PlugPlay - ok
19:53:37.0226 0x10fc  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:53:37.0261 0x10fc  PNRPAutoReg - ok
19:53:37.0293 0x10fc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:53:37.0315 0x10fc  PNRPsvc - ok
19:53:37.0355 0x10fc  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:53:37.0417 0x10fc  PolicyAgent - ok
19:53:37.0447 0x10fc  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
19:53:37.0480 0x10fc  Power - ok
19:53:37.0523 0x10fc  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:53:37.0578 0x10fc  PptpMiniport - ok
19:53:37.0587 0x10fc  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:53:37.0597 0x10fc  Processor - ok
19:53:37.0624 0x10fc  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:53:37.0647 0x10fc  ProfSvc - ok
19:53:37.0660 0x10fc  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:53:37.0668 0x10fc  ProtectedStorage - ok
19:53:37.0686 0x10fc  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:53:37.0711 0x10fc  Psched - ok
19:53:37.0772 0x10fc  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:53:37.0838 0x10fc  ql2300 - ok
19:53:37.0872 0x10fc  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:53:37.0891 0x10fc  ql40xx - ok
19:53:37.0930 0x10fc  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
19:53:37.0972 0x10fc  QWAVE - ok
19:53:37.0986 0x10fc  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:53:38.0018 0x10fc  QWAVEdrv - ok
19:53:38.0031 0x10fc  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:53:38.0056 0x10fc  RasAcd - ok
19:53:38.0095 0x10fc  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:53:38.0127 0x10fc  RasAgileVpn - ok
19:53:38.0142 0x10fc  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
19:53:38.0162 0x10fc  RasAuto - ok
19:53:38.0194 0x10fc  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:53:38.0224 0x10fc  Rasl2tp - ok
19:53:38.0274 0x10fc  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
19:53:38.0323 0x10fc  RasMan - ok
19:53:38.0349 0x10fc  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:53:38.0379 0x10fc  RasPppoe - ok
19:53:38.0409 0x10fc  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:53:38.0439 0x10fc  RasSstp - ok
19:53:38.0470 0x10fc  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:53:38.0504 0x10fc  rdbss - ok
19:53:38.0531 0x10fc  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:53:38.0534 0x10fc  rdpbus - ok
19:53:38.0565 0x10fc  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:53:38.0612 0x10fc  RDPCDD - ok
19:53:38.0643 0x10fc  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:53:38.0690 0x10fc  RDPENCDD - ok
19:53:38.0733 0x10fc  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:53:38.0780 0x10fc  RDPREFMP - ok
19:53:38.0827 0x10fc  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:53:38.0874 0x10fc  RdpVideoMiniport - ok
19:53:38.0907 0x10fc  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:53:38.0938 0x10fc  RDPWD - ok
19:53:38.0969 0x10fc  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:53:39.0001 0x10fc  rdyboost - ok
19:53:39.0032 0x10fc  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:53:39.0079 0x10fc  RemoteAccess - ok
19:53:39.0125 0x10fc  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:53:39.0203 0x10fc  RemoteRegistry - ok
19:53:39.0235 0x10fc  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:53:39.0266 0x10fc  RFCOMM - ok
19:53:39.0313 0x10fc  [ AFA8CCAFC4A0983B09AC386E643F8F81, D6E55D849695E71DA2A387B2AF4333D18A943F61F0D46D2E57DF9C6E3903DDE8 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
19:53:39.0344 0x10fc  RMCAST - ok
19:53:39.0359 0x10fc  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:53:39.0406 0x10fc  RpcEptMapper - ok
19:53:39.0438 0x10fc  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
19:53:39.0457 0x10fc  RpcLocator - ok
19:53:39.0483 0x10fc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
19:53:39.0502 0x10fc  RpcSs - ok
19:53:39.0599 0x10fc  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:53:39.0630 0x10fc  rspndr - ok
19:53:39.0661 0x10fc  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] SamSs           C:\Windows\system32\lsass.exe
19:53:39.0677 0x10fc  SamSs - ok
19:53:39.0724 0x10fc  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:53:39.0739 0x10fc  SASDIFSV - ok
19:53:39.0739 0x10fc  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:53:39.0755 0x10fc  SASKUTIL - ok
19:53:39.0786 0x10fc  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:53:39.0786 0x10fc  sbp2port - ok
19:53:39.0825 0x10fc  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:53:39.0882 0x10fc  SCardSvr - ok
19:53:39.0918 0x10fc  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:53:39.0949 0x10fc  scfilter - ok
19:53:39.0996 0x10fc  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
19:53:40.0063 0x10fc  Schedule - ok
19:53:40.0079 0x10fc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:53:40.0103 0x10fc  SCPolicySvc - ok
19:53:40.0121 0x10fc  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
19:53:40.0135 0x10fc  sdbus - ok
19:53:40.0157 0x10fc  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:53:40.0203 0x10fc  SDRSVC - ok
19:53:40.0223 0x10fc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:53:40.0244 0x10fc  secdrv - ok
19:53:40.0276 0x10fc  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
19:53:40.0314 0x10fc  seclogon - ok
19:53:40.0329 0x10fc  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
19:53:40.0368 0x10fc  SENS - ok
19:53:40.0372 0x10fc  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:53:40.0393 0x10fc  SensrSvc - ok
19:53:40.0405 0x10fc  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:53:40.0441 0x10fc  Serenum - ok
19:53:40.0464 0x10fc  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:53:40.0479 0x10fc  Serial - ok
