Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Kann den Virus nicht aufspüren

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.03.2014, 15:00   #1
Bootluder
 
Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



Hallo Leutz,
bin neu hier und grüße erstmal nett in die Runde *wink*
Ich möchte einem Bekannten bei seinem Virenproblem helfen, aber komme leider nicht weiter. Folgender Sachverhalt: Er hat von der Telekom einen Brief bekommen, in dem ihm mitgeteilt wurde, dass über seinen DSL-Anschluß Spam verschickt wurde. Ein paar Tage später kam dann noch ein Brief, dass es erneut zu Spamversand kam und dass der Mailversand über SMTP von der Telekom eingeschränkt wurde (jedoch konnte er trotzdem über Outlook Mails verschicken...*grübel*).

An seinem Anschluß werden 1 PC (Win7 mit Avira Internetsecurity) und 2 Laptops (Win7 mit Kaspersky & WinXP mit Avira Internetsecurity) betrieben - jeder der drei könnte den Übeltäter enthalten. Und nun das Problem: Ich kann nichts finden!
Ich habe schon oft Leuten geholfen, Viren zu entfernen (auch dank dieses Forums hier ) und meist gehe ich erstmal so vor, dass ich die jeweilige Festplatte ausbaue und von meinem PC aus erstmalig mit Avira und Malwarebytes scannen lasse. Danach baue ich die HDD wieder ein und fahre das System normal hoch, um dann nochmals mit Malwarebytes zu scannen. Dabei kommen dann oft die meisten "Mißstände" zum Vorschein.
Hier jedoch nicht - ich habe noch nie zuvor solch "saubere" Windows-Installationen gesehen. Malwarebytes lief in allen drei Fällen tatsächlich durch, ohne jegliche Probleme zu finden. Bisher gabs IMMER was - und wenn es nur irgendwelcher "Nervkram" war (die Funde, die standardmäßig keinen Haken haben), aber hier war nix, nada, garnix...!

Jetzt steh ich natürlich etwas auf dem Schlauch - was kann ich noch tun?

THX, Bootluder

Alt 20.03.2014, 18:19   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



hi,

sorry aber deine Vorgehensweise bringt nüscht.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 20.03.2014, 19:34   #3
Bootluder
 
Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



Okay, hier erstmal die beiden Logs des ersten Laptops:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Name (administrator) on Name-PC on 20-03-2014 12:10:14
Running from C:\Users\Name\Desktop\Virus Windows Recovery
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\alu.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2012-06-17] (Broadcom Corporation)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [InstantUpdate] - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-06] ()
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2869096716-2307623600-3059601169-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\S-1-5-21-2869096716-2307623600-3059601169-1001\...\Run: [HP Officejet 6600 (NET)] - C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260928 2012-03-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215360 2012-03-21] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S3 Media Jukebox 14 Service; C:\Program Files (x86)\J River\Media Jukebox 14\JRService.exe [379400 2010-07-15] (J. River, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2012-06-17] (Broadcom Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-03-21] (Broadcom Corporation.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-25] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-25] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-02-25] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-20 12:09 - 2014-03-20 12:10 - 00000000 ____D () C:\FRST
2014-03-20 12:09 - 2014-03-20 12:09 - 00000000 _____ () C:\Users\Name\defogger_reenable
2014-03-20 12:07 - 2014-03-20 12:10 - 00000000 ____D () C:\Users\Name\Desktop\Virus Windows Recovery
2014-03-20 09:23 - 2014-03-20 09:23 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Malwarebytes
2014-03-20 09:20 - 2014-03-20 09:20 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 09:20 - 2014-03-20 09:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 09:20 - 2014-03-20 09:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 09:20 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-20 09:19 - 2013-04-16 11:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Name\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-18 21:39 - 2014-03-18 21:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 21:38 - 2014-03-02 14:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-12 01:53 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 01:53 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 01:53 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 01:53 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 01:53 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 01:53 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 01:53 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 01:53 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 01:53 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 01:53 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 01:53 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 01:53 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 01:53 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 01:53 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 01:53 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 01:53 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 01:53 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 01:53 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 01:53 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 01:53 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 01:53 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 01:53 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 01:53 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 01:53 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 01:53 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 01:53 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 01:53 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 01:53 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 01:53 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 01:53 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 01:53 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 01:53 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 01:53 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 01:53 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 01:53 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 01:53 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 01:53 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 01:53 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 01:53 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 01:53 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 01:53 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 01:53 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 01:53 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 01:53 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 01:53 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 01:53 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 01:53 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 01:53 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 00:08 - 2014-03-12 02:49 - 02533376 _____ () C:\Users\Name\Desktop\Fasten März 2014.ppt
2014-03-12 00:08 - 2014-03-12 00:09 - 00000000 ____D () C:\Users\Name\Desktop\Ablage
2014-03-10 16:38 - 2014-03-10 16:41 - 00000000 ____D () C:\Users\Name\Desktop\Bilder Präsentation
2014-03-06 23:04 - 2014-03-06 23:04 - 00921512 _____ (Oracle Corporation) C:\Users\Name\Downloads\JavaSetup7u51.com
2014-03-06 22:44 - 2014-03-06 22:44 - 00000000 ____D () C:\Users\Name\AppData\Local\{166CF34D-7A9F-4A35-B04B-5E64010E8874}
2014-03-02 22:56 - 2014-03-07 00:14 - 00000000 ____D () C:\Users\Name\AppData\Local\Windows Live
2014-03-02 22:55 - 2014-03-02 22:56 - 00000000 ____D () C:\Users\Name\AppData\Local\{779F87F2-AF49-4D26-B43B-160492DE04A1}
2014-02-25 01:22 - 2014-02-25 01:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-24 23:41 - 2014-02-24 23:41 - 00002338 _____ () C:\Users\Name\Desktop\Sicherer Zahlungsverkehr.lnk
2014-02-24 23:40 - 2014-02-24 23:40 - 00001128 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-02-24 23:40 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-02-24 23:39 - 2014-03-20 11:33 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-24 23:39 - 2014-02-24 23:39 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-02-24 23:39 - 2014-02-24 23:39 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-02-24 23:38 - 2014-03-20 11:33 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-02-24 23:38 - 2014-03-20 11:33 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-02-24 23:35 - 2014-02-24 23:37 - 257813336 _____ () C:\Users\Name\Downloads\kis14.0.0.4651de-de.exe
2014-02-24 23:30 - 2014-02-24 23:30 - 00000000 ____D () C:\Users\Name\AppData\Local\{36B0D273-586C-4ED0-8C1F-311F1593A77F}

==================== One Month Modified Files and Folders =======

2014-03-20 12:10 - 2014-03-20 12:09 - 00000000 ____D () C:\FRST
2014-03-20 12:10 - 2014-03-20 12:07 - 00000000 ____D () C:\Users\Name\Desktop\Virus Windows Recovery
2014-03-20 12:09 - 2014-03-20 12:09 - 00000000 _____ () C:\Users\Name\defogger_reenable
2014-03-20 12:09 - 2013-01-03 17:53 - 00000000 ____D () C:\Users\Name
2014-03-20 12:09 - 2012-06-17 12:02 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-03-20 12:09 - 2012-06-17 12:02 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-03-20 12:09 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-20 12:09 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 12:09 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 11:33 - 2014-02-24 23:39 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-20 11:33 - 2014-02-24 23:38 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-20 11:33 - 2014-02-24 23:38 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-20 11:21 - 2012-03-26 08:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-20 09:23 - 2014-03-20 09:23 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Malwarebytes
2014-03-20 09:21 - 2012-06-17 02:09 - 01393910 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 09:20 - 2014-03-20 09:20 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 09:20 - 2014-03-20 09:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 09:20 - 2014-03-20 09:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 09:19 - 2009-07-14 05:51 - 00065390 _____ () C:\Windows\setupact.log
2014-03-20 09:14 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 21:41 - 2014-03-18 21:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-12 22:41 - 2009-07-14 05:45 - 00435960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 03:00 - 2013-01-03 18:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 02:49 - 2014-03-12 00:08 - 02533376 _____ () C:\Users\Name\Desktop\Fasten März 2014.ppt
2014-03-12 00:09 - 2014-03-12 00:08 - 00000000 ____D () C:\Users\Name\Desktop\Ablage
2014-03-11 19:21 - 2012-03-26 08:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 19:21 - 2012-03-26 08:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 19:21 - 2012-03-26 08:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 16:41 - 2014-03-10 16:38 - 00000000 ____D () C:\Users\Name\Desktop\Bilder Präsentation
2014-03-07 17:05 - 2013-12-30 23:38 - 00000000 ____D () C:\Users\Name\Desktop\digitale Photos zum Verteilen
2014-03-07 00:14 - 2014-03-02 22:56 - 00000000 ____D () C:\Users\Name\AppData\Local\Windows Live
2014-03-06 23:04 - 2014-03-06 23:04 - 00921512 _____ (Oracle Corporation) C:\Users\Name\Downloads\JavaSetup7u51.com
2014-03-06 22:44 - 2014-03-06 22:44 - 00000000 ____D () C:\Users\Name\AppData\Local\{166CF34D-7A9F-4A35-B04B-5E64010E8874}
2014-03-04 23:32 - 2014-02-15 12:56 - 00000000 ____D () C:\Users\Name\Desktop\Neuer Ordner
2014-03-04 23:22 - 2013-03-17 19:22 - 00000000 ____D () C:\Users\Name\Documents\aktuelles Schuljahr
2014-03-02 22:56 - 2014-03-02 22:55 - 00000000 ____D () C:\Users\Name\AppData\Local\{779F87F2-AF49-4D26-B43B-160492DE04A1}
2014-03-02 14:05 - 2014-03-18 21:38 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-01 07:05 - 2014-03-12 01:53 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 01:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 01:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 01:53 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 01:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 01:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 01:53 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 01:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 01:53 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 01:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 01:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 01:53 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 01:53 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 01:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 01:53 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 01:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 01:53 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 01:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 01:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 01:53 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 01:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 01:53 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 01:53 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 01:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 01:53 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 01:53 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 01:53 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 01:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 01:53 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 01:53 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 01:53 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 01:53 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 01:53 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 01:53 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 01:53 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 01:53 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 01:53 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 01:53 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-26 23:33 - 2012-06-17 02:35 - 01594892 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 18:18 - 2010-11-21 04:47 - 00208296 _____ () C:\Windows\PFRO.log
2014-02-25 01:22 - 2014-02-25 01:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-25 01:22 - 2012-03-26 07:46 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-25 01:22 - 2012-03-26 07:45 - 00000000 ____D () C:\ProgramData\Skype
2014-02-25 00:05 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-02-25 00:05 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-02-25 00:05 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-02-24 23:41 - 2014-02-24 23:41 - 00002338 _____ () C:\Users\Name\Desktop\Sicherer Zahlungsverkehr.lnk
2014-02-24 23:40 - 2014-02-24 23:40 - 00001128 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-02-24 23:39 - 2014-02-24 23:39 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-02-24 23:39 - 2014-02-24 23:39 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-02-24 23:37 - 2014-02-24 23:35 - 257813336 _____ () C:\Users\Name\Downloads\kis14.0.0.4651de-de.exe
2014-02-24 23:30 - 2014-02-24 23:30 - 00000000 ____D () C:\Users\Name\AppData\Local\{36B0D273-586C-4ED0-8C1F-311F1593A77F}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 12:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Name at 2014-03-20 12:10:34
Running from C:\Users\Name\Desktop\Virus Windows Recovery
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

 clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Instant Update Service (HKLM\...\{36674AE9-6D3D-48D6-BC7B-209F556D65EE}) (Version: 1.00.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1107.1418 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.120 - Broadcom Corporation)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3004 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Hilfe (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.1.5 - Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.)
MAGIX Fotos auf DVD MX (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_MX) (Version: 11.0.1.73 - MAGIX AG)
MAGIX Fotos auf DVD MX (x32 Version: 11.0.1.73 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_MSI_PCVisit) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_MSI_Speed3_burnR_mxcdr_MSI) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Jukebox 14 (HKLM-x32\...\Media Jukebox 14) (Version: 14 - J. River, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 296.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.32 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.7.12 (Version: 1.7.12 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
NVIDIA Systemsteuerung 296.32 (Version: 296.32 - NVIDIA Corporation) Hidden
NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Studie zur Verbesserung von HP Officejet 6600 Produkten (HKLM\...\{E1A11879-5771-4E52-BA2E-CD5DD65BF970}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2610 - Broadcom Corporation)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

