| rudedude | 18.02.2015 22:42 |
Danke für die schnellen Antworten.
Hier das Log File:
FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by ... (administrator) on ... on 18-02-2015 22:32:42
Running from D:\Users\...\Desktop
Loaded Profiles: ... (Available profiles: ... & Administrator & Gast)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (All) =========================
(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) C:\Windows\System32\taskhostex.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Apple Inc.) C:\Config.Msi\fbc4df.rbf
(REALiX) E:\Other\HWiNFO64\HWiNFO64.EXE
(Microsoft Corporation) C:\Windows\explorer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostex.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Farbar) D:\Users\,,,\Desktop\FRST64.exe
==================== Registry (All) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe, [25088 2013-08-22] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [21504 2013-08-22] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [2374784 2014-08-23] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2084520 2014-08-23] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\...\Run: [iFunBox Fast App Install Handler] => E:\i-Funbox\iFunBox.exe [2526720 2014-12-10] (i-Funbox.com)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Offline Files] -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll (Microsoft Corporation)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Internet (All) ===========================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-1453849942-4156065555-1198472979-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-1453849942-4156065555-1198472979-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1453849942-4156065555-1198472979-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-1453849942-4156065555-1198472979-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [67584] (Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [87040] (Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [87040] (Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\NLAapi.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Winsock: Catalog5-x64 08 C:\Windows\system32\wshbth.dll [63488] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [338432] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
FireFox:
========
FF ProfilePath: D:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\t9cs2aqm.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-1453849942-4156065555-1198472979-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - D:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\t9cs2aqm.default\Extensions\abs@avira.com [2015-02-03]
FF Extension: Battlefield Heroes Updater - D:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\t9cs2aqm.default\Extensions\battlefieldheroespatcher@ea.com [2014-12-20]
FF Extension: SQLite Manager - D:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\t9cs2aqm.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2015-01-05]
FF Extension: Adblock Edge - D:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\t9cs2aqm.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-02-03]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2015-01-26]
FF HKLM-x32\...\Mozilla Firefox 35.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF HKLM-x32\...\Mozilla Firefox 35.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (All) ========================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [208896 2014-02-22] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [92672 2013-08-22] (Microsoft Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [244736 2014-11-21] (AMD)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [37888 2013-08-22] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [110080 2014-10-08] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [183296 2013-08-23] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [151040 2013-08-23] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [530944 2013-12-10] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1306624 2014-03-08] (Microsoft Corporation)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [229888 2014-12-06] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [911360 2014-10-29] (Microsoft Corporation)
S4 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [109568 2013-08-30] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [339456 2014-04-26] (Microsoft Corporation)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [610688 2014-12-12] ()
R2 BFE; C:\Windows\System32\bfe.dll [827392 2014-04-30] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [1017856 2013-08-22] (Microsoft Corporation)
S4 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [267776 2014-08-16] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [134144 2014-07-24] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [92160 2013-08-22] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [155136 2013-08-22] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [278344 2014-05-20] (Intel Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [129536 2013-08-22] (Microsoft Corporation)
R2 CscService; C:\Windows\System32\cscsvc.dll [778240 2013-08-23] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [753664 2014-02-22] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [449536 2014-07-24] (Microsoft Corporation)
R2 DeviceAssociationService; C:\Windows\system32\das.dll [399872 2014-02-22] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [115200 2014-03-06] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [353280 2014-04-30] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [285696 2014-04-30] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [254464 2014-03-04] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [258560 2013-08-22] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [170496 2013-08-22] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [201728 2013-08-22] (Microsoft Corporation)
S3 Eaphost; C:\Windows\System32\eapsvc.dll [107008 2013-08-22] (Microsoft Corporation)
S3 EFS; C:\Windows\system32\efssvc.dll [40448 2013-08-22] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1669632 2013-08-22] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [468992 2013-08-22] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [329728 2013-08-22] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [655360 2013-08-22] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2013-08-22] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [33280 2013-08-22] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [118272 2013-08-22] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1345536 2014-04-30] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2013-08-03] (Microsoft Corporation)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1261056 2014-07-24] (Microsoft Corporation)
R3 hidserv; C:\Windows\system32\hidserv.dll [32256 2013-08-22] (Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [29696 2013-08-22] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [97792 2013-08-22] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [261632 2013-08-22] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [405504 2014-02-22] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [321536 2014-02-22] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-10-31] (Microsoft Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [1063424 2014-04-30] (Microsoft Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [260360 2014-03-11] (Intel Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [914432 2014-08-16] (Microsoft Corporation)
R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [643880 2015-01-27] (Apple Inc.)