19:53:40.0493 0x10fc  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:53:40.0506 0x10fc  sermouse - ok
19:53:40.0529 0x10fc  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:53:40.0623 0x10fc  SessionEnv - ok
19:53:40.0655 0x10fc  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:53:40.0685 0x10fc  sffdisk - ok
19:53:40.0700 0x10fc  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:53:40.0727 0x10fc  sffp_mmc - ok
19:53:40.0739 0x10fc  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:53:40.0756 0x10fc  sffp_sd - ok
19:53:40.0768 0x10fc  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:53:40.0784 0x10fc  sfloppy - ok
19:53:40.0822 0x10fc  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:53:40.0861 0x10fc  SharedAccess - ok
19:53:40.0905 0x10fc  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:53:40.0917 0x10fc  ShellHWDetection - ok
19:53:40.0933 0x10fc  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:53:40.0948 0x10fc  sisagp - ok
19:53:40.0964 0x10fc  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:53:40.0964 0x10fc  SiSRaid2 - ok
19:53:40.0980 0x10fc  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:53:40.0980 0x10fc  SiSRaid4 - ok
19:53:41.0028 0x10fc  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:53:41.0050 0x10fc  SkypeUpdate - ok
19:53:41.0066 0x10fc  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:53:41.0082 0x10fc  Smb - ok
19:53:41.0113 0x10fc  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:53:41.0149 0x10fc  SNMPTRAP - ok
19:53:41.0175 0x10fc  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:53:41.0182 0x10fc  spldr - ok
19:53:41.0217 0x10fc  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
19:53:41.0338 0x10fc  Spooler - ok
19:53:41.0769 0x10fc  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
19:53:41.0863 0x10fc  sppsvc - ok
19:53:41.0894 0x10fc  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:53:41.0925 0x10fc  sppuinotify - ok
19:53:41.0956 0x10fc  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:53:41.0972 0x10fc  srv - ok
19:53:42.0007 0x10fc  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:53:42.0031 0x10fc  srv2 - ok
19:53:42.0063 0x10fc  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:53:42.0089 0x10fc  srvnet - ok
19:53:42.0123 0x10fc  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:53:42.0144 0x10fc  SSDPSRV - ok
19:53:42.0162 0x10fc  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:53:42.0181 0x10fc  SstpSvc - ok
19:53:42.0213 0x10fc  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:53:42.0221 0x10fc  stexstor - ok
19:53:42.0260 0x10fc  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
19:53:42.0305 0x10fc  StiSvc - ok
19:53:42.0332 0x10fc  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:53:42.0339 0x10fc  swenum - ok
19:53:42.0361 0x10fc  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
19:53:42.0399 0x10fc  swprv - ok
19:53:42.0486 0x10fc  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
19:53:42.0597 0x10fc  SysMain - ok
19:53:42.0632 0x10fc  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
19:53:42.0663 0x10fc  TabletInputService - ok
19:53:42.0679 0x10fc  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:53:42.0741 0x10fc  TapiSrv - ok
19:53:42.0772 0x10fc  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
19:53:42.0788 0x10fc  TBS - ok
19:53:42.0881 0x10fc  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:53:42.0928 0x10fc  Tcpip - ok
19:53:42.0975 0x10fc  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:53:42.0991 0x10fc  TCPIP6 - ok
19:53:43.0022 0x10fc  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:53:43.0022 0x10fc  tcpipreg - ok
19:53:43.0053 0x10fc  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:53:43.0069 0x10fc  TDPIPE - ok
19:53:43.0100 0x10fc  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:53:43.0132 0x10fc  TDTCP - ok
19:53:43.0163 0x10fc  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:53:43.0210 0x10fc  tdx - ok
19:53:43.0241 0x10fc  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:53:43.0257 0x10fc  TermDD - ok
19:53:43.0304 0x10fc  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
19:53:43.0366 0x10fc  TermService - ok
19:53:43.0382 0x10fc  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
19:53:43.0413 0x10fc  Themes - ok
19:53:43.0428 0x10fc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
19:53:43.0460 0x10fc  THREADORDER - ok
19:53:43.0460 0x10fc  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
19:53:43.0491 0x10fc  TrkWks - ok
19:53:43.0585 0x10fc  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:53:43.0617 0x10fc  TrustedInstaller - ok
19:53:43.0648 0x10fc  [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:53:43.0695 0x10fc  tssecsrv - ok
19:53:43.0741 0x10fc  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:53:43.0757 0x10fc  TsUsbFlt - ok
19:53:43.0788 0x10fc  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:53:43.0819 0x10fc  tunnel - ok
19:53:43.0851 0x10fc  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:53:43.0851 0x10fc  uagp35 - ok
19:53:43.0882 0x10fc  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:53:43.0913 0x10fc  udfs - ok
19:53:43.0944 0x10fc  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:53:43.0975 0x10fc  UI0Detect - ok
19:53:44.0007 0x10fc  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:53:44.0022 0x10fc  uliagpkx - ok
19:53:44.0038 0x10fc  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
19:53:44.0038 0x10fc  umbus - ok
19:53:44.0053 0x10fc  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:53:44.0085 0x10fc  UmPass - ok
19:53:44.0100 0x10fc  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
19:53:44.0147 0x10fc  upnphost - ok
19:53:44.0178 0x10fc  [ A176718F0DF45F60F545CF3E14F4D108, 5E767CB0B51B3BA05B6F99A7E46BEC275489DCFE874343C9B992843AA1F2334E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