18-02-2014 17:51:59 Windows Update
22-02-2014 14:40:51 Windows Update
25-02-2014 00:22:07 Windows Update
26-02-2014 22:32:40 Windows Update
02-03-2014 21:48:23 Windows Update
07-03-2014 15:54:52 Windows Update
12-03-2014 00:51:49 Windows Update
12-03-2014 01:58:39 Windows Update
18-03-2014 20:16:32 Windows Update
18-03-2014 20:38:48 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {43F21135-BEE2-4D41-BEDD-3F3C94081D3F} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {8FCCD5FC-865A-49C0-8A55-FF5E70DD5FA1} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {AB61133F-D7B5-4CC2-A715-70342F2380C6} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {C22D605F-D547-4DF0-A0B7-15E1F622C68D} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {DC486354-47CF-4052-AE80-6927A3A7FB79} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {F1CF41AC-B867-40CB-9994-D8844AF977C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-05-14 11:29 - 2012-03-27 01:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-04-06 19:29 - 2012-04-06 19:29 - 00040552 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-04-06 19:29 - 2012-04-06 19:29 - 00022120 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-03-26 07:37 - 2012-02-02 00:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-17 02:25 - 2012-02-08 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2014 09:15:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 09:10:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2014 09:35:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/16/2014 00:59:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/16/2014 11:28:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2014 00:26:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2014 08:54:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2014 09:33:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2014 06:33:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/12/2014 10:41:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/20/2014 11:33:29 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/20/2014 09:14:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/18/2014 09:09:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/17/2014 09:33:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/16/2014 00:58:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/16/2014 11:38:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (03/16/2014 11:38:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (03/16/2014 11:27:12 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/15/2014 06:02:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (03/15/2014 06:02:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.


Microsoft Office Sessions:
=========================
Error: (03/20/2014 09:15:03 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 09:10:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2014 09:35:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/16/2014 00:59:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/16/2014 11:28:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/15/2014 00:26:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2014 08:54:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2014 09:33:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2014 06:33:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/12/2014 10:41:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-03-20 11:18:51.191
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 11:18:51.191
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 11:18:51.175
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 09:49:19.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 09:49:19.477
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 09:49:19.477
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-18 21:57:39.638
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-18 21:57:39.638
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-18 21:57:39.638
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-18 21:57:39.607
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 30%
Total physical RAM: 8030.36 MB
Available physical RAM: 5544.63 MB
Total Pagefile: 16058.89 MB
Available Pagefile: 13403.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:425.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: FD417A4B)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 20.03.2014, 19:36   #4
Bootluder
 
Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



Und hier nun die des zweiten Laptops:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Name2 (administrator) on ERHARDKIESEL on 20-03-2014 15:09:09
Running from C:\Dokumente und Einstellungen\Name2\Desktop\Virus Windows Recovery
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AuthenTec Inc.) C:\WINDOWS\system32\TAMSvr.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
(Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Programme\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(TOSHIBA Corporation) C:\WINDOWS\system32\00THotkey.exe
(TOSHIBA) C:\Programme\TOSHIBA\TAudEffect\TAudEff.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\Apoint.exe
( TOSHIBA CORPORATION) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSMain.exe
(TOSHIBA) C:\Programme\TOSHIBA\TME3\TMERzCtl.EXE
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSBattM.exe
(Nero AG) C:\Programme\Nero\Update\NASvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Controls\TFncKy.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\Apntex.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\ThpSrv.exe
(TOSHIBA) C:\Programme\TOSHIBA\TME3\Tmesrv31.exe
() C:\Programme\TrueSuite Access Manager\usbnotify.exe
(Arachnoid Biometrics Identification Group) C:\Programme\TrueSuite Access Manager\PwdBank.exe
(TOSHIBA) C:\Programme\TOSHIBA\TME3\TMEEJME.EXE
(TOSHIBA Corporation) C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TODDSrv.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(TomTom) C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(TOSHIBA CORPORATION) c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA Corp.) C:\WINDOWS\system32\TFNF5.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\thpsrv.exe
(TOSHIBA) C:\Programme\TOSHIBA\DualPointUtility\TEDTray.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\ConfigFree\CFSServ.exe
(Hewlett-Packard) C:\Programme\HP\HP Software Update\HPWuSchd2.exe
(TuneUp Software) C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(ArcSoft Inc.) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Ask) C:\Programme\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(ArcSoft Inc.) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ArcCon.ac
(APN) C:\Programme\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(TOSHIBA) C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe
(Microsoft Corporation) C:\Programme\Messenger\msmsgs.exe
(TOSHIBA CORPORATION.) C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
(TOSHIBA CORPORATION.) c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
(TOSHIBA CORPORATION.) c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) c:\Programme\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) c:\Programme\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
(TuneUp Software) C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16860672 2008-04-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [00THotkey] - C:\WINDOWS\system32\00THotkey.exe [253952 2006-08-11] (TOSHIBA Corporation)
HKLM\...\Run: [000StTHK] - C:\WINDOWS\system32\000StTHK.exe [24576 2001-06-23] ()
HKLM\...\Run: [TAudEffect] - C:\Programme\TOSHIBA\TAudEffect\TAudEff.exe [344144 2006-08-09] (TOSHIBA)
HKLM\...\Run: [Apoint] - C:\Programme\Apoint2K\Apoint.exe [196608 2004-03-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ITSecMng] - C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [75136 2007-09-28] ( TOSHIBA CORPORATION)
HKLM\...\Run: [SmoothView] - C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe [143360 2007-05-11] (TOSHIBA Corporation)
HKLM\...\Run: [TPSODDCtl] - C:\WINDOWS\system32\TPSODDCtl.exe [118784 2007-11-21] (TOSHIBA Corporation)
HKLM\...\Run: [TPSMain] - C:\WINDOWS\system32\TPSMain.exe [299008 2007-11-21] (TOSHIBA Corporation)
HKLM\...\Run: [TMERzCtl.EXE] - C:\Programme\TOSHIBA\TME3\TMERzCtl.EXE [86016 2008-05-19] (TOSHIBA)
HKLM\...\Run: [TMESRV.EXE] - C:\Programme\TOSHIBA\TME3\TMESRV31.EXE [118784 2006-01-19] (TOSHIBA)
HKLM\...\Run: [TOSDCR] - C:\WINDOWS\system32\TOSDCR.EXE [57344 2005-12-12] (TOSHIBA Corporation)
HKLM\...\Run: [TosHKCW.exe] - C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe [172032 2007-10-05] (TOSHIBA CORPORATION)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [TFncKy] - TFncKy.exe
HKLM\...\Run: [TPCHWMsg] - C:\Programme\TOSHIBA\TPHM\TPCHWMsg.exe [451944 2008-05-27] (TOSHIBA Corporation)
HKLM\...\Run: [DDWMon] - C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [495616 2007-04-26] (TOSHIBA Corporation)
HKLM\...\Run: [FingerPrintNotifer] - C:\Programme\TrueSuite Access Manager\FpNotifier.exe [671744 2008-04-28] (AuthenTec, Inc)
HKLM\...\Run: [UsbMonitor] - C:\Programme\TrueSuite Access Manager\usbnotify.exe [94208 2007-06-05] ()
HKLM\...\Run: [PwdBank] - C:\Programme\TrueSuite Access Manager\PwdBank.exe [3151360 2008-05-16] (Arachnoid Biometrics Identification Group)
HKLM\...\Run: [topi] - C:\Programme\TOSHIBA\Toshiba Online Product Information\topi.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [TFNF5] - C:\WINDOWS\system32\TFNF5.exe [622592 2006-04-10] (TOSHIBA Corp.)
HKLM\...\Run: [ThpSrv] - C:\WINDOWS\system32\thpsrv /logon
HKLM\...\Run: [DpUtil] - C:\Programme\TOSHIBA\DualPointUtility\TEDTray.exe [155648 2005-08-08] (TOSHIBA)
HKLM\...\Run: [GrooveMonitor] - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [CFSServ.exe] - CFSServ.exe -NoClient
HKLM\...\Run: [HP Software Update] - C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [ArcSoft Connection Service] - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [ApnUpdater] - C:\Programme\Ask.com\Updater\Updater.exe [1398440 2011-12-14] (Ask)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [421888 2010-09-08] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ApnTBMon] - C:\Programme\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
Winlogon\Notify\ATFUS: C:\WINDOWS\system32\FpWinLogonNp.dll (AuthenTec,Inc)
Winlogon\Notify\TosBtNP: C:\WINDOWS\system32\TosBtNP.dll (TOSHIBA CORPORATION)
HKU\S-1-5-21-2313479675-372243385-2072744378-1005\...\Run: [TOSCDSPD] - C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2005-04-12] (TOSHIBA)
HKU\S-1-5-21-2313479675-372243385-2072744378-1005\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-2313479675-372243385-2072744378-1005\...\Run: [TomTomHOME.exe] - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe [247768 2012-07-26] (TomTom)
HKU\S-1-5-21-2313479675-372243385-2072744378-1005\...\MountPoints2: {1eb74b60-d7a8-11de-871e-0016eade4332} - E:\LaunchU3.exe -a
HKU\S-1-5-21-2313479675-372243385-2072744378-1005\...\MountPoints2: {d82dba2f-1399-11e1-87e9-00037a8e8022} - E:\LaunchU3.exe -a
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\Name2\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://avira.search.ask.com/?p2=%5EB0Q%5EYYYYYY%5EZF%5EDE&gct=hp&o=APN11074&apn_ptnrs=%5EB0Q&apn_dtid=%5EYYYYYY%5EZF%5EDE&tpid=AVIRA-V7&apn_dbr=ie_8.0.6001.18702&trgb=ALL&apn_uid=920A125D-7C6F-499F-ABCB-0640EA66A3F5&itbv=12.5.1.1249&doi=2013-10-21&psv=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Programme\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://avira.search.ask.com/web?p2=%5EB0Q%5EYYYYYY%5EZF%5EDE&gct=sb&itbv=12.5.1.1249&o=APN11074&tpid=AVIRA-V7&apn_uid=920A125D-7C6F-499F-ABCB-0640EA66A3F5&apn_ptnrs=%5EB0Q&apn_dtid=%5EYYYYYY%5EZF%5EDE&apn_dbr=ie_8.0.6001.18702&doi=2013-10-21&trgb=ALL&q={searchTerms}&psv=
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://avira.search.ask.com/web?p2=%5EB0Q%5EYYYYYY%5EZF%5EDE&gct=sb&itbv=12.5.1.1249&o=APN11074&tpid=AVIRA-V7&apn_uid=920A125D-7C6F-499F-ABCB-0640EA66A3F5&apn_ptnrs=%5EB0Q&apn_dtid=%5EYYYYYY%5EZF%5EDE&apn_dbr=ie_8.0.6001.18702&doi=2013-10-21&trgb=ALL&q={searchTerms}&psv=
SearchScopes: HKCU - {DDC6BFD6-B1C2-43BB-9C1D-CF511C46B987} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Winsock: Catalog9 01 C:\Programme\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Programme\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 22 C:\Programme\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Chrome NaCl) - C:\Programme\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Google Gears 0.5.33.0) - C:\Programme\Google\Chrome\Application\33.0.1750.154\gears.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.53\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Dokumente und Einstellungen\Name2\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2013-11-06]
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-24]