S3 KeyIso; C:\Windows\system32\keyiso.dll [59392 2013-08-22] (Microsoft Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [357888 2013-08-22] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [324096 2014-07-24] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [284160 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2014-03-14] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [269824 2013-08-22] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2013-08-22] (Microsoft Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [710656 2014-02-22] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [70656 2013-08-22] (Microsoft Corporation)
S4 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-29] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [878080 2013-08-22] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [142848 2013-08-22] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [150528 2013-08-22] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [62464 2013-08-22] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [55808 2013-08-22] (Microsoft Corporation)
S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [90464 2013-08-23] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [435200 2013-08-22] (Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [164352 2013-08-22] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation)
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2013-08-22] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\netlogon.dll [834560 2014-03-06] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [254976 2013-08-22] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [525312 2013-08-22] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-08-10] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [391680 2014-12-06] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [29184 2013-08-22] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-08] (Electronic Arts)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [150600 2014-07-19] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [376320 2013-12-21] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [433664 2013-08-22] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [471552 2013-09-19] (Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [2176000 2013-08-23] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-22] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1443840 2013-08-22] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1477120 2013-08-22] (Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [115200 2014-03-06] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-01-14] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25600 2013-08-22] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [376320 2013-12-21] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [403456 2013-08-22] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [79360 2013-08-22] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2899968 2014-08-16] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [225280 2014-12-09] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [297472 2013-08-22] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [101376 2013-08-22] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [534528 2014-01-29] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [223744 2013-08-22] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [177664 2013-08-22] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [164864 2013-08-22] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79872 2013-08-22] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2013-08-22] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [753664 2014-02-22] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [45008 2013-08-22] (Microsoft Corporation)
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [188416 2013-08-22] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1212928 2014-08-02] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [155136 2013-08-22] (Microsoft Corporation)
R3 seclogon; C:\Windows\system32\seclogon.dll [30720 2013-08-22] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [71680 2013-08-22] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [220672 2013-08-23] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [324096 2014-03-06] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [280576 2014-03-06] (Microsoft Corporation)
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [433664 2013-09-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [629760 2013-08-22] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [564736 2013-08-22] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [315488 2015-01-02] (Skype Technologies)
S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2013-08-22] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [795136 2014-07-24] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [6353960 2013-12-21] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [239616 2013-08-22] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [144384 2013-08-22] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [834752 2015-01-23] (Valve Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [634368 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\system32\storsvc.dll [19968 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13312 2013-08-22] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [718336 2014-03-27] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1192448 2014-02-22] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [287744 2014-08-16] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [147456 2013-08-22] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [306688 2013-08-22] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [248320 2013-08-22] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [1018880 2014-04-14] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [50688 2013-08-22] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [70656 2013-08-22] (Microsoft Corporation)