19:53:44.0194 0x10fc  USBAAPL - ok
19:53:44.0225 0x10fc  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:53:44.0256 0x10fc  usbccgp - ok
19:53:44.0272 0x10fc  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:53:44.0319 0x10fc  usbcir - ok
19:53:44.0334 0x10fc  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:53:44.0350 0x10fc  usbehci - ok
19:53:44.0365 0x10fc  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:53:44.0397 0x10fc  usbhub - ok
19:53:44.0412 0x10fc  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:53:44.0428 0x10fc  usbohci - ok
19:53:44.0459 0x10fc  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:53:44.0490 0x10fc  usbprint - ok
19:53:44.0490 0x10fc  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:53:44.0521 0x10fc  USBSTOR - ok
19:53:44.0521 0x10fc  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:53:44.0553 0x10fc  usbuhci - ok
19:53:44.0599 0x10fc  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:53:44.0631 0x10fc  usbvideo - ok
19:53:44.0662 0x10fc  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
19:53:44.0677 0x10fc  UxSms - ok
19:53:44.0709 0x10fc  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] VaultSvc        C:\Windows\system32\lsass.exe
19:53:44.0709 0x10fc  VaultSvc - ok
19:53:44.0724 0x10fc  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:53:44.0740 0x10fc  vdrvroot - ok
19:53:44.0771 0x10fc  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
19:53:44.0833 0x10fc  vds - ok
19:53:44.0865 0x10fc  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:53:44.0880 0x10fc  vga - ok
19:53:44.0896 0x10fc  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:53:44.0911 0x10fc  VgaSave - ok
19:53:44.0943 0x10fc  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:53:44.0974 0x10fc  vhdmp - ok
19:53:44.0989 0x10fc  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:53:45.0005 0x10fc  viaagp - ok
19:53:45.0021 0x10fc  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
19:53:45.0036 0x10fc  ViaC7 - ok
19:53:45.0052 0x10fc  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:53:45.0067 0x10fc  viaide - ok
19:53:45.0083 0x10fc  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:53:45.0099 0x10fc  volmgr - ok
19:53:45.0114 0x10fc  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:53:45.0145 0x10fc  volmgrx - ok
19:53:45.0161 0x10fc  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:53:45.0177 0x10fc  volsnap - ok
19:53:45.0192 0x10fc  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:53:45.0208 0x10fc  vsmraid - ok
19:53:45.0255 0x10fc  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
19:53:45.0348 0x10fc  VSS - ok
19:53:45.0364 0x10fc  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:53:45.0364 0x10fc  vwifibus - ok
19:53:45.0379 0x10fc  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:53:45.0411 0x10fc  vwififlt - ok
19:53:45.0442 0x10fc  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
19:53:45.0473 0x10fc  W32Time - ok
19:53:45.0535 0x10fc  [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
19:53:45.0598 0x10fc  W3SVC - ok
19:53:45.0613 0x10fc  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:53:45.0645 0x10fc  WacomPen - ok
19:53:45.0660 0x10fc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:53:45.0707 0x10fc  WANARP - ok
19:53:45.0707 0x10fc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:53:45.0723 0x10fc  Wanarpv6 - ok
19:53:45.0754 0x10fc  [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
19:53:45.0769 0x10fc  WAS - ok
19:53:45.0847 0x10fc  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
19:53:45.0910 0x10fc  wbengine - ok
19:53:45.0941 0x10fc  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:53:45.0957 0x10fc  WbioSrvc - ok
19:53:45.0988 0x10fc  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:53:46.0003 0x10fc  wcncsvc - ok
19:53:46.0019 0x10fc  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:53:46.0066 0x10fc  WcsPlugInService - ok
19:53:46.0081 0x10fc  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:53:46.0097 0x10fc  Wd - ok
19:53:46.0144 0x10fc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:53:46.0191 0x10fc  Wdf01000 - ok
19:53:46.0206 0x10fc  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:53:46.0222 0x10fc  WdiServiceHost - ok
19:53:46.0222 0x10fc  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:53:46.0237 0x10fc  WdiSystemHost - ok
19:53:46.0269 0x10fc  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
19:53:46.0284 0x10fc  WebClient - ok
19:53:46.0315 0x10fc  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:53:46.0347 0x10fc  Wecsvc - ok
19:53:46.0362 0x10fc  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:53:46.0393 0x10fc  wercplsupport - ok
19:53:46.0409 0x10fc  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
19:53:46.0425 0x10fc  WerSvc - ok
19:53:46.0456 0x10fc  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:53:46.0487 0x10fc  WfpLwf - ok
19:53:46.0487 0x10fc  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:53:46.0503 0x10fc  WIMMount - ok
19:53:46.0643 0x10fc  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:53:46.0721 0x10fc  WinDefend - ok
19:53:46.0721 0x10fc  WinHttpAutoProxySvc - ok
19:53:46.0799 0x10fc  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:53:46.0830 0x10fc  Winmgmt - ok
19:53:46.0908 0x10fc  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:53:46.0986 0x10fc  WinRM - ok
19:53:47.0017 0x10fc  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:53:47.0049 0x10fc  WinUsb - ok
19:53:47.0095 0x10fc  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:53:47.0158 0x10fc  Wlansvc - ok
19:53:47.0236 0x10fc  [ E25D39B4B6647A665A4E53B0E68A7424, DEEE39573477A6E919AADDAC3D1A92270FF5491D2065533F3955738F047AB12D ] wltrysvc        C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