========================== Services (Whitelisted) =================

R2 ACDaemon; C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirFirewallService; C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe [1012280 2013-12-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirMailService; C:\Programme\Avira\AntiVir Desktop\avmailc.exe [896592 2014-03-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-03-13] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Programme\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672 2010-08-13] (Apple Inc.)
R2 Authentec memory manager; C:\WINDOWS\system32\TAMSvr.exe [49152 2008-03-31] (AuthenTec Inc.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [345376 2010-07-27] (Apple Inc.)
R2 CFSvcs; C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2005-01-17] (TOSHIBA CORPORATION)
S2 FingerprintServer; C:\WINDOWS\system32\FpLogonServ.exe [106496 2007-11-02] (AuthenTec,Inc)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-11-19] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-11-19] (Google Inc.)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [820008 2010-09-24] (Apple Inc.)
S3 Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 NAUpdate; C:\Programme\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 Tmesrv; C:\Programme\TOSHIBA\TME3\Tmesrv31.exe [118784 2006-01-19] (TOSHIBA)
R2 TNaviSrv; C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2008-06-04] (TOSHIBA Corporation)
R2 TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [92632 2012-07-26] (TomTom)
R2 TOSHIBA Bluetooth Service; c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [124264 2008-04-11] (TOSHIBA CORPORATION)
R2 TPCHSrv; C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe [628072 2008-05-27] (TOSHIBA Corporation)
R2 TuneUp.UtilitiesSvc; C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [1523008 2011-03-30] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [327808 2005-07-20] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [100096 2005-07-20] (Aladdin Knowledge Systems Ltd.)
R0 AlfaFF; C:\WINDOWS\System32\Drivers\AlfaFF.sys [42608 2008-02-29] (Alfa Corporation)
R3 ATSWPDRV; C:\WINDOWS\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc.)
R3 avfwim; C:\WINDOWS\System32\DRIVERS\avfwim.sys [92448 2013-10-21] (Avira GmbH)
R1 avfwot; C:\WINDOWS\System32\DRIVERS\avfwot.sys [113024 2013-10-21] (Avira GmbH)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [90400 2013-12-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [135648 2013-12-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 e1yexpress; C:\WINDOWS\System32\DRIVERS\e1y5132.sys [244368 2008-03-27] (Intel Corporation)
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [685056 2005-07-28] (Aladdin Knowledge Systems Ltd.)
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2009-08-27] (Aladdin Knowledge Systems)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2009-08-26] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2009-08-26] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [41216 2007-07-24] (Infineon Technologies AG)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 Netdevio; C:\WINDOWS\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3626112 2008-04-28] (Intel Corporation)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-10-21] (Avira GmbH)
R2 tdudf; C:\WINDOWS\System32\DRIVERS\tdudf.sys [105856 2007-03-26] (TOSHIBA Corporation)
R3 TEchoCan; C:\WINDOWS\System32\DRIVERS\TEchoCan.sys [435072 2007-02-21] (TOSHIBA Corporation)
R1 TMEI3E; C:\WINDOWS\System32\Drivers\TMEI3E.SYS [5888 2004-06-16] (Toshiba Corporation)
R2 trudf; C:\WINDOWS\System32\DRIVERS\trudf.sys [134016 2007-02-19] (TOSHIBA Corporation)
R3 TuneUpUtilitiesDrv; C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [10064 2010-11-29] (TuneUp Software)
R2 TVALZFL; C:\WINDOWS\System32\DRIVERS\TVALZFL.sys [4992 2008-04-30] (TOSHIBA Corporation)
S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-20 15:07 - 2014-03-20 15:09 - 00000000 ____D () C:\FRST
2014-03-20 15:06 - 2014-03-20 15:06 - 00000000 _____ () C:\Dokumente und Einstellungen\Name2\defogger_reenable
2014-03-20 13:14 - 2014-03-20 13:14 - 00000000 ____D () C:\Dokumente und Einstellungen\Name2\Anwendungsdaten\Malwarebytes
2014-03-20 13:06 - 2014-03-20 13:06 - 00000756 _____ () C:\Dokumente und Einstellungen\Name2\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 13:06 - 2014-03-20 13:06 - 00000000 ____D () C:\Programme\Malwarebytes' Anti-Malware
2014-03-20 13:06 - 2014-03-20 13:06 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-03-20 13:06 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-20 13:04 - 2014-03-20 15:09 - 00000000 ____D () C:\Dokumente und Einstellungen\Name2\Desktop\Virus Windows Recovery
2014-03-20 13:02 - 2014-03-20 13:03 - 00000000 ____D () C:\WINDOWS\LastGood
2014-03-20 13:02 - 2014-03-20 13:02 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IETldCache
2014-03-18 17:46 - 2014-03-20 13:11 - 00153867 _____ () C:\WINDOWS\setupapi.log
2014-03-12 03:09 - 2014-03-12 23:02 - 02157568 _____ () C:\Dokumente und Einstellungen\Name2\Desktop\Fasten März 2014.ppt

==================== One Month Modified Files and Folders =======

2014-03-20 15:09 - 2014-03-20 15:07 - 00000000 ____D () C:\FRST
2014-03-20 15:09 - 2014-03-20 13:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Name2\Desktop\Virus Windows Recovery
2014-03-20 15:06 - 2014-03-20 15:06 - 00000000 _____ () C:\Dokumente und Einstellungen\Name2\defogger_reenable
2014-03-20 15:06 - 2009-02-22 13:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Name2
2014-03-20 15:02 - 2013-07-16 22:07 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-20 15:01 - 2011-04-18 23:57 - 00000242 _____ () C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
2014-03-20 14:31 - 2009-11-19 22:46 - 00001104 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-20 14:01 - 2011-04-25 00:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Name2\Lokale Einstellungen\Anwendungsdaten\AskToolbar
2014-03-20 13:24 - 2008-07-21 13:24 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-20 13:15 - 2008-07-21 13:21 - 02095464 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-20 13:14 - 2014-03-20 13:14 - 00000000 ____D () C:\Dokumente und Einstellungen\Name2\Anwendungsdaten\Malwarebytes
2014-03-20 13:11 - 2014-03-18 17:46 - 00153867 _____ () C:\WINDOWS\setupapi.log
2014-03-20 13:11 - 2008-07-21 13:14 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-20 13:08 - 2009-03-04 13:09 - 08405015 _____ () C:\WINDOWS\TempFile
2014-03-20 13:08 - 2008-07-21 14:19 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-20 13:08 - 2008-07-21 14:19 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-03-20 13:07 - 2009-11-19 22:46 - 00001100 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-20 13:07 - 2008-07-21 13:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-20 13:06 - 2014-03-20 13:06 - 00000756 _____ () C:\Dokumente und Einstellungen\Name2\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-20 13:06 - 2014-03-20 13:06 - 00000000 ____D () C:\Programme\Malwarebytes' Anti-Malware
2014-03-20 13:06 - 2014-03-20 13:06 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-03-20 13:06 - 2008-07-21 14:18 - 00000000 ___RD () C:\Programme
2014-03-20 13:06 - 2008-07-21 13:24 - 00000190 ___SH () C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2014-03-20 13:03 - 2014-03-20 13:02 - 00000000 ____D () C:\WINDOWS\LastGood
2014-03-20 13:02 - 2014-03-20 13:02 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\IETldCache
2014-03-20 13:02 - 2008-07-21 14:18 - 00236559 _____ () C:\WINDOWS\setupact.log
2014-03-20 13:02 - 2008-07-21 13:24 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf
2014-03-20 13:02 - 2008-07-21 13:24 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator
2014-03-20 13:01 - 2011-01-14 12:58 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-03-20 13:01 - 2008-07-21 13:23 - 00032568 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-18 20:00 - 2009-02-22 13:54 - 00000190 ___SH () C:\Dokumente und Einstellungen\Name2\ntuser.ini
2014-03-18 18:35 - 2009-11-19 22:49 - 00001769 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2014-03-18 18:03 - 2013-10-21 23:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 17:41 - 2008-07-21 14:18 - 00268600 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-13 18:38 - 2009-12-20 14:25 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-13 18:38 - 2009-02-22 18:23 - 00121915 _____ () C:\WINDOWS\updspapi.log
2014-03-13 18:38 - 2008-07-21 14:18 - 01903487 _____ () C:\WINDOWS\FaxSetup.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00919308 _____ () C:\WINDOWS\ocgen.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00875920 _____ () C:\WINDOWS\tsoc.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00644729 _____ () C:\WINDOWS\comsetup.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00586852 _____ () C:\WINDOWS\msmqinst.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00388524 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00334188 _____ () C:\WINDOWS\netfxocm.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00131548 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00105537 _____ () C:\WINDOWS\ocmsn.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00096460 _____ () C:\WINDOWS\tabletoc.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00095425 _____ () C:\WINDOWS\msgsocm.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00087365 _____ () C:\WINDOWS\iis6.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-13 18:38 - 2008-07-21 14:18 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-13 18:37 - 2008-07-21 14:07 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2014-03-13 18:35 - 2009-02-22 18:26 - 00267340 _____ () C:\WINDOWS\system32\TZLog.log
2014-03-13 18:31 - 2008-07-21 14:18 - 01034566 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-13 18:27 - 2012-04-08 22:43 - 01031404 _____ () C:\WINDOWS\setupapi.log.1.old
2014-03-13 18:23 - 2008-07-21 14:18 - 02003114 _____ () C:\WINDOWS\iis6.BAK
2014-03-12 23:02 - 2014-03-12 03:09 - 02157568 _____ () C:\Dokumente und Einstellungen\Name2\Desktop\Fasten März 2014.ppt
2014-03-12 23:02 - 2013-07-16 22:06 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-12 23:02 - 2013-07-16 22:06 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-02 14:03 - 2009-12-06 11:03 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-24 16:24 - 2009-03-08 04:32 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 16:24 - 2008-07-21 13:14 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 12:45 - 2012-06-14 23:04 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 12:45 - 2010-06-16 19:10 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 12:45 - 2009-12-20 14:25 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 12:45 - 2009-12-20 14:25 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 12:45 - 2009-12-20 14:25 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 12:45 - 2009-12-20 14:25 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 12:45 - 2009-12-20 14:25 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 12:45 - 2009-12-20 14:25 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 12:45 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 12:45 - 2009-03-08 04:34 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 12:45 - 2009-03-08 04:34 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 12:45 - 2009-03-08 04:34 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 12:45 - 2009-03-08 04:34 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 12:45 - 2009-03-08 04:33 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 12:45 - 2009-03-08 04:33 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 12:45 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 12:45 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 12:45 - 2009-03-08 04:32 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 12:45 - 2009-03-08 04:31 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 12:45 - 2009-03-08 04:31 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 12:45 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 12:45 - 2009-02-22 17:31 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 12:45 - 2009-02-22 17:31 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 12:45 - 2009-02-22 17:24 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 12:45 - 2008-07-21 13:14 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 12:45 - 2008-07-21 13:14 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 12:44 - 2009-03-08 14:09 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 12:44 - 2009-03-08 04:33 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 12:44 - 2008-07-21 13:14 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 12:44 - 2008-07-21 13:14 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 11:54 - 2008-07-21 13:14 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Name2\Lokale Einstellungen\Temp\avgnt.exe
C:\Dokumente und Einstellungen\Name2\Lokale Einstellungen\Temp\setup.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-07-21 13:14] - [2008-04-14 13:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\WINDOWS\system32\winlogon.exe
[2008-07-21 13:14] - [2008-04-14 13:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\WINDOWS\system32\svchost.exe
[2008-07-21 13:14] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\WINDOWS\system32\services.exe
[2008-07-21 13:14] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\WINDOWS\system32\User32.dll
[2008-07-21 13:14] - [2008-04-14 13:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\WINDOWS\system32\userinit.exe
[2008-07-21 13:14] - [2008-04-14 13:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\WINDOWS\system32\rpcss.dll
[2008-07-21 13:14] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-07-21 13:14] - [2008-04-14 13:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================
         