R3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [245760 2013-08-22] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [122368 2013-08-22] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [99840 2014-02-22] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2013-08-22] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [289280 2013-08-23] (Microsoft Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [436224 2013-08-22] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [307200 2013-08-22] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\System32\vaultsvc.dll [248832 2013-08-22] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [1283584 2014-02-22] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1436160 2014-03-27] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [404480 2013-08-22] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1543680 2014-02-22] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [453632 2014-02-22] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [366080 2014-02-22] (Microsoft Corporation)
R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [459776 2013-09-12] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [41984 2013-08-22] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [34304 2013-08-22] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2013-08-22] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [80896 2013-08-22] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2013-08-22] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [80896 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [226816 2014-07-24] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [198656 2014-07-24] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [215040 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [81408 2014-02-22] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [107008 2014-02-22] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [66048 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [786432 2013-08-22] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [589312 2013-08-22] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [220672 2013-08-22] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2480128 2014-08-28] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2030592 2014-08-28] (Microsoft Corporation)
R2 WlanSvc; C:\Windows\System32\wlansvc.dll [1532416 2014-07-24] (Microsoft Corporation)
R3 wlidsvc; C:\Windows\system32\wlidsvc.dll [1576960 2014-02-22] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [195072 2013-08-22] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1403392 2014-02-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1600000 2014-07-24] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2013-08-22] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [11264 2013-08-22] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [84480 2014-07-24] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [135168 2014-04-09] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [845824 2014-02-22] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [658432 2014-02-22] (Microsoft Corporation)
S3 WSService; C:\Windows\System32\WSService.dll [3394384 2014-02-22] (Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\wuaueng.dll [3557376 2014-10-18] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [99840 2014-05-31] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [510464 2013-08-22] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S4 MainLSyncHost; e:\mpk\lsynchost.exe /startedbyscm:E4233B4F-40E3FE91-MPKService [X]
==================== Drivers (All) ==========================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [231424 2013-08-22] (Microsoft Corporation)
S0 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [539992 2014-02-22] (Microsoft Corporation)
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
R3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2013-08-22] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2013-08-22] (Microsoft Corporation)
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2013-08-22] (Microsoft Corporation)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AFD; C:\Windows\system32\drivers\afd.sys [563200 2014-05-30] (Microsoft Corporation)
S0 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [75776 2014-12-12] (Microsoft Corporation)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [18959360 2014-11-21] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [589312 2014-11-21] (Advanced Micro Devices, Inc.)
S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [98816 2013-08-22] (Microsoft Corporation)
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S3 AppID; C:\Windows\system32\drivers\appid.sys [83456 2013-09-14] (Microsoft Corporation)
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
S0 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S3 atillk64; C:\Program Files (x86)\ASUS\GPU Tweak\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [50688 2013-08-22] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [33280 2014-02-22] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [35168 2013-08-22] (Microsoft Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [7680 2013-08-22] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [102912 2013-08-22] (Microsoft Corporation)
S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
S3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [53248 2013-08-22] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2013-08-22] (Microsoft Corporation)
S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [63488 2013-08-22] (Microsoft Corporation)
S3 BthPan; C:\Windows\system32\DRIVERS\bthpan.sys [118272 2014-07-24] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [1200640 2014-07-24] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [81920 2014-01-31] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [88576 2013-08-22] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [164352 2013-08-22] (Microsoft Corporation)
S3 circlass; C:\Windows\System32\drivers\circlass.sys [44032 2013-08-22] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [376152 2014-03-20] (Microsoft Corporation)
S3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25472 2013-08-22] (Microsoft Corporation)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [563504 2015-01-15] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2013-08-22] (Microsoft Corporation)