19:53:47.0236 0x10fc  wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
19:53:50.0231 0x10fc  wltrysvc ( UnsignedFile.Multi.Generic ) - warning
19:54:03.0567 0x10fc  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:54:03.0599 0x10fc  WmiAcpi - ok
19:54:03.0645 0x10fc  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:54:03.0692 0x10fc  wmiApSrv - ok
19:54:03.0801 0x10fc  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:54:03.0879 0x10fc  WMPNetworkSvc - ok
19:54:03.0895 0x10fc  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:54:03.0926 0x10fc  WPCSvc - ok
19:54:03.0942 0x10fc  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:54:03.0957 0x10fc  WPDBusEnum - ok
19:54:03.0989 0x10fc  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:54:04.0004 0x10fc  ws2ifsl - ok
19:54:04.0020 0x10fc  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
19:54:04.0062 0x10fc  wscsvc - ok
19:54:04.0064 0x10fc  WSearch - ok
19:54:04.0162 0x10fc  [ 8F145DC71B87BB4D6829FF6ECC9FB8CE, 7841671FAF9EEF326B6A5F2E63C65DB2F54D15357527EBAD2ADDA1BB1FE0479E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:54:04.0247 0x10fc  wuauserv - ok
19:54:04.0274 0x10fc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:54:04.0305 0x10fc  WudfPf - ok
19:54:04.0326 0x10fc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:54:04.0353 0x10fc  WUDFRd - ok
19:54:04.0378 0x10fc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:54:04.0403 0x10fc  wudfsvc - ok
19:54:04.0441 0x10fc  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:54:04.0475 0x10fc  WwanSvc - ok
19:54:04.0508 0x10fc  [ C26C68BCBAC1F33F890C226769759209, 15FCBDF391C68D440A61512CF236C328A540DBC155D252FB7E97E14D0E99AA40 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
19:54:04.0533 0x10fc  xusb21 - ok
19:54:04.0580 0x10fc  [ 79BC44FF509C79D4E34DED3CD6EFD92B, E20385AC49BB1BA882A1EEEB57EB4AC2B1EFD507C0254DE6DE5AD5161A8B0E7C ] ZAtheros Wlan Agent C:\Program Files\Atheros\Ath_WlanAgent.exe
19:54:04.0600 0x10fc  ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 )
19:54:14.0610 0x10fc  ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - warning
19:54:18.0557 0x10fc  ================ Scan global ===============================
19:54:18.0650 0x10fc  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
19:54:18.0697 0x10fc  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
19:54:18.0732 0x10fc  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
19:54:18.0758 0x10fc  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
19:54:18.0789 0x10fc  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
19:54:18.0789 0x10fc  [ Global ] - ok
19:54:18.0789 0x10fc  ================ Scan MBR ==================================
19:54:18.0805 0x10fc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:54:19.0132 0x10fc  \Device\Harddisk0\DR0 - ok
19:54:19.0132 0x10fc  ================ Scan VBR ==================================
19:54:19.0132 0x10fc  [ 05B5D7F42DEA2252F236C26E5306AEBA ] \Device\Harddisk0\DR0\Partition1
19:54:19.0132 0x10fc  \Device\Harddisk0\DR0\Partition1 - ok
19:54:19.0148 0x10fc  [ 06675EF1908507801953F64E39EDE23C ] \Device\Harddisk0\DR0\Partition2
19:54:19.0164 0x10fc  \Device\Harddisk0\DR0\Partition2 - ok
19:54:19.0164 0x10fc  ================ Scan generic autorun ======================
19:54:19.0398 0x10fc  [ 9971E2CBDACC54D88B784F7F8C6F6616, 72F804F69F1F3980B28034B13719115258ACDC62A35C2E6B2FF0377B23B786EE ] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
19:54:19.0647 0x10fc  Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )
19:54:22.0469 0x10fc  Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - warning
19:54:25.0606 0x10fc  [ E49FD011745BFC5621C586CCD07FF81E, 4708898D8920EC8F1356BFE8308E31BC6C1ACE69B824822681176B2EC7A0C41C ] C:\Program Files\CCleaner\CCleaner.exe
19:54:25.0840 0x10fc  CCleaner Monitoring - ok
19:54:25.0965 0x10fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:54:26.0028 0x10fc  Sidebar - ok
19:54:26.0059 0x10fc  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
19:54:26.0074 0x10fc  mctadmin - ok
19:54:26.0106 0x10fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:54:26.0121 0x10fc  Sidebar - ok
19:54:26.0121 0x10fc  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
19:54:26.0137 0x10fc  mctadmin - ok
19:54:26.0137 0x10fc  Waiting for KSN requests completion. In queue: 5
19:54:27.0138 0x10fc  Waiting for KSN requests completion. In queue: 5
19:54:28.0143 0x10fc  Waiting for KSN requests completion. In queue: 5
19:54:29.0154 0x10fc  Waiting for KSN requests completion. In queue: 5
19:54:30.0160 0x10fc  Waiting for KSN requests completion. In queue: 5
19:54:31.0161 0x10fc  Waiting for KSN requests completion. In queue: 5
19:54:32.0161 0x10fc  Waiting for KSN requests completion. In queue: 5
19:54:33.0220 0x10fc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe (  ), 0x60000 ( disabled : updated )
19:54:33.0272 0x10fc  Win FW state via NFP2: enabled ( trusted )
19:54:36.0045 0x10fc  ============================================================
19:54:36.0045 0x10fc  Scan finished
19:54:36.0045 0x10fc  ============================================================
19:54:36.0056 0x0cb8  Detected object count: 4
19:54:36.0056 0x0cb8  Actual detected object count: 4
19:55:32.0106 0x0cb8  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:32.0106 0x0cb8  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:32.0106 0x0cb8  wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:32.0106 0x0cb8  wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:32.0106 0x0cb8  ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:32.0106 0x0cb8  ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:32.0106 0x0cb8  Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:32.0106 0x0cb8  Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:41.0418 0x131c  Deinitialize success