--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Name2 at 2014-03-20 15:08:13
Running from C:\Dokumente und Einstellungen\Name2\Desktop\Virus Windows Recovery
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: FireWall (Disabled) {11638345-E4FC-4BEE-BB73-EC754659C5F6}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 8.1.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A81300000003}) (Version: 8.1.4 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}) (Version: 3.2.0.47 - Apple Inc.)
Apple Software Update (HKLM\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM\...\{D56401D6-E356-4CA5-97A3-024D666F5E5C}) (Version: 6.1.7.129 - ArcSoft)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.0.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.19709 - Ask.com) <==== ATTENTION
Avira Internet Security (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4690 - APN, LLC)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v6.10.07.2(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}) (Version: 2.0.3.0 - Apple Inc.)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 1.00.008 - TOSHIBA)
Copy (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Deinstallationsprogamm für TOSHIBA Mobile Extension3 (Version:  - ) Hidden
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2200_ProductContext (Version: 100.0.215.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2200_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2200_Software_Min (Version: 100.0.239.000 - Hewlett-Packard) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
F2200 (Version: 100.0.206.000 - Ihr Firmenname) Hidden
F2200_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
FotoWorks XL (HKLM\...\FotoWorks XL_is1) (Version: Aktuelle Version - IN MEDIA KG)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
Hotfix für Windows XP (KB2158563) (HKLM\...\KB2158563) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 (HKLM\...\{D77D43B5-ED55-426b-B67B-E21F804F6102}) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)
HP Update (HKLM\...\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}) (Version: 4.000.007.003 - Hewlett-Packard)
HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}) (Version: 10.0.1.22 - Apple Inc.)
Java(TM) 6 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Language Pack - DEU (HKLM\...\Microsoft .NET Framework 2.0 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42 - Microsoft Corporation) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSN (HKLM\...\MSNINST) (Version:  - )
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Burning ROM 10 (HKLM\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100 - Nero AG) Hidden
Nero BurnRights 10 (HKLM\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (Version: 10.2.10600.0.6 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (Version: 2.0.17400.8.2 - Nero AG) Hidden
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Nimo Codecs Pack v5.0 (Remove Only) (HKLM\...\NimoCorp) (Version:  - )
OVT Scanner X86 (HKLM\...\{6B566EFE-DC1D-471F-93DD-84832663F140}) (Version: 1.00.0000 - Ihr Firmenname)
OZ776 SCR Driver V1.1.4.202 (HKLM\...\InstallShield_{068B2432-7CF2-449C-97A6-95E16E7F4880}) (Version: 1.1.4.202 - O2Micro)
OZ776 SCR Driver V1.1.4.202 (Version: 1.1.4.202 - O2Micro) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
Radar 9 (HKLM\...\Radar 9) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5599 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.05 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.54.05 - RICOH)
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Step by Step Interactive Training (KB898458) (HKLM\...\KB898458) (Version: 20050502.101010 - Microsoft Corporation)
Sicherheitsupdate für Step by Step Interactive Training (KB923723) (HKLM\...\KB923723) (Version: 20050502.101010 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (HKLM\...\KB2360131-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (HKLM\...\KB2416400-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (HKLM\...\KB2497640-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (HKLM\...\KB2530548-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (HKLM\...\KB2559049-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834902) (HKLM\...\KB2834902_WM10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834902-v2) (HKLM\...\KB2834902-v2_WM10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 10 (KB917734) (HKLM\...\KB917734_WMP10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 10 (KB936782) (HKLM\...\KB936782_WMP10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2279986) (HKLM\...\KB2279986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296199) (HKLM\...\KB2296199) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2436673) (HKLM\...\KB2436673) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276) (HKLM\...\KB2536276) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923689) (HKLM\...\KB923689) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464) (HKLM\...\KB938464) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954211) (HKLM\...\KB954211) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954459) (HKLM\...\KB954459) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954600) (HKLM\...\KB954600) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956841) (HKLM\...\KB956841) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958215) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960714) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961371-v2) (HKLM\...\KB961371-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971961) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981957) (HKLM\...\KB981957) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)
SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
STvcard 4.0.0 gold (HKLM\...\STvcard gold_is1) (Version:  - )
TomTom HOME (HKLM\...\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}) (Version: 2.9.1 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version:  - )
TOSHIBA Benutzerhandbücher (HKLM\...\{1C971EE3-B4C4-4367-9676-57549919C6CE}) (Version: 7.40 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 5.90.09 - )
TOSHIBA Controls (HKLM\...\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}) (Version:  - )
TOSHIBA Cooling Performance Diagnostic Tool (Version: 1.00.02 - TOSHIBA Corporation) Hidden
TOSHIBA Dienstprogramm für duales Zeigegerät (HKLM\...\{4323A3CF-D66F-46BC-AD16-B94D7BF05CF1}) (Version:  - )
TOSHIBA Dienstprogramme (HKLM\...\InstallShield_{56190F69-01D3-46CA-9861-43377C5E9B87}) (Version: 4.30.17 - TOSHIBA)
TOSHIBA Direct Disc Writer (HKLM\...\{400830CA-F056-4BBE-80A3-9DF9CA4FB889}) (Version: 1.1.0.0a - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.3 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.40.11 - TOSHIBA Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.0.2.4 - TOSHIBA Corporation)
TOSHIBA Hotkey Utility für Anzeigegeräte (HKLM\...\TFNF5) (Version:  - )
TOSHIBA Kühlleistungs-Diagnosetool (HKLM\...\InstallShield_{7F3B0E97-447F-4199-84E3-7745BAA2E497}) (Version: 1.00.02 - TOSHIBA Corporation)
TOSHIBA Mic Effect (HKLM\...\{0577A2AA-DEA0-4D40-8372-4211102D43E4}) (Version: 2.08.04 - TOSHIBA)
TOSHIBA Mobile Extension3 (HKLM\...\{3B8D9FA4-745C-47C9-962D-4ABE6ACE136B}) (Version: 3.86.00.XP.T4 - TOSHIBA)
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 1.00.0012 - TOSHIBA)
TOSHIBA Password Utility (Version: 2.01.09.u - TOSHIBA) Hidden
TOSHIBA Passwort-Utility (HKLM\...\InstallShield_{C0FC3B56-E345-40CD-A5CB-7EB791CE3E74}) (Version: 2.01.09.u - TOSHIBA)
TOSHIBA PC Diagnostic Tool (Version: 3.2.8 - TOSHIBA) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.0.4.0 - TOSHIBA Corporation)
TOSHIBA PC-Diagnose-Tool (HKLM\...\InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}) (Version: 3.2.8 - TOSHIBA)
TOSHIBA Power Saver (HKLM\...\InstallShield_{9ACBDDE2-DD2D-4103-8ECE-D1A9F7F03D1A}) (Version: 7.11.00 - )
TOSHIBA Power Saver (Version: 7.11.00 - ) Hidden
TOSHIBA SD Memory Boot Utility (HKLM\...\{BBF5493A-05FB-4449-90DE-84A61EB78154}) (Version: 1.3.1.1A - TOSHIBA)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.3 - TOSHIBA)
TOSHIBA Sicherheits-Assistent (HKLM\...\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}) (Version: 1.2.0 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD04) - Agere Systems)
TOSHIBA USB Sleep and Charge Utility (HKLM\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.0.6.0 - TOSHIBA)
TOSHIBA Utilities (Version: 4.30.17 - TOSHIBA) Hidden
TOSHIBA Utility zum Bildschirmwechsel (HKLM\...\TDspBtn) (Version:  - )
TOSHIBA Wireless Key Logon (HKLM\...\{FC4C645F-8EBC-4F1E-A517-D1505B43A374}) (Version: 2.0.0.5 - TOSHIBA Corporation)
TOSHIBA Zoom-Dienstprogramm (HKLM\...\{64212898-097F-4F3F-AECA-6D34A7EF82DF}) (Version: 2.00.00.24c - TOSHIBA)
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrueSuite Access Manager (HKLM\...\{A2075A09-28AA-4D30-9BCC-82EAD9FA51BD}) (Version: 2.01.11.00 - ABIG)
TuneUp Utilities 2011 (HKLM\...\TuneUp Utilities 2011) (Version: 10.0.4010.25 - TuneUp Software)
TuneUp Utilities 2011 (Version: 10.0.4010.25 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 10.0.4010.25 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 9.0.4100.36 - TuneUp Software) Hidden
UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 10 (HKLM\...\Windows Media Player) (Version:  - )
Wireless Hotkey (HKLM\...\{7862BAD8-A379-4128-8AA1-EFD5A9603C53}) (Version: 3.0.0.3 - TOSHIBA)