R3 condrv; C:\Windows\System32\drivers\condrv.sys [43008 2013-08-22] (Microsoft Corporation)
R1 CSC; C:\Windows\System32\drivers\csc.sys [559616 2013-08-23] (Microsoft Corporation)
S1 dam; C:\Windows\System32\drivers\dam.sys [57696 2013-08-22] (Microsoft Corporation)
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [134144 2014-03-06] (Microsoft Corporation)
R0 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [29696 2013-08-22] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [14560 2013-08-22] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [1557848 2014-06-13] (Microsoft Corporation)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-08-08] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2013-08-22] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [200704 2013-08-22] (Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [217952 2013-08-22] (Microsoft Corporation)
S3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2013-08-22] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-02-22] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2013-08-22] (Microsoft Corporation)
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [25088 2013-08-22] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [360792 2014-04-06] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [56672 2013-08-22] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-04-08] (Microsoft Corporation)
S3 FxPPM; C:\Windows\System32\drivers\fxppm.sys [27136 2013-08-22] (Microsoft Corporation)
S0 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
R3 GEARAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [11264 2013-08-22] (Microsoft Corporation)
S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [146752 2014-08-15] (Microsoft Corporation)
R3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [395776 2013-08-22] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [76800 2014-07-24] (Microsoft Corporation)
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [26624 2013-08-22] (Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [96768 2013-08-22] (Microsoft Corporation)
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [41472 2013-08-22] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [45568 2013-08-22] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [33280 2014-03-06] (Microsoft Corporation)
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [994136 2014-01-29] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [13824 2013-08-22] (Microsoft Corporation)
S3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [22016 2013-08-22] (Microsoft Corporation)
S3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [107520 2013-08-22] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
R0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3791872 2014-05-20] (Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [38296 2014-05-06] (Intel Corporation)
S0 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-13] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [98816 2013-08-22] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [84992 2013-08-22] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [79872 2014-07-24] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [142848 2013-11-27] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2013-08-22] (Microsoft Corporation)
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [275800 2014-04-06] (Microsoft Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [27032 2014-05-06] (Intel Corporation)
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [58208 2013-08-22] (Microsoft Corporation)
R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [32256 2013-08-22] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-23] (Microsoft Corporation)
R3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [19456 2013-08-22] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [101208 2013-09-21] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [177984 2015-01-15] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21248 2013-08-22] (Microsoft Corporation)
R2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [59392 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S0 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [124416 2014-02-22] (Microsoft Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40960 2013-08-22] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\drivers\monitor.sys [30208 2013-08-22] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [51040 2013-08-22] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [30208 2013-08-22] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101728 2013-08-22] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [74240 2013-08-22] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2014-12-19] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [402432 2014-04-30] (Microsoft Corporation)
R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [283648 2014-03-06] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [206848 2014-06-20] (Microsoft Corporation)
S3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [115712 2014-07-24] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [30208 2013-08-22] (Microsoft Corporation)
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [41824 2013-08-22] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2013-08-22] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [9728 2013-08-22] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [10624 2013-08-22] (Microsoft Corporation)
R3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [66560 2013-08-22] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7040 2013-08-22] (Microsoft Corporation)
S3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6784 2013-08-22] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366432 2013-08-22] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [37728 2013-08-22] (Microsoft Corporation)
S3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [7936 2013-08-22] (Microsoft Corporation)
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [13312 2013-08-22] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R3 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [446976 2014-07-24] (Microsoft Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1118040 2014-06-05] (Microsoft Corporation)