Zur Info.
Ich bin Student und gehe mit einer PPPoE Breitbandverbindung des Studierendenwerks ins Internet. Außerdem baue ich eine Verbindung zu den netzlaufwerken der Fachhochschule auf

Deathkid535 · 07.01.2016, 13:28

Hi,

zuerst kümmern wir uns um das bisschen Adware was drauf ist, für das eigentliche Problem glaub ich hab ich die Lösung schon, das machen wir dann im nächsten Schritt

Schritt # 1: AdwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt # 2: FRST

Bitte noch ein frisches FRST-Log.

Schritt # 3: Bitte Posten

Das Log von AdwCleaner
Das frische FRST-Log

LordDrygin · 07.01.2016, 14:28

Code:

ATTFilter

# AdwCleaner v5.028 - Bericht erstellt am 07/01/2016 um 14:20:04
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : LordDrygin - LORDDRYGIN-PC
# Gestartet von : C:\Users\LordDrygin\Desktop\AdwCleaner_5.028.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

***** [ Internetbrowser ] *****

[-] [C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxp://mystart.com/?pr=manycam&id=manycam_ot&v=5_0");
[-] [C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : cmaiofennmphjldldcpphcechfnnohja

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1736 Bytes] ##########

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:06-01-2015
durchgeführt von LordDrygin (Administrator) auf LORDDRYGIN-PC (07-01-2016 14:24:07)
Gestartet von C:\Users\LordDrygin\Desktop
Geladene Profile: LordDrygin (Verfügbare Profile: LordDrygin & postgres & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Atheros) C:\Program Files\Atheros\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [6471168 2015-10-05] (Broadcom Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-03-09] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2016-01-02]
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
Startup: C:\Users\LordDrygin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-12-17] ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\..\Interfaces\{9142A077-4E62-4396-9E04-485F96D7E296}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E86470D2-02C4-44FF-B049-3CFD719CC2DE}: [NameServer] 212.7.160.109 212.7.160.3

Internet Explorer:
==================
HKU\S-1-5-21-817323750-2849227344-2509689014-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-817323750-2849227344-2509689014-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-13] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\searchplugins\google-images.xml [2014-06-28]
FF SearchPlugin: C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\searchplugins\google-maps.xml [2014-06-28]
FF SearchPlugin: C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\searchplugins\youtube.xml [2015-10-28]
FF Extension: Viewtubes - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\extensions\FF_AddOn@viewtubes.de.xpi [2015-10-04]
FF Extension: NoScript - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-25]
FF Extension: WOT - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-03]
FF Extension: Kein Name - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\Extensions\cliqz@cliqz.com.xpi [2015-12-08] [ist nicht signiert]
FF Extension: The Addon Bar (restored) - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2015-09-21]
FF Extension: Adblock Plus - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]
FF Extension: FoxClocks - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}.xpi [2015-10-27]
FF HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\LordDrygin\AppData\Roaming\Mozilla\Firefox\Profiles\f3xusbjb.default\extensions\cliqz@cliqz.com => nicht gefunden
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-10-09]

Chrome: 
=======
CHR Profile: C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Google Drive) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Google-Suche) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (Google Mail) - C:\Users\LordDrygin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [peefembmkccmkodbcpgilfjgkligpbba] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-12-18] (BitRaider, LLC)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290224 2015-08-27] (Intel Corporation)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
S4 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [283568 2015-08-27] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [126464 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5179392 2015-10-05] (Broadcom Corporation) [Datei ist nicht signiert]
R2 ZAtheros Wlan Agent; C:\Program Files\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [60968 2011-11-04] (Broadcom Corporation)
R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [17960 2011-11-04] (Broadcom Corporation)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2015-10-05] (Broadcom Corporation)
R3 BcmVWL; C:\Windows\System32\DRIVERS\bcmvwl32.sys [17728 2015-10-05] (Broadcom Corporation)
S3 BRDriver_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [66824 2015-12-18] (BitRaider)
R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [43560 2011-09-02] (Broadcom Corporation)
R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [47104 2012-05-03] (Broadcom Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [Datei ist nicht signiert]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [48280 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [30488 2014-12-29] (Visicom Media Inc.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [25376 2013-09-05] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\LORDDR~1\AppData\Local\Temp\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-07 14:15 - 2016-01-07 14:16 - 01749504 _____ C:\Users\LordDrygin\Desktop\AdwCleaner_5.028.exe
2016-01-07 04:12 - 2016-01-07 04:12 - 00323755 _____ C:\Users\LordDrygin\Downloads\Walkthrough_Zelda_MajorasMask.pdf
2016-01-06 19:52 - 2016-01-06 19:55 - 00204460 _____ C:\TDSSKiller.3.1.0.9_06.01.2016_19.52.14_log.txt
2016-01-06 19:51 - 2016-01-06 19:52 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\LordDrygin\Desktop\tdsskiller.exe
2016-01-06 18:36 - 2016-01-07 14:24 - 00014076 _____ C:\Users\LordDrygin\Desktop\FRST.txt
2016-01-06 18:36 - 2016-01-06 18:38 - 00040314 _____ C:\Users\LordDrygin\Desktop\Addition.txt
2016-01-06 18:35 - 2016-01-06 18:35 - 01721856 _____ (Farbar) C:\Users\LordDrygin\Desktop\FRST.exe
2016-01-05 19:01 - 2016-01-05 19:03 - 11615576 _____ (Microsoft Corporation) C:\Users\LordDrygin\Downloads\mseinstall.exe
2016-01-05 02:00 - 2016-01-05 02:02 - 00000000 ____D C:\Users\LordDrygin\workspace
2016-01-05 01:57 - 2016-01-05 01:58 - 00000000 ____D C:\Neuer Ordner
2016-01-05 00:02 - 2016-01-05 00:02 - 00000000 ____D C:\Users\LordDrygin\Documents\FH
2016-01-02 16:47 - 2016-01-02 16:47 - 00000000 ____D C:\ProgramData\Sophos
2016-01-02 16:46 - 2016-01-02 18:45 - 00000000 ____D C:\Program Files\Sophos
2016-01-02 16:13 - 2016-01-07 02:41 - 00002266 ____H C:\Users\LordDrygin\Documents\Default.rdp
2016-01-02 16:00 - 2016-01-02 16:02 - 00001594 _____ C:\Windows\VPNInstall.MIF
2016-01-02 16:00 - 2016-01-02 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
2016-01-02 16:00 - 2016-01-02 16:00 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks
2016-01-02 16:00 - 2016-01-02 16:00 - 00000000 ____D C:\Program Files\Cisco Systems
2016-01-02 15:59 - 2016-01-02 15:59 - 07944972 _____ C:\Users\LordDrygin\Downloads\W2k_XP_2003_Vista_7_8.zip
2016-01-02 15:59 - 2016-01-02 15:59 - 00000000 ____D C:\Users\LordDrygin\Downloads\W2k_XP_2003_Vista_7_8
2015-12-18 10:05 - 2015-12-18 10:05 - 00000000 ____D C:\Users\LordDrygin\Documents\HeroBlade Logs
2015-12-18 10:05 - 2015-12-18 10:05 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\SWTOR
2015-12-18 04:55 - 2015-12-18 04:55 - 00000000 ____D C:\Users\Public\Documents\BitRaider
2015-12-18 04:55 - 2015-12-18 04:55 - 00000000 ____D C:\ProgramData\BitRaider
2015-12-18 04:54 - 2015-12-18 04:54 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\SWTORPerf
2015-12-18 04:47 - 2015-12-18 04:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-12-18 04:47 - 2015-12-18 04:47 - 00000000 ____D C:\Program Files\Electronic Arts
2015-12-18 04:47 - 2015-12-18 04:47 - 00000000 ____D C:\Program Files\Common Files\BioWare
2015-12-18 04:45 - 2015-12-18 04:45 - 29720272 _____ C:\Users\LordDrygin\Downloads\SWTOR_setup.exe
2015-12-17 04:02 - 2015-12-17 04:05 - 00000000 ____D C:\Users\LordDrygin\AppData\Roaming\Curse Advertising
2015-12-17 04:02 - 2015-12-17 04:02 - 00000000 ____D C:\Users\LordDrygin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-12-17 03:59 - 2016-01-07 14:22 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\Deployment
2015-12-17 03:58 - 2015-12-17 03:58 - 00402696 _____ () C:\Users\LordDrygin\Downloads\setup.exe
2015-12-16 20:56 - 2015-12-16 20:56 - 00086406 _____ C:\Users\LordDrygin\Downloads\ich.jpeg
2015-12-14 11:43 - 2016-01-07 14:21 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1365c36b8ebc9.job
2015-12-14 11:43 - 2016-01-07 13:48 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1365c38017478.job
2015-12-09 12:44 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 12:44 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 12:44 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 12:44 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 12:44 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 12:44 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 12:44 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 12:44 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 12:44 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 12:44 - 2015-11-10 19:39 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 12:44 - 2015-11-10 19:39 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 12:44 - 2015-11-10 18:40 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 12:44 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 12:44 - 2015-11-10 01:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 12:44 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 12:44 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 12:44 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 12:44 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 12:44 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 12:44 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 12:44 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 12:44 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 12:44 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 12:44 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 12:44 - 2015-11-10 01:03 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 12:44 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 12:44 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 12:44 - 2015-11-10 00:57 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 12:44 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 12:44 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 12:44 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 12:44 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 12:44 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 12:44 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 12:44 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 12:44 - 2015-11-10 00:36 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 12:44 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 12:44 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 12:44 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 12:44 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 02956800 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 12:42 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 12:42 - 2015-11-20 19:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 12:42 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 12:42 - 2015-11-20 19:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 12:42 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 12:42 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 12:42 - 2015-11-05 10:48 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 12:42 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 12:42 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 00:54 - 2015-12-09 00:54 - 00000000 ____D C:\Users\LordDrygin\Documents\StarCraft II