==================== Restore Points  =========================

21-10-2013 21:19:11 Systemprüfpunkt
21-10-2013 22:15:06 Software Distribution Service 3.0
06-11-2013 22:21:18 Software Distribution Service 3.0
06-11-2013 23:22:40 Software Distribution Service 3.0
11-11-2013 19:50:55 Software Distribution Service 3.0
11-11-2013 21:15:54 Software Distribution Service 3.0
11-11-2013 21:25:34 Software Distribution Service 3.0
12-11-2013 17:22:42 Software Distribution Service 3.0
12-11-2013 19:32:09 Software Distribution Service 3.0
25-12-2013 19:07:41 Installation eines unsignierten Treibers
25-12-2013 20:49:16 Installation eines unsignierten Treibers
26-12-2013 12:34:04 Installation eines unsignierten Treibers
27-12-2013 15:17:10 Systemprüfpunkt
11-03-2014 23:23:38 Systemprüfpunkt
13-03-2014 17:23:32 Software Distribution Service 3.0
18-03-2014 17:00:18 Software Distribution Service 3.0
18-03-2014 19:00:32 Software Distribution Service 3.0
20-03-2014 12:43:34 Systemprüfpunkt

==================== Hosts content: ==========================

2008-07-21 13:14 - 2008-04-14 13:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job => C:\Programme\Ask.com\UpdateTask.exe

==================== Loaded Modules (whitelisted) =============

2013-10-21 23:13 - 2013-10-21 22:00 - 00394824 _____ () C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
2008-07-21 14:04 - 2007-06-05 15:42 - 00094208 _____ () C:\Programme\TrueSuite Access Manager\usbnotify.exe
2005-07-22 20:30 - 2005-07-22 20:30 - 00065536 _____ () C:\WINDOWS\system32\TosCommAPI.dll
2013-10-21 23:13 - 2012-09-23 21:31 - 00447848 _____ () C:\Programme\Avira\AntiVir Desktop\libxml2.dll
2013-10-21 23:13 - 2012-09-23 21:31 - 00060264 _____ () C:\Programme\Avira\AntiVir Desktop\cares.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Intel(R) Wireless WiFi Link 5100
Description: Intel(R) Wireless WiFi Link 5100
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: NETw5x32
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2014 01:12:30 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung CssSvr.exe, Version 1.0.0.1, fehlgeschlagenes Modul FPSuites.dll, Version 2.3.0.2, Fehleradresse 0x00003748.
Das medienspezifische Ereignis für [CssSvr.exe!ws!] wird verarbeitet.

Error: (03/20/2014 01:12:08 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung CssSvr.exe, Version 1.0.0.1, fehlgeschlagenes Modul FPSuites.dll, Version 2.3.0.2, Fehleradresse 0x00003748.
Das medienspezifische Ereignis für [CssSvr.exe!ws!] wird verarbeitet.

Error: (03/20/2014 01:09:04 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung FpNotifier.exe, Version 2.3.0.0, fehlgeschlagenes Modul FPSuites.dll, Version 2.3.0.2, Fehleradresse 0x00003748.
Das medienspezifische Ereignis für [FpNotifier.exe!ws!] wird verarbeitet.

Error: (03/20/2014 01:08:36 PM) (Source: COM) (User: )
Description: Die anwendungsspezifische Sicherheitsbeschreibung für den Zugriff auf die COM-Serveranwendung c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ist ungültig. Sie enthält Zugriffssteuerungseinträge mit ungültigen Berechtigungen. Die angeforderte Aktion wurde daher nicht ausgeführt. Diese Sicherheitsberechtigung wurde programmgesteuert von der Anwendung festgelegt. Wenn Sie die Sicherheitsberechtigung ändern möchten, wenden Sie sich an den Hersteller der Anwendung.

Error: (03/20/2014 00:58:44 PM) (Source: COM) (User: )
Description: Die anwendungsspezifische Sicherheitsbeschreibung für den Zugriff auf die COM-Serveranwendung c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ist ungültig. Sie enthält Zugriffssteuerungseinträge mit ungültigen Berechtigungen. Die angeforderte Aktion wurde daher nicht ausgeführt. Diese Sicherheitsberechtigung wurde programmgesteuert von der Anwendung festgelegt. Wenn Sie die Sicherheitsberechtigung ändern möchten, wenden Sie sich an den Hersteller der Anwendung.

Error: (03/20/2014 00:46:42 PM) (Source: COM) (User: )
Description: Die anwendungsspezifische Sicherheitsbeschreibung für den Zugriff auf die COM-Serveranwendung c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ist ungültig. Sie enthält Zugriffssteuerungseinträge mit ungültigen Berechtigungen. Die angeforderte Aktion wurde daher nicht ausgeführt. Diese Sicherheitsberechtigung wurde programmgesteuert von der Anwendung festgelegt. Wenn Sie die Sicherheitsberechtigung ändern möchten, wenden Sie sich an den Hersteller der Anwendung.

Error: (03/18/2014 06:29:52 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung CssSvr.exe, Version 1.0.0.1, fehlgeschlagenes Modul FPSuites.dll, Version 2.3.0.2, Fehleradresse 0x00003748.
Das medienspezifische Ereignis für [CssSvr.exe!ws!] wird verarbeitet.

Error: (03/18/2014 06:29:11 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung CssSvr.exe, Version 1.0.0.1, fehlgeschlagenes Modul FPSuites.dll, Version 2.3.0.2, Fehleradresse 0x00003748.
Das medienspezifische Ereignis für [CssSvr.exe!ws!] wird verarbeitet.

Error: (03/18/2014 06:27:16 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung FpNotifier.exe, Version 2.3.0.0, fehlgeschlagenes Modul FPSuites.dll, Version 2.3.0.2, Fehleradresse 0x00003748.
Das medienspezifische Ereignis für [FpNotifier.exe!ws!] wird verarbeitet.

Error: (03/18/2014 06:26:01 PM) (Source: COM) (User: )
Description: Die anwendungsspezifische Sicherheitsbeschreibung für den Zugriff auf die COM-Serveranwendung c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ist ungültig. Sie enthält Zugriffssteuerungseinträge mit ungültigen Berechtigungen. Die angeforderte Aktion wurde daher nicht ausgeführt. Diese Sicherheitsberechtigung wurde programmgesteuert von der Anwendung festgelegt. Wenn Sie die Sicherheitsberechtigung ändern möchten, wenden Sie sich an den Hersteller der Anwendung.


System errors:
=============
Error: (03/20/2014 01:11:27 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Fingerprint Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/20/2014 01:11:26 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
atapi
PCIIde

Error: (03/20/2014 01:11:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß gestartet.

Error: (03/20/2014 01:06:50 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/20/2014 01:06:19 PM) (Source: DCOM) (User: Name2)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "netman" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (03/20/2014 01:06:19 PM) (Source: DCOM) (User: Name2)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/20/2014 01:05:19 PM) (Source: DCOM) (User: Name2)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "wuauserv" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (03/20/2014 01:04:46 PM) (Source: DCOM) (User: Name2)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/20/2014 01:04:34 PM) (Source: DCOM) (User: Name2)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/20/2014 01:03:50 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AFD
atapi
avfwot
avipbb
avkmgr
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
PCIIde
RasAcd
Rdbss
ssmdrv
Tcpip
TMEI3E
Tosrfcom


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 1913.09 MB
Available physical RAM: 1192.36 MB
Total Pagefile: 3805.66 MB
Available Pagefile: 3060.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:29.89 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 435FE2AB)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 21.03.2014, 11:16   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



und das dritte Gerät?

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.03.2014, 12:19   #6
Bootluder
 
Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



Sorry, das 3. Gerät habe ich ihm erstmal wiedergegeben. Es gibt gute Gründe anzunehmen, dass der PC NICHT der Übeltäter ist. Im ersten Schreiben der Telekom wurde angegeben, dass der Vorfall am 29.01.2014 um 23 Uhr stattfand. Mein Bekannter meint, der PC wäre zu diesem Zeitpunkt nicht an gewesen, aber sicher ist er sich nicht.
Darf ich vorschlagen, dass wir uns den PC an dieser Stelle nochmal vornehmen, wenn wir auf den Laptops nicht fündig werden?

Es gibt natürlich auch noch eine andere Möglichkeit: Die vorhandenen Schutzprogramme haben in der Zwischenzeit den Virus erkannt und entfernt - wär das möglich?

THX, Bootluder

Alt 22.03.2014, 10:26   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



Wäre möglich, wäre aber gemeldet worden. Ich sehe (neben en bissl Adware) nichts in beiden Logfiles.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.03.2014, 12:22   #8
Bootluder
 
Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



Okay, dann wissen ja schon etwas mehr. Ich werde die beiden Laptops jetzt erstmal an meinen Bekannten zurückgeben und versuche, nochmal den PC zu bekommen. Den scanne ich dann mit Farbar und poste auch diese Logs hier, ja?

THX, Bootluder

Alt 23.03.2014, 10:48   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



genau
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.04.2014, 17:32   #10
Bootluder
 
Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



So, da bin ich wieder. Hab den PC jetzt hier und mit Farbar gescannt.
Hier die Logs:

FRST.TXT

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 26 days old and could be outdated)
Ran by Name (administrator) on Name-PC on 08-04-2014 18:21:57
Running from C:\Users\Name\Desktop\Farbar
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SfWinStartInfo] - C:\Program Files (x86)\SFirm\sfWinStartupInfo.exe [144544 2012-07-29] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKU\S-1-5-21-102656172-1607243574-3129769047-1000\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-102656172-1607243574-3129769047-1000\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-102656172-1607243574-3129769047-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-102656172-1607243574-3129769047-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-102656172-1607243574-3129769047-1000\...\Run: [HP Officejet 6600 (NET)] - C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
Startup: C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
ShortcutTarget: Microsoft Office Outlook 2003.lnk -> C:\Windows\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
Startup: C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9B0FCC221E4DCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKCU - {E372A1B9-6A53-4459-8D66-CA2C2E22AFB4} URL = hxxp://avira.search.ask.com/web?p2=%5EB0Q%5EYYYYYY%5EYY%5EDE&gct=&itbv=12.2.2.663&o=APN11074&tpid=AVIRA-V7&apn_uid=45418CD7-770F-4D58-AB7C-89E237036652&apn_ptnrs=%5EB0Q&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=iexplore.exe_6_10.0.9200.16660&doi=2013-08-19&trgb=ALL&q={searchTerms}&psv=
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF ProfilePath: C:\Users\Name\AppData\Roaming\Mozilla\Firefox\Profiles\sykycois.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2013-08-20]
CHR Extension: (Google Wallet) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