S3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [43008 2013-08-22] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-07-24] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\system32\DRIVERS\ndistapi.sys [24576 2013-08-22] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [60416 2013-08-22] (Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation)
S3 NdisWanLegacy; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation)
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [72192 2013-08-22] (Microsoft Corporation)
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [103424 2013-08-22] (Microsoft Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2014-06-10] (Apple Inc.)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [48128 2013-08-22] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [282624 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [58880 2013-08-22] (Microsoft Corporation)
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23040 2013-08-22] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [39936 2013-08-22] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2009920 2014-07-24] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2013-08-22] (Microsoft Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
S0 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
S3 Parport; C:\Windows\System32\drivers\parport.sys [94208 2013-08-22] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [88928 2013-08-22] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S0 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R0 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-13] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663040 2014-02-22] (Microsoft Corporation)
S3 Processor; C:\Windows\System32\drivers\processr.sys [92160 2013-08-22] (Microsoft Corporation)
R1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [151552 2013-08-22] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [47104 2013-08-22] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2013-08-22] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [84992 2013-08-22] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [408576 2013-12-17] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2013-08-22] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [195584 2013-08-23] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [27456 2014-10-10] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-02-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\system32\DRIVERS\rfcomm.sys [167424 2014-01-27] (Microsoft Corporation)
R2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [80384 2013-08-22] (Microsoft Corporation)
S3 RTL8192su; C:\Windows\system32\DRIVERS\RTL8192su.sys [694856 2013-06-18] (Realtek Semiconductor Corporation )
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2013-08-22] (Microsoft Corporation)
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [40960 2013-08-22] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [238912 2014-10-13] (Microsoft Corporation)
S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [79192 2014-02-22] (Microsoft Corporation)
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2013-08-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [69472 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2013-08-22] (Microsoft Corporation)
R3 Serial; C:\Windows\System32\drivers\serial.sys [83456 2013-08-22] (Microsoft Corporation)
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [26112 2013-08-22] (Microsoft Corporation)
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [17408 2013-08-22] (Microsoft Corporation)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [412992 2014-07-24] (Microsoft Corporation)
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [72032 2013-08-22] (Microsoft Corporation)
R2 srv; C:\Windows\System32\DRIVERS\srv.sys [412160 2014-07-24] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [674816 2014-07-24] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [246272 2014-06-27] (Microsoft Corporation)
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S0 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [49984 2013-08-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
S3 storvsp; C:\Windows\System32\drivers\storvsp.sys [68608 2013-08-23] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\drivers\swenum.sys [14176 2013-08-22] (Microsoft Corporation)
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (The OpenVPN Project)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2497344 2014-09-08] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\system32\DRIVERS\tcpip.sys [2497344 2014-09-08] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [49152 2014-03-06] (Microsoft Corporation)
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [107520 2013-08-22] (Microsoft Corporation)
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [37216 2013-08-23] (Microsoft Corporation)
S3 TPM; C:\Windows\system32\drivers\tpm.sys [159584 2013-08-22] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56320 2013-08-22] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [29696 2013-08-22] (Microsoft Corporation)
R3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [154112 2013-08-22] (Microsoft Corporation)
S0 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [74080 2013-08-22] (Microsoft Corporation)
R3 UCX01000; C:\Windows\System32\drivers\ucx01000.sys [189784 2014-02-22] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [316928 2013-08-22] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S0 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\drivers\umbus.sys [46080 2013-08-22] (Microsoft Corporation)
R3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2013-08-22] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.)
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [143680 2014-07-24] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [98304 2013-08-22] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [89944 2014-05-31] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [419648 2014-07-24] (Microsoft Corporation)
R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [468288 2014-07-24] (Microsoft Corporation)