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-07 14:24 - 2014-04-19 12:37 - 00000000 ____D C:\FRST
2016-01-07 14:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\inetsrv
2016-01-07 14:22 - 2015-08-01 19:50 - 00000000 __SHD C:\Users\LordDrygin\IntelGraphicsProfiles
2016-01-07 14:21 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-07 14:20 - 2015-02-16 19:57 - 00000000 ____D C:\AdwCleaner
2016-01-07 13:36 - 2009-07-14 05:34 - 00022368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-07 13:36 - 2009-07-14 05:34 - 00022368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-05 19:40 - 2014-03-30 20:10 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\Windows Live
2016-01-05 19:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-05 19:22 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-05 19:20 - 2015-10-04 02:39 - 00002115 _____ C:\Windows\epplauncher.mif
2016-01-05 02:00 - 2014-05-05 16:48 - 00000000 ____D C:\Users\LordDrygin
2016-01-05 00:03 - 2014-05-05 16:52 - 01910900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-05 00:03 - 2009-07-14 09:47 - 00849374 _____ C:\Windows\system32\perfh007.dat
2016-01-05 00:03 - 2009-07-14 09:47 - 00222568 _____ C:\Windows\system32\perfc007.dat
2016-01-05 00:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-02 16:46 - 2015-10-04 02:38 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-12-21 06:50 - 2015-12-02 00:26 - 00000000 ____D C:\Users\LordDrygin\Documents\wetten
2015-12-18 14:29 - 2014-04-27 01:02 - 00000000 ____D C:\Users\LordDrygin\Desktop\Spiele
2015-12-18 14:07 - 2015-04-15 05:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-18 04:47 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-17 15:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2015-12-17 04:47 - 2014-03-15 15:13 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\Battle.net
2015-12-17 04:08 - 2015-11-11 03:23 - 00000000 ____D C:\Program Files\StarCraft II
2015-12-17 04:08 - 2014-05-04 05:08 - 00000000 ____D C:\Program Files\World of Warcraft
2015-12-17 04:07 - 2014-03-15 15:12 - 00000000 ____D C:\Program Files\Battle.net
2015-12-17 03:59 - 2014-06-10 19:09 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\Apps\2.0
2015-12-15 22:55 - 2015-10-05 21:47 - 00458752 _____ C:\Windows\system32\Ikeext.etl
2015-12-15 22:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2015-12-14 17:35 - 2014-07-13 18:14 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 13:40 - 2014-09-21 00:14 - 00000000 ____D C:\Program Files\AVG
2015-12-14 13:40 - 2014-09-21 00:13 - 00000000 ____D C:\Users\LordDrygin\AppData\Local\AvgSetupLog
2015-12-14 13:40 - 2014-03-09 18:03 - 00000000 ____D C:\ProgramData\AVG
2015-12-14 11:43 - 2014-07-13 18:14 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 19:24 - 2015-10-07 18:07 - 00286616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 19:19 - 2014-08-17 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 19:19 - 2014-08-17 23:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 19:13 - 2014-03-08 07:42 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 19:12 - 2014-03-08 07:42 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 18:42 - 2015-11-30 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-12-09 04:39 - 2015-10-04 02:43 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-22 14:09 - 2015-07-22 14:09 - 6420480 _____ () C:\Program Files\GUT1D50.tmp