==================== Services (Whitelisted) =================

R2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [1012280 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896592 2014-03-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-03-04] (Avira Operations GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2013-08-19] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2013-08-19] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
S3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-08 18:21 - 2014-04-08 18:21 - 00000000 ____D () C:\FRST
2014-04-08 18:20 - 2014-04-08 18:21 - 00000000 ____D () C:\Users\Name\Desktop\Farbar
2014-04-08 12:34 - 2014-04-08 12:34 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-04 14:51 - 2014-04-04 14:51 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-04 14:50 - 2014-04-04 14:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-04 14:50 - 2014-04-04 14:51 - 00000000 ____D () C:\Program Files\iTunes
2014-04-04 14:50 - 2014-04-04 14:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-04 14:50 - 2014-04-04 14:50 - 00000000 ____D () C:\Program Files\iPod
2014-04-04 14:48 - 2014-04-04 14:48 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-04 14:48 - 2014-04-04 14:48 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-04 14:45 - 2014-04-04 14:45 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-04-04 14:45 - 2014-04-04 14:45 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-30 20:41 - 2014-03-30 20:41 - 00002990 _____ () C:\Windows\System32\Tasks\{C6093017-D902-438A-956A-93E714B6CB94}
2014-03-30 20:41 - 2014-03-30 20:41 - 00002990 _____ () C:\Windows\System32\Tasks\{47976DFF-C147-4F88-A078-D9DB1EDA5D6C}
2014-03-23 19:19 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-23 19:19 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-19 10:37 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-19 10:37 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-19 10:37 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-19 10:37 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-19 10:37 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-19 10:37 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-19 10:37 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-19 10:37 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-19 10:37 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-19 10:37 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-19 10:37 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-19 10:37 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-19 10:37 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-19 10:37 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-19 10:37 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-19 10:37 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-19 10:36 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-03-19 10:36 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-03-19 10:36 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-03-19 10:36 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-03-19 10:36 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-03-19 10:36 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-03-19 10:36 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-03-19 10:34 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-19 10:34 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-19 10:34 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-19 10:34 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-19 10:14 - 2014-03-19 10:28 - 00000000 ____D () C:\Program Files (x86)\PantsOff
2014-03-18 10:05 - 2014-03-18 10:05 - 00007617 _____ () C:\Users\Name\AppData\Local\Resmon.ResmonCfg
2014-03-17 18:49 - 2014-03-17 18:49 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Malwarebytes
2014-03-17 18:47 - 2014-03-17 18:47 - 00000000 ____D () C:\Sauber
2014-03-17 18:45 - 2014-04-08 12:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 18:45 - 2014-03-17 18:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Malwarebytes
2014-03-17 18:45 - 2014-03-17 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 18:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 18:35 - 2014-03-17 18:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\GHISLER
2014-03-17 18:31 - 2014-03-17 18:31 - 00087856 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-17 18:29 - 2014-03-17 18:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Avira
2014-03-17 18:27 - 2014-03-17 18:27 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-17 18:24 - 2014-03-17 18:24 - 00001421 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-17 18:24 - 2014-03-17 18:24 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ____D () C:\Users\Administrator
2014-03-17 18:24 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-17 18:24 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-12 07:37 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 07:37 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 07:37 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 07:37 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 07:37 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 07:37 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 07:37 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 07:37 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 07:37 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 07:37 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 07:37 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 07:37 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 07:37 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 07:37 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 07:37 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 07:37 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 07:37 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 07:37 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 07:37 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 07:37 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 07:37 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 07:37 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 07:37 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 07:37 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 07:37 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 07:37 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 07:37 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 07:37 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 07:37 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 07:37 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 07:37 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 07:37 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 07:37 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 07:37 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 07:37 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 07:37 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 07:37 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 07:37 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 07:37 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 07:37 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 07:35 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 07:35 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 07:35 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 07:35 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 07:31 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 07:31 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 07:31 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 07:31 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-08 18:21 - 2014-04-08 18:21 - 00000000 ____D () C:\FRST
2014-04-08 18:21 - 2014-04-08 18:20 - 00000000 ____D () C:\Users\Name\Desktop\Farbar
2014-04-08 18:21 - 2011-04-12 09:43 - 00702970 _____ () C:\Windows\system32\perfh007.dat
2014-04-08 18:21 - 2011-04-12 09:43 - 00150628 _____ () C:\Windows\system32\perfc007.dat
2014-04-08 18:21 - 2009-07-14 07:13 - 01629442 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-08 18:20 - 2012-07-09 00:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-08 18:20 - 2012-05-24 13:24 - 01605669 _____ () C:\Windows\WindowsUpdate.log
2014-04-08 18:20 - 2009-07-14 06:51 - 00091189 _____ () C:\Windows\setupact.log
2014-04-08 18:19 - 2012-05-28 10:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-08 12:34 - 2014-04-08 12:34 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-08 12:34 - 2014-03-17 18:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-08 12:21 - 2009-07-14 06:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-08 12:21 - 2009-07-14 06:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-08 12:13 - 2012-07-09 00:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-08 12:13 - 2012-05-30 12:27 - 00000000 ____D () C:\Program Files (x86)\SFirm
2014-04-08 12:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 16:02 - 2012-07-03 23:33 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E20BB58B-66B0-4A6A-9C6E-3BD9EBA78786}
2014-04-04 14:51 - 2014-04-04 14:51 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-04 14:51 - 2014-04-04 14:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-04 14:51 - 2014-04-04 14:50 - 00000000 ____D () C:\Program Files\iTunes
2014-04-04 14:51 - 2014-04-04 14:50 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-04 14:50 - 2014-04-04 14:50 - 00000000 ____D () C:\Program Files\iPod
2014-04-04 14:48 - 2014-04-04 14:48 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-04 14:48 - 2014-04-04 14:48 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-04 14:45 - 2014-04-04 14:45 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-04-04 14:45 - 2014-04-04 14:45 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-04 07:14 - 2012-07-09 00:11 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-04 07:14 - 2012-07-09 00:11 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 13:59 - 2013-12-18 10:31 - 00000000 ____D () C:\Users\Name\Desktop\EBM-Auswertung
2014-03-30 20:42 - 2014-02-25 19:38 - 01648918 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-30 20:41 - 2014-03-30 20:41 - 00002990 _____ () C:\Windows\System32\Tasks\{C6093017-D902-438A-956A-93E714B6CB94}
2014-03-30 20:41 - 2014-03-30 20:41 - 00002990 _____ () C:\Windows\System32\Tasks\{47976DFF-C147-4F88-A078-D9DB1EDA5D6C}
2014-03-25 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-23 22:31 - 2013-03-15 14:06 - 00000000 ____D () C:\Users\Name\Desktop\Ablage
2014-03-23 19:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-19 10:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-19 10:36 - 2013-08-06 00:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 10:34 - 2012-05-24 14:04 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 10:28 - 2014-03-19 10:14 - 00000000 ____D () C:\Program Files (x86)\PantsOff
2014-03-18 10:05 - 2014-03-18 10:05 - 00007617 _____ () C:\Users\Name\AppData\Local\Resmon.ResmonCfg
2014-03-17 18:49 - 2014-03-17 18:49 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Malwarebytes
2014-03-17 18:47 - 2014-03-17 18:47 - 00000000 ____D () C:\Sauber
2014-03-17 18:45 - 2014-03-17 18:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Malwarebytes
2014-03-17 18:45 - 2014-03-17 18:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 18:43 - 2012-08-26 17:02 - 00000000 ____D () C:\Program Files\Google
2014-03-17 18:43 - 2012-07-09 00:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-17 18:43 - 2010-11-21 05:47 - 00386096 _____ () C:\Windows\PFRO.log
2014-03-17 18:35 - 2014-03-17 18:35 - 00000000 ____D () C:\Users\Administrator\AppData\Local\GHISLER
2014-03-17 18:31 - 2014-03-17 18:31 - 00087856 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-17 18:29 - 2014-03-17 18:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Avira
2014-03-17 18:27 - 2014-03-17 18:27 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-17 18:27 - 2012-08-26 17:01 - 00000000 ____D () C:\ProgramData\Google
2014-03-17 18:24 - 2014-03-17 18:24 - 00001421 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-17 18:24 - 2014-03-17 18:24 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-03-17 18:24 - 2014-03-17 18:24 - 00000000 ____D () C:\Users\Administrator
2014-03-16 23:15 - 2012-07-09 00:11 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 07:57 - 2013-01-26 16:36 - 00166400 ___SH () C:\Users\Name\Desktop\Thumbs.db
2014-03-12 23:28 - 2009-07-14 06:45 - 00357776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 08:47 - 2012-05-28 10:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 08:47 - 2012-05-28 10:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 08:47 - 2012-05-28 10:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Administrator\AppData\Local\Temp\Quarantine.exe
C:\Users\Name\AppData\Local\Temp\avgnt.exe
C:\Users\Name\AppData\Local\Temp\dicom.dll
C:\Users\Name\AppData\Local\Temp\mxtcl.dll
C:\Users\Name\AppData\Local\Temp\mxtk.dll
C:\Users\Name\AppData\Local\Temp\Tktable.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-31 07:07

==================== End Of Log ============================
         
--- --- ---

--- --- ---


ADDITION.TXT
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Name at 2014-04-08 18:22:31
Running from C:\Users\Name\Desktop\Farbar
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: FireWall (Enabled) {753F9273-B322-2907-AC37-03D0F1702F22}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Internet Security (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.106 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.106 - Etron Technology) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Hilfe (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10300 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero MediaHub 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SFirm (HKLM-x32\...\{A600A500-6AAC-48AB-B29C-145483B3A127}) (Version: 2.39.3.250.2 - Star Finanz GmbH)
Studie zur Verbesserung von HP Officejet 6600 Produkten (HKLM\...\{E1A11879-5771-4E52-BA2E-CD5DD65BF970}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Restore Points  =========================

19-03-2014 08:34:27 Windows Update
23-03-2014 22:17:31 Windows Update
31-03-2014 05:14:20 Geplanter Prüfpunkt
07-04-2014 05:31:25 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {111F400D-5D94-49BF-9D3A-F8C94A06E5C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {1660EE67-0AC6-402D-8C0E-F289D4176829} - System32\Tasks\{47976DFF-C147-4F88-A078-D9DB1EDA5D6C} => C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE [2003-07-14] (Microsoft Corporation)
Task: {19D0DD99-6740-4067-99F8-D3ABFB8919EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3BD082E3-9DCF-45F5-885F-868E78E4E8ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-09] (Google Inc.)
Task: {4E043B32-B1B5-4D86-AA04-87DCC69F8262} - System32\Tasks\{C6093017-D902-438A-956A-93E714B6CB94} => C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE [2003-07-14] (Microsoft Corporation)
Task: {6026F4CA-5B2C-4746-8385-F8AD14B8A565} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-09] (Google Inc.)
Task: {88FE1BFA-9AAF-4AE4-A7C1-9D2ACACFE899} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {F6E263F2-EB0B-4FEA-ACDC-19DD0B54A1E4} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-19 10:38 - 2013-08-19 07:50 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-08-19 10:38 - 2012-05-30 09:30 - 00447848 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\libxml2.dll
2013-08-19 10:38 - 2012-05-30 09:30 - 00060264 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\cares.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/08/2014 00:13:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2014 06:36:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/07/2014 00:26:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/07/2014 06:34:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 10:39:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 05:56:35 PM) (Source: Microsoft Office 11) (User: )
Description: Accepted Safe Mode action : Microsoft Office Outlook.