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2013-08-22] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [26112 2013-08-22] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [148800 2014-08-31] (Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [37376 2014-05-31] (Microsoft Corporation)
R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [325464 2014-02-22] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [175960 2013-09-14] (Microsoft Corporation)
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [551256 2014-01-29] (Microsoft Corporation)
S0 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S3 Vid; C:\Windows\System32\drivers\Vid.sys [220672 2013-08-23] (Microsoft Corporation)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [97088 2013-08-22] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [21760 2013-08-22] (Microsoft Corporation)
S3 vmbusr; C:\Windows\System32\drivers\vmbusr.sys [129536 2013-08-23] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S3 vpci; C:\Windows\System32\drivers\vpci.sys [69472 2013-08-22] (Microsoft Corporation)
S3 vpcivsp; C:\Windows\System32\drivers\vpcivsp.sys [65536 2013-08-23] (Microsoft Corporation)
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2013-08-22] (Microsoft Corporation)
R1 vwififlt; C:\Windows\system32\DRIVERS\vwififlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R0 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136024 2014-03-08] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [33632 2013-08-22] (Microsoft Corporation)
S3 WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [78848 2013-08-22] (Microsoft Corporation)
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [16384 2013-08-22] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 wpcfltr; C:\Windows\System32\DRIVERS\wpcfltr.sys [55328 2014-05-01] (Microsoft Corporation)
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [26976 2013-08-22] (Microsoft Corporation)
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2013-08-22] (Microsoft Corporation)
S3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WSDScan; C:\Windows\system32\DRIVERS\WSDScan.sys [23040 2013-08-22] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [110592 2014-05-31] (Microsoft Corporation)
R3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 HWiNFO32; \??\D:\Users\...\AppData\Local\Temp\HWiNFO64A.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== Files in the root of some directories =======
2015-02-18 18:37 - 2015-02-18 18:37 - 0013789 _____ () D:\Users\...\AppData\Local\recently-used.xbel
2015-02-17 14:46 - 2015-02-17 14:46 - 0000017 _____ () D:\Users\...\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
D:\Users\...\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-15 23:44
==================== End Of Log ============================
--- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by ... at 2015-02-18 22:33:44
Running from D:\Users\Marcel\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aptana Studio (HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\...\Aptana Studio 3.6.0) (Version: 3.6.0 - Appcelerator)
Aptana Studio (x32 Version: 3.6.0 - Appcelerator) Hidden
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Assassin's Creed III 1.01 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.4.2 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.5.4.2 - ASUSTek COMPUTER INC.) Hidden
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Heroes (HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{7B2CA5E9-763C-4FCE-81EE-13E81ABFE908}) (Version: 0.92.115 - Dotjosh Studios)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HWiNFO64 Version 4.50 (HKLM\...\HWiNFO64_is1) (Version: 4.50 - Martin Malík - REALiX)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iFunbox (v2.91.2439.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.91.2439.748 - )
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
Node.js (HKLM-x32\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YTD Video Downloader 4.8.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.4 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1453849942-4156065555-1198472979-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
04-02-2015 15:14:49 Installed League of Legends
11-02-2015 15:45:17 Geplanter Prüfpunkt
15-02-2015 17:32:02 Windows Update
17-02-2015 15:07:59 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
18-02-2015 15:32:43 Windows Live Essentials
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {23E1DFF0-6E88-4482-853C-D136850B1B21} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => E:\Other\CheckDrive\CheckDriveBackgroundGuard.exe
Task: {313DAFD2-B75F-4A67-9459-3EEEA2210F0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4C0EB931-088E-4EBF-AEF7-BAAE3D9CFD41} - System32\Tasks\Microsoft Office 15 Sync Maintenance for OPTIMUSPRIME-Fuzzy OptimusPrime => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {97C9E8D1-9387-4601-A9ED-BDC505936B37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {C361941F-678E-49C8-8991-8EF27A2DF99C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {CF4FE957-B571-471A-A009-92C1FB4000E2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {F29D23D3-312C-4DB2-ABF4-7B271E12ABC8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
==================== Loaded Modules (whitelisted) ==============
2014-08-06 17:09 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-06 17:02 - 2015-01-14 15:24 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-13 18:50 - 2015-01-29 17:49 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: D:\Users\...\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\Control Panel\Desktop\\Wallpaper -> D:\Users\...\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MainLSyncHost => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1453849942-4156065555-1198472979-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
==================== Accounts: =============================
Administrator (S-1-5-21-1453849942-4156065555-1198472979-500 - Administrator - Disabled) => D:\Users\Administrator
Fuzzy (S-1-5-21-1453849942-4156065555-1198472979-1001 - Administrator - Enabled) => D:\Users\...