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-24 03:46

==================== Ende vom FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:06-01-2015
durchgeführt von LordDrygin (2016-01-07 14:25:10)
Gestartet von C:\Users\LordDrygin\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2014-05-05 15:48:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-817323750-2849227344-2509689014-500 - Administrator - Disabled)
Gast (S-1-5-21-817323750-2849227344-2509689014-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-817323750-2849227344-2509689014-1002 - Limited - Enabled)
LordDrygin (S-1-5-21-817323750-2849227344-2509689014-1000 - Administrator - Enabled) => C:\Users\LordDrygin
postgres (S-1-5-21-817323750-2849227344-2509689014-1005 - Limited - Enabled) => C:\Users\postgres

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.120 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0410 (HKLM\...\{1CE60928-8325-49A8-8B06-633E48DD2B67}) (Version: 5.0.7 - Cisco Systems, Inc.)
Curse Client (HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{8862F11A-A9A0-4899-9F50-B5A79F12F3C2}) (Version: 12.3.1.23 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
ManyCam 5.0.5 (HKLM\...\ManyCam) (Version: 5.0.5 - Visicom Media Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PokerStars.eu (HKLM\...\PokerStars.eu) (Version:  - PokerStars.eu)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Star Wars The Old Republic (HKLM\...\swtor_swtor) (Version: 11.0.0.3 - Bioware/EA)
Star Wars: The Old Republic (HKLM\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM\...\StarCraft II) (Version:  - Blizzard Entertainment)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.340 - TuneUp Software) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.10 beta 2 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-817323750-2849227344-2509689014-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06A5F8A7-2453-454C-B7AE-08F7A0ED1D72} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {3FC1A8A7-2360-4E8B-864F-6A79FCA00318} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {53968441-99C6-4099-9AEC-1AC2B90EBCE6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {57D5513A-8DC0-45D0-BFCB-F51C2B473734} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {75DDADE5-662E-4541-B223-788F93D36362} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {772BC8BB-CF32-4522-ABF6-305D93B36F75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {7951DC62-5F45-4988-873D-013AAF461805} - System32\Tasks\{1E340A69-A807-4988-A911-D15C4F74B41C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsPlugin
Task: {7FC502B6-999B-4A3C-8816-3E2586803EC3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1365c38017478 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {8B521110-800B-46E5-9F43-DF863DF880FE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {90396E75-7BBC-4191-BA6C-7074800841D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG
Task: {AA6B7AEC-21F0-40B0-8331-8D5F3B22BB41} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {BEF936DD-2E2F-4E45-94F5-A4ACF154911F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {DAE785D1-9D6B-4CFD-88ED-BB832C4B56CC} - System32\Tasks\GoogleUpdateTaskMachineCore1d1365c36b8ebc9 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {E55AA914-1C7C-426A-B94B-9423837E8934} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {F2756CA3-3E54-44CB-9DFF-46D8731A1A95} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1365c36b8ebc9.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1365c38017478.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-09-27 12:03 - 2010-09-27 12:03 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2015-10-19 21:00 - 2015-10-19 21:00 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-16 22:54 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 22:54 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows\grep.exe:$CmdTcID
AlternateDataStreams: C:\Windows\MBR.exe:$CmdTcID
AlternateDataStreams: C:\Windows\NIRCMD.exe:$CmdTcID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\PEV.exe:$CmdTcID
AlternateDataStreams: C:\Windows\sed.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWREG.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWSC.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SWXCACLS.exe:$CmdTcID
AlternateDataStreams: C:\Windows\zip.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\GEARAspi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\igfxCoIn_v3958.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-817323750-2849227344-2509689014-1000\...\1-se.com -> 1-se.com

Da befinden sich 12581 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2014-04-19 20:05 - 2015-02-16 09:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-817323750-2849227344-2509689014-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LordDrygin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.7.160.109 - 212.7.160.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ManyCam => "C:\Program Files\ManyCam\ManyCam.exe" --silent

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{83FE6455-41DC-4EDE-8670-5C0AE8273239}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{0F4E0430-9D5F-4523-88FD-83D186953C25}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3039D0E-4200-4B26-8C7F-770985C1EDF8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{78A14537-4C5A-4087-BBB5-F44DE271A3A9}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CC0F386D-3963-4E82-80C2-DF655348D0FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C1E8C271-EC0B-4148-95F7-4D3CAB1769D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6431C326-C545-49C8-8030-72B55EF1FC0D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2249D7B4-7527-45BF-9342-EE4B0D7834E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{767521B3-9E29-4181-A72D-7351890B1287}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{566F5CC0-9EB0-4C68-861E-9672D88D4F0E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8BF896ED-723C-4894-BB82-796A0A03E13D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{3E295709-4918-4491-836F-F48702C7B300}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{470E727C-DE13-4207-B44E-BDC4F14A73C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{1AF0C0FF-580D-474A-875B-43AEBC0F68CD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{DDFDA23C-9F60-4705-8508-404FA644758C}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{D1B0FD98-7AAC-4BB8-901E-684909D9BA68}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{4BFC9C00-B600-440B-874D-572DC383AD42}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{55A020F3-4DA9-4FB7-A8FF-FB150FEA8F43}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe

==================== Wiederherstellungspunkte =========================

30-11-2015 09:42:08 Windows Update
07-12-2015 10:36:23 Windows Update
09-12-2015 19:12:18 Windows Update
14-12-2015 11:51:35 Windows Update
18-12-2015 04:38:11 Windows Update
18-12-2015 14:06:33 Windows Update
22-12-2015 13:08:24 Windows Update
27-12-2015 10:37:06 Windows Update
31-12-2015 16:41:43 Windows Update
02-01-2016 16:00:20 Installed Cisco Systems VPN Client 5.0.07.0410
02-01-2016 16:46:12 Installed Sophos Virus Removal Tool.
02-01-2016 18:44:38 Removed Sophos Virus Removal Tool.
05-01-2016 19:20:18 Windows Live Essentials
05-01-2016 19:20:48 WLSetup

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/06/2016 03:13:42 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={B7875A78-A80B-46BF-BAF8-4F3A4E6E2DDA}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.

Error: (01/06/2016 02:19:46 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={811A3A5D-1A9D-491D-B342-6D68782C6FB8}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.

Error: (01/05/2016 10:46:51 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={44141724-CA9D-48F6-A677-85F1CDFCCF31}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 10:46:24 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={61C91417-BB54-426A-868E-5A2F91D19410}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 10:35:30 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={3D6AB9EE-3DFD-4822-A27D-75F33DE06542}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 10:34:34 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={A382C51D-3094-4CC7-AE5D-E31720DB2E75}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 10:34:16 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={4D8C43EB-6E5B-48D6-B198-C59AB5AA5FEC}: Der Benutzer "LordDrygin-PC\LordDrygin" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (01/05/2016 07:20:44 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: LordDrygin-PC)
Description: HRESULT:0x8004FF91
Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91.

Error: (01/05/2016 07:20:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {753c2204-eae8-4638-93d0-aaa05c522fd4}

Error: (01/05/2016 07:19:16 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: LordDrygin-PC)
Description: HRESULT:0x8004FF91
Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x8004FF91.


Systemfehler:
=============
Error: (01/07/2016 02:20:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Program Files\Atheros\AthIhvWlanExt.dll

Error: (01/07/2016 02:20:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Program Files\Atheros\AthIhvWlanExt.dll

Error: (01/07/2016 02:20:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/07/2016 02:20:35 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/07/2016 02:20:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (01/07/2016 02:20:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Program Files\Atheros\AthIhvWlanExt.dll

Error: (01/07/2016 02:20:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2016 02:20:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2016 02:20:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2016 02:20:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 2388.36 MB
Verfügbarer physikalischer RAM: 1183.63 MB
Summe virtueller Speicher: 4775.02 MB
Verfügbarer virtueller Speicher: 3317.44 MB

==================== Laufwerke ================================

Drive c: (BOOT) (Fixed) (Total:275.41 GB) (Free:106.66 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:22.66 GB) (Free:12.73 GB) FAT32
Drive f: (081217_1316) (CDROM) (Total:2.18 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 19F509E3)
Partition 1: (Not Active) - (Size=22.7 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=275.4 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================

Deathkid535 · 07.01.2016, 14:49

Hi,

downloade und installiere mal das hier: https://support.microsoft.com/en-us/kb/942288

Kommt danach bei der Intallation von MSE immer noch die Fehlermeldung?

LordDrygin · 07.01.2016, 14:56

bin gerade verwirrt. dieser 4.5 installer ist ja anscheinend nur für xp und vista und wenn ich auf 5.0 klicke finde ich aber nicht den download link

Deathkid535 · 07.01.2016, 16:16

Hi,

hach gott die haben den Download-Link echt nicht reingegeben

Probier mal das:

Deinstalliere das KB3004394 nach folgender Anleitung: Entfernen von Updates - Windows-Hilfe

Dann probier mal MSE zu installieren.

LordDrygin · 07.01.2016, 19:03

bevor ich dies tue muss ich trotzdem nochmal was fragen. Bin echt unwissend.
Bin seit 2 Stunden zu Hause also nicht im studentenwohnheim und habe natürlich jetzt ne andere internetverbindung. Spielt das eine Rolle oder soll ich mit der weiteren Bearbeitung bis Montag warten?

Deathkid535 · 07.01.2016, 19:04

Hi,

Das ist vollkommen egal, mach einfach weiter wenn du Zeit hast

LordDrygin · 07.01.2016, 19:19

In meiner Liste ist kein KB3004394 sondern KB3004361 ist das einzige KB30043XX update.

Deathkid535 · 07.01.2016, 19:28

Hi,

Sehr eigenartig... Mach mal bitte eine Systemwiederherstellung.

LordDrygin · 07.01.2016, 19:41

Mit dem empfohlenen Wiederherstellungspunkt vom 5.1?

07.01.2016, 14:49	#8
Deathkid535 /// Malwareteam	Microsoft essentials deaktiviert und verschwinden..nach neuinstallionsversuch fehlermeldung Hi, downloade und installiere mal das hier: https://support.microsoft.com/en-us/kb/942288 Kommt danach bei der Intallation von MSE immer noch die Fehlermeldung? __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

07.01.2016, 19:04	#12
Deathkid535 /// Malwareteam	Microsoft essentials deaktiviert und verschwinden..nach neuinstallionsversuch fehlermeldung [gelöst] Hi, Das ist vollkommen egal, mach einfach weiter wenn du Zeit hast __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

07.01.2016, 19:28	#14
Deathkid535 /// Malwareteam	Microsoft essentials deaktiviert und verschwinden..nach neuinstallionsversuch fehlermeldung [gelöst] Hi, Sehr eigenartig... Mach mal bitte eine Systemwiederherstellung. __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

Microsoft essentials deaktiviert und verschwinden..nach neuinstallionsversuch fehlermeldung

Alles rund um Windows: Microsoft essentials deaktiviert und verschwinden..nach neuinstallionsversuch fehlermeldung

Problem: Microsoft essentials deaktiviert und verschwinden..nach neuinstallionsversuch fehlermeldung