Gast (S-1-5-21-1453849942-4156065555-1198472979-501 - Limited - Disabled) => D:\Users\TEMP
==================== Faulty Device Manager Devices =============
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/18/2015 06:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.16384, Zeitstempel: 0x52158c02
Name des fehlerhaften Moduls: MSI8A73.tmp, Version: 1.0.0.1, Zeitstempel: 0x546ea2fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00009320
ID des fehlerhaften Prozesses: 0x97c
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5
Error: (02/18/2015 06:39:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17284, Zeitstempel: 0x53f816dc
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53087867
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000f5dd
ID des fehlerhaften Prozesses: 0xbdc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5
Error: (02/18/2015 06:36:16 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ...)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c5
Error: (02/18/2015 06:36:13 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ...)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c5
Error: (02/18/2015 06:08:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.31.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f38
Startzeit: 01d04b9d7afdab62
Endzeit: 39
Anwendungspfad: C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe
Berichts-ID: d0745b3b-b790-11e4-82ea-10c37b6dd9f6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/18/2015 05:32:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.31.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1390
Startzeit: 01d04b9844044745
Endzeit: 26
Anwendungspfad: C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe
Berichts-ID: a82a1b10-b78b-11e4-82ea-10c37b6dd9f6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/18/2015 03:32:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (02/18/2015 03:32:43 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1453849942-4156065555-1198472979-501.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {718b85fd-65c3-4fab-97ea-068aaed9cbbc}
Error: (02/18/2015 02:03:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ec68
ID des fehlerhaften Prozesses: 0x180
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (02/17/2015 10:36:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3621, Zeitstempel: 0x5376e21a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ec68
ID des fehlerhaften Prozesses: 0x150
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
System errors:
=============
Error: (02/18/2015 02:28:21 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/18/2015 02:28:21 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/18/2015 02:03:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (02/18/2015 02:03:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 17.02.2015 um 23:56:13 unerwartet heruntergefahren.
Error: (02/18/2015 02:03:07 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841152016
Error: (02/17/2015 10:36:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (02/17/2015 10:36:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 17.02.2015 um 18:12:49 unerwartet heruntergefahren.
Error: (02/17/2015 10:36:04 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841152016
Error: (02/17/2015 04:12:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (02/17/2015 03:02:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Microsoft Office Sessions:
=========================
Error: (02/18/2015 06:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsiExec.exe5.0.9600.1638452158c02MSI8A73.tmp1.0.0.1546ea2fec00000050000932097c01d04ba1ecfc8801C:\Windows\syswow64\MsiExec.exeC:\Windows\Installer\MSI8A73.tmp2ac38f65-b795-11e4-82ea-10c37b6dd9f6
Error: (02/18/2015 06:39:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1728453f816dccombase.dll6.3.9600.1703153087867c0000005000000000000f5ddbdc01d04b7ba220107aC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\combase.dll24d3af73-b795-11e4-82ea-10c37b6dd9f6
Error: (02/18/2015 06:36:16 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ...)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c5
Error: (02/18/2015 06:36:13 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ...)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c5
Error: (02/18/2015 06:08:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.31.13f3801d04b9d7afdab6239C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exed0745b3b-b790-11e4-82ea-10c37b6dd9f6
Error: (02/18/2015 05:32:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.31.13139001d04b984404474526C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exea82a1b10-b78b-11e4-82ea-10c37b6dd9f6
Error: (02/18/2015 03:32:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable)
Error: (02/18/2015 03:32:43 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1453849942-4156065555-1198472979-501.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {718b85fd-65c3-4fab-97ea-068aaed9cbbc}
Error: (02/18/2015 02:03:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.36215376e21aigfxCUIService.exe6.15.10.36215376e21ac0000005000000000000ec6818001d04b7b42f4a769C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe853cdd5a-b76e-11e4-82ea-10c37b6dd9f6
Error: (02/17/2015 10:36:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.36215376e21aigfxCUIService.exe6.15.10.36215376e21ac0000005000000000000ec6815001d04af9c0e36c08C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe033bd9dd-b6ed-11e4-82e9-10c37b6dd9f6
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16325.9 MB
Available physical RAM: 13314.98 MB
Total Pagefile: 18757.9 MB
Available Pagefile: 15099.98 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.27 GB) (Free:30.29 GB) NTFS
Drive d: (Daten) (Fixed) (Total:600 GB) (Free:557.22 GB) NTFS
Drive e: (Programme) (Fixed) (Total:331.39 GB) (Free:152.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 479342BA)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