Error: (04/04/2014 03:13:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 06:25:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2014 06:16:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/02/2014 09:04:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/08/2014 06:19:43 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (04/08/2014 02:47:50 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (04/08/2014 00:12:17 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (04/08/2014 00:12:17 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (04/08/2014 00:11:58 PM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (04/08/2014 09:01:05 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/08/2014 08:00:59 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/08/2014 06:34:40 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (04/08/2014 06:34:40 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (04/08/2014 06:34:20 AM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.


Microsoft Office Sessions:
=========================
Error: (04/08/2014 00:13:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2014 06:36:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/07/2014 00:26:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/07/2014 06:34:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 10:39:20 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 05:56:35 PM) (Source: Microsoft Office 11)(User: )
Description: Microsoft Office OutlookOutlook konnte zuletzt nicht korrekt gestartet werden.  Das Starten von Outlook im abgesicherten Modus hilft Ihnen, ein Startproblem zu korrigieren oder zu isolieren, so dass Sie das Programm erfolgreich starten können. Einige Funktionen können in diesem Modus deaktiviert sein.

Möchten Sie Outlook im abgesicherten Modus starten?

Error: (04/04/2014 03:13:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/04/2014 06:25:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2014 06:16:06 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/02/2014 09:04:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 7679.23 MB
Available physical RAM: 5884.49 MB
Total Pagefile: 7677.41 MB
Available Pagefile: 5668.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:976.57 GB) (Free:877.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:886.44 GB) (Free:743.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EDD49399)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 09.04.2014, 13:36   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



Da is auch nix drauf
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.04.2014, 13:49   #12
Bootluder
 
Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



Hmm...ich weiß jetzt nicht so recht, ob ich mich darüber freuen soll
Und der Scan mit Farbar deckt wirklich ALLES auf, was in Frage käme?

THX, Bootluder

Alt 10.04.2014, 09:31   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



was in Frage käme, ja. Du hast ja alle noch mit MBAM durchgescannt. und das bei ausgebauter Platte, also nicht aktiv. Spätestens da sollte dann was kommen.

Kannst aber auch nochmal ne Runde Rootkit scans machen, aber eher unnötig:

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.04.2014, 16:00   #14
Bootluder
 
Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



So, hier das Tdsskiller-Log:

Code:
ATTFilter
16:54:23.0697 0x11f0  TDSS rootkit removing tool 3.0.0.30 Apr  7 2014 15:39:12
16:54:30.0951 0x11f0  ============================================================
16:54:30.0951 0x11f0  Current date / time: 2014/04/10 16:54:30.0951
16:54:30.0951 0x11f0  SystemInfo:
16:54:30.0951 0x11f0  
16:54:30.0951 0x11f0  OS Version: 6.1.7601 ServicePack: 1.0
16:54:30.0951 0x11f0  Product type: Workstation
16:54:30.0951 0x11f0  ComputerName: ERHARD-PC
16:54:30.0951 0x11f0  UserName: Name
16:54:30.0951 0x11f0  Windows directory: C:\Windows
16:54:30.0951 0x11f0  System windows directory: C:\Windows
16:54:30.0951 0x11f0  Running under WOW64
16:54:30.0951 0x11f0  Processor architecture: Intel x64
16:54:30.0951 0x11f0  Number of processors: 4
16:54:30.0951 0x11f0  Page size: 0x1000
16:54:30.0951 0x11f0  Boot type: Normal boot
16:54:30.0951 0x11f0  ============================================================
16:54:37.0737 0x11f0  KLMD registered as C:\Windows\system32\drivers\83350029.sys
16:54:37.0861 0x11f0  System UUID: {A0349B4A-0398-105E-9B1B-0F292F670B71}
16:54:38.0392 0x11f0  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:54:38.0407 0x11f0  Drive \Device\Harddisk5\DR5 - Size: 0xF8C00000 (3.89 Gb), SectorSize: 0x200, Cylinders: 0x1FB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:54:38.0407 0x11f0  ============================================================
16:54:38.0407 0x11f0  \Device\Harddisk0\DR0:
16:54:38.0407 0x11f0  MBR partitions:
16:54:38.0407 0x11f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7A1237FC
16:54:38.0407 0x11f0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7A12383B, BlocksNum 0x6ECE3C86
16:54:38.0407 0x11f0  \Device\Harddisk5\DR5:
16:54:38.0407 0x11f0  MBR partitions:
16:54:38.0407 0x11f0  \Device\Harddisk5\DR5\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7C5FC1
16:54:38.0407 0x11f0  ============================================================
16:54:38.0454 0x11f0  C: <-> \Device\Harddisk0\DR0\Partition1
16:54:38.0485 0x11f0  D: <-> \Device\Harddisk0\DR0\Partition2
16:54:38.0485 0x11f0  ============================================================
16:54:38.0485 0x11f0  Initialize success
16:54:38.0485 0x11f0  ============================================================
16:55:08.0157 0x1038  ============================================================
16:55:08.0157 0x1038  Scan started
16:55:08.0157 0x1038  Mode: Manual; SigCheck; TDLFS; 
16:55:08.0157 0x1038  ============================================================
16:55:08.0157 0x1038  KSN ping started
16:55:21.0666 0x1038  KSN ping finished: true
16:55:22.0758 0x1038  ================ Scan system memory ========================
16:55:22.0758 0x1038  System memory - ok
16:55:22.0758 0x1038  ================ Scan services =============================
16:55:22.0930 0x1038  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:55:23.0133 0x1038  1394ohci - ok
16:55:23.0180 0x1038  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:55:23.0211 0x1038  ACPI - ok
16:55:23.0211 0x1038  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:55:23.0289 0x1038  AcpiPmi - ok
16:55:23.0382 0x1038  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:55:23.0429 0x1038  AdobeARMservice - ok
16:55:23.0554 0x1038  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:55:23.0570 0x1038  AdobeFlashPlayerUpdateSvc - ok
16:55:23.0616 0x1038  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:55:23.0648 0x1038  adp94xx - ok
16:55:23.0663 0x1038  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:55:23.0679 0x1038  adpahci - ok
16:55:23.0694 0x1038  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:55:23.0710 0x1038  adpu320 - ok
16:55:23.0726 0x1038  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:55:23.0850 0x1038  AeLookupSvc - ok
16:55:23.0913 0x1038  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
16:55:23.0991 0x1038  AFD - ok
16:55:24.0006 0x1038  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:55:24.0022 0x1038  agp440 - ok
16:55:24.0038 0x1038  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:55:24.0084 0x1038  ALG - ok
16:55:24.0116 0x1038  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:55:24.0131 0x1038  aliide - ok
16:55:24.0178 0x1038  [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:55:24.0240 0x1038  AMD External Events Utility - ok
16:55:24.0256 0x1038  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:55:24.0287 0x1038  amdide - ok
16:55:24.0287 0x1038  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:55:24.0334 0x1038  AmdK8 - ok
16:55:24.0350 0x1038  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:55:24.0381 0x1038  AmdPPM - ok
16:55:24.0412 0x1038  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:55:24.0428 0x1038  amdsata - ok
16:55:24.0474 0x1038  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:55:24.0506 0x1038  amdsbs - ok
16:55:24.0521 0x1038  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:55:24.0521 0x1038  amdxata - ok
16:55:24.0615 0x1038  [ 2297460EC100F34DC455CC0EFD21D442, 51CB916517BA5DFCD0B9D21987FEC645DA6BDD558215E2494D0DB3BF1F4BC914 ] AntiVirFirewallService C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
16:55:24.0646 0x1038  AntiVirFirewallService - ok
16:55:24.0708 0x1038  [ 05637A079383F84628B91EE9B4B1F143, 289F2FF08F8F14AC30B86664B32AC0E387E0918D647A4E0554522B95CDB9454B ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
16:55:24.0740 0x1038  AntiVirMailService - ok
16:55:24.0818 0x1038  [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:55:24.0849 0x1038  AntiVirSchedulerService - ok
16:55:24.0896 0x1038  [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:55:24.0911 0x1038  AntiVirService - ok
16:55:24.0942 0x1038  [ 3D15C6EDBF84D792ACEBD2289546DBAF, 8E9199028CF4599CE362836CAD4DEC1E033F10335377280A4268E14D0201B1EB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
16:55:24.0974 0x1038  AntiVirWebService - ok
16:55:24.0989 0x1038  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:55:25.0036 0x1038  AppID - ok
16:55:25.0067 0x1038  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:55:25.0161 0x1038  AppIDSvc - ok
16:55:25.0208 0x1038  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:55:25.0270 0x1038  Appinfo - ok
16:55:25.0364 0x1038  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:55:25.0410 0x1038  Apple Mobile Device - ok
16:55:25.0426 0x1038  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:55:25.0457 0x1038  arc - ok
16:55:25.0457 0x1038  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:55:25.0473 0x1038  arcsas - ok
16:55:25.0598 0x1038  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:55:25.0691 0x1038  aspnet_state - ok
16:55:25.0707 0x1038  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:55:25.0769 0x1038  AsyncMac - ok
16:55:25.0800 0x1038  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:55:25.0800 0x1038  atapi - ok
16:55:25.0910 0x1038  [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:55:25.0988 0x1038  athr - ok
16:55:26.0206 0x1038  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:55:26.0409 0x1038  atikmdag - ok
16:55:26.0440 0x1038  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:55:26.0502 0x1038  AudioEndpointBuilder - ok
16:55:26.0518 0x1038  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:55:26.0549 0x1038  AudioSrv - ok
16:55:26.0596 0x1038  [ AA63DDD55F620BF96F1114F3BE3691C0, EF10158539721A610647214FF9231994C5D65E81E1E4466EAE2CE263CF79E892 ] avfwim          C:\Windows\system32\DRIVERS\avfwim.sys
16:55:26.0674 0x1038  avfwim - ok
16:55:26.0736 0x1038  [ 2427ABF5319463B9B7DF062C79967E9E, E9FAA110C3FD04F2EF6EBE0F9D800870EF5150D41A36BF1472497C2BC4997A3C ] avfwot          C:\Windows\system32\DRIVERS\avfwot.sys
16:55:26.0783 0x1038  avfwot - ok
16:55:26.0846 0x1038  [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:55:26.0892 0x1038  avgntflt - ok
16:55:26.0908 0x1038  [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:55:26.0924 0x1038  avipbb - ok
16:55:26.0955 0x1038  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:55:26.0970 0x1038  avkmgr - ok
16:55:26.0986 0x1038  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys
16:55:27.0033 0x1038  AVMCOWAN - ok
16:55:27.0048 0x1038  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:55:27.0158 0x1038  AxInstSV - ok
16:55:27.0220 0x1038  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:55:27.0251 0x1038  b06bdrv - ok
16:55:27.0282 0x1038  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:55:27.0314 0x1038  b57nd60a - ok
16:55:27.0345 0x1038  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:55:27.0376 0x1038  BDESVC - ok
16:55:27.0407 0x1038  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:55:27.0454 0x1038  Beep - ok
16:55:27.0501 0x1038  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:55:27.0532 0x1038  BFE - ok
16:55:27.0610 0x1038  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:55:27.0688 0x1038  BITS - ok
16:55:27.0704 0x1038  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:55:27.0719 0x1038  blbdrive - ok
16:55:27.0828 0x1038  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:55:27.0860 0x1038  Bonjour Service - ok
16:55:27.0891 0x1038  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:55:27.0953 0x1038  bowser - ok
16:55:27.0953 0x1038  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:55:28.0000 0x1038  BrFiltLo - ok
16:55:28.0000 0x1038  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:55:28.0031 0x1038  BrFiltUp - ok
16:55:28.0031 0x1038  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:55:28.0062 0x1038  Browser - ok
16:55:28.0078 0x1038  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:55:28.0125 0x1038  Brserid - ok
16:55:28.0125 0x1038  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:55:28.0140 0x1038  BrSerWdm - ok
16:55:28.0140 0x1038  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:55:28.0156 0x1038  BrUsbMdm - ok
16:55:28.0172 0x1038  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:55:28.0172 0x1038  BrUsbSer - ok
16:55:28.0187 0x1038  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:55:28.0203 0x1038  BTHMODEM - ok
16:55:28.0218 0x1038  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:55:28.0296 0x1038  bthserv - ok
16:55:28.0296 0x1038  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:55:28.0359 0x1038  cdfs - ok
16:55:28.0359 0x1038  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:55:28.0390 0x1038  cdrom - ok
16:55:28.0406 0x1038  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:55:28.0452 0x1038  CertPropSvc - ok
16:55:28.0452 0x1038  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:55:28.0468 0x1038  circlass - ok
16:55:28.0499 0x1038  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:55:28.0515 0x1038  CLFS - ok
16:55:28.0562 0x1038  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:55:28.0608 0x1038  clr_optimization_v2.0.50727_32 - ok
16:55:28.0655 0x1038  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:55:28.0702 0x1038  clr_optimization_v2.0.50727_64 - ok
16:55:28.0764 0x1038  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:55:28.0905 0x1038  clr_optimization_v4.0.30319_32 - ok
16:55:28.0920 0x1038  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:55:28.0952 0x1038  clr_optimization_v4.0.30319_64 - ok
16:55:28.0967 0x1038  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:55:28.0998 0x1038  CmBatt - ok
16:55:28.0998 0x1038  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:55:29.0014 0x1038  cmdide - ok
16:55:29.0045 0x1038  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:55:29.0108 0x1038  CNG - ok
16:55:29.0123 0x1038  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:55:29.0139 0x1038  Compbatt - ok
16:55:29.0154 0x1038  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:55:29.0186 0x1038  CompositeBus - ok
16:55:29.0201 0x1038  COMSysApp - ok
16:55:29.0201 0x1038  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:55:29.0217 0x1038  crcdisk - ok
16:55:29.0232 0x1038  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:55:29.0264 0x1038  CryptSvc - ok
16:55:29.0295 0x1038  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:55:29.0342 0x1038  DcomLaunch - ok
16:55:29.0373 0x1038  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:55:29.0420 0x1038  defragsvc - ok
16:55:29.0420 0x1038  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:55:29.0466 0x1038  DfsC - ok
16:55:29.0513 0x1038  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:55:29.0544 0x1038  Dhcp - ok
16:55:29.0544 0x1038  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:55:29.0591 0x1038  discache - ok
16:55:29.0622 0x1038  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:55:29.0669 0x1038  Disk - ok
16:55:29.0716 0x1038  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:55:29.0810 0x1038  Dnscache - ok
16:55:29.0841 0x1038  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:55:29.0919 0x1038  dot3svc - ok
16:55:29.0934 0x1038  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:55:29.0966 0x1038  DPS - ok
16:55:30.0012 0x1038  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:55:30.0059 0x1038  drmkaud - ok
16:55:30.0122 0x1038  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:55:30.0153 0x1038  DXGKrnl - ok
16:55:30.0168 0x1038  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:55:30.0246 0x1038  EapHost - ok
16:55:30.0340 0x1038  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:55:30.0449 0x1038  ebdrv - ok
16:55:30.0480 0x1038  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
16:55:30.0480 0x1038  EFS - ok
16:55:30.0574 0x1038  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:55:30.0621 0x1038  ehRecvr - ok
16:55:30.0636 0x1038  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:55:30.0668 0x1038  ehSched - ok
16:55:30.0683 0x1038  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:55:30.0714 0x1038  elxstor - ok
16:55:30.0714 0x1038  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:55:30.0746 0x1038  ErrDev - ok
16:55:30.0777 0x1038  [ E10EC316FBA637E824C76ECEFA1C2526, 942CFE98118133921D6CF8D56540F824694427B2E6FE1A44B581192A08FE8443 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
16:55:30.0824 0x1038  EtronHub3 - ok
16:55:30.0870 0x1038  [ 1520F844CC40D1B9C830AEC1AE963182, E43406B8278E21B5AA5AE03787888E0540F03913ECF76EC5F175D4B39FB79B07 ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
16:55:30.0917 0x1038  EtronXHCI - ok
16:55:30.0964 0x1038  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:55:31.0026 0x1038  EventSystem - ok
16:55:31.0026 0x1038  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:55:31.0073 0x1038  exfat - ok
16:55:31.0089 0x1038  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:55:31.0120 0x1038  fastfat - ok
16:55:31.0214 0x1038  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:55:31.0245 0x1038  Fax - ok
16:55:31.0260 0x1038  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:55:31.0276 0x1038  fdc - ok
16:55:31.0292 0x1038  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:55:31.0338 0x1038  fdPHost - ok
16:55:31.0354 0x1038  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:55:31.0401 0x1038  FDResPub - ok
16:55:31.0416 0x1038  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:55:31.0432 0x1038  FileInfo - ok
16:55:31.0432 0x1038  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:55:31.0479 0x1038  Filetrace - ok
16:55:31.0479 0x1038  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:55:31.0479 0x1038  flpydisk - ok
16:55:31.0494 0x1038  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:55:31.0510 0x1038  FltMgr - ok
16:55:31.0572 0x1038  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:55:31.0619 0x1038  FontCache - ok
16:55:31.0666 0x1038  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:55:31.0697 0x1038  FontCache3.0.0.0 - ok
16:55:31.0760 0x1038  [ CE7593C10A04D08F9B043890216F5728, 21E4AD5643BCDCB811E49C74F682672032A603078EDD80DE6E37249C9A005407 ] FPCIBASE        C:\Windows\system32\DRIVERS\fpcibase.sys
16:55:31.0806 0x1038  FPCIBASE - ok
16:55:31.0822 0x1038  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:55:31.0838 0x1038  FsDepends - ok
16:55:31.0853 0x1038  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:55:31.0869 0x1038  Fs_Rec - ok
16:55:31.0900 0x1038  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:55:31.0916 0x1038  fvevol - ok
16:55:31.0947 0x1038  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:55:31.0994 0x1038  gagp30kx - ok
16:55:32.0040 0x1038  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:55:32.0056 0x1038  GEARAspiWDM - ok
16:55:32.0087 0x1038  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:55:32.0150 0x1038  gpsvc - ok
16:55:32.0259 0x1038  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:55:32.0306 0x1038  gupdate - ok
16:55:32.0306 0x1038  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:55:32.0321 0x1038  gupdatem - ok
16:55:32.0337 0x1038  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:55:32.0368 0x1038  hcw85cir - ok
16:55:32.0399 0x1038  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:55:32.0446 0x1038  HdAudAddService - ok
16:55:32.0477 0x1038  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:55:32.0508 0x1038  HDAudBus - ok
16:55:32.0508 0x1038  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:55:32.0524 0x1038  HidBatt - ok
16:55:32.0540 0x1038  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:55:32.0555 0x1038  HidBth - ok
16:55:32.0555 0x1038  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:55:32.0571 0x1038  HidIr - ok
16:55:32.0586 0x1038  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:55:32.0633 0x1038  hidserv - ok
16:55:32.0664 0x1038  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:55:32.0696 0x1038  HidUsb - ok
16:55:32.0727 0x1038  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:55:32.0820 0x1038  hkmsvc - ok
16:55:32.0836 0x1038  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:55:32.0867 0x1038  HomeGroupListener - ok
16:55:32.0883 0x1038  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:55:32.0914 0x1038  HomeGroupProvider - ok
16:55:32.0945 0x1038  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:55:32.0992 0x1038  HpSAMD - ok
16:55:33.0039 0x1038  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:55:33.0132 0x1038  HTTP - ok
16:55:33.0132 0x1038  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:55:33.0148 0x1038  hwpolicy - ok
16:55:33.0164 0x1038  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:55:33.0179 0x1038  i8042prt - ok
16:55:33.0210 0x1038  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:55:33.0242 0x1038  iaStorV - ok
16:55:33.0304 0x1038  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:55:33.0366 0x1038  idsvc - ok
16:55:33.0366 0x1038  IEEtwCollectorService - ok
16:55:33.0382 0x1038  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:55:33.0398 0x1038  iirsp - ok
16:55:33.0460 0x1038  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:55:33.0538 0x1038  IKEEXT - ok
16:55:33.0569 0x1038  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:55:33.0569 0x1038  intelide - ok
16:55:33.0585 0x1038  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:55:33.0616 0x1038  intelppm - ok
16:55:33.0647 0x1038  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:55:33.0741 0x1038  IPBusEnum - ok
16:55:33.0741 0x1038  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:55:33.0772 0x1038  IpFilterDriver - ok
16:55:33.0819 0x1038  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:55:33.0850 0x1038  iphlpsvc - ok
16:55:33.0866 0x1038  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:55:33.0881 0x1038  IPMIDRV - ok
16:55:33.0897 0x1038  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:55:33.0944 0x1038  IPNAT - ok
16:55:34.0022 0x1038  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:55:34.0068 0x1038  iPod Service - ok
16:55:34.0068 0x1038  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:55:34.0100 0x1038  IRENUM - ok
16:55:34.0100 0x1038  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:55:34.0115 0x1038  isapnp - ok
16:55:34.0162 0x1038  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:55:34.0209 0x1038  iScsiPrt - ok
16:55:34.0224 0x1038  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:55:34.0240 0x1038  kbdclass - ok
16:55:34.0240 0x1038  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:55:34.0271 0x1038  kbdhid - ok
16:55:34.0271 0x1038  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
16:55:34.0287 0x1038  KeyIso - ok
16:55:34.0302 0x1038  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:55:34.0318 0x1038  KSecDD - ok
16:55:34.0334 0x1038  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:55:34.0349 0x1038  KSecPkg - ok
16:55:34.0365 0x1038  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:55:34.0443 0x1038  ksthunk - ok
16:55:34.0474 0x1038  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:55:34.0505 0x1038  KtmRm - ok
16:55:34.0552 0x1038  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:55:34.0599 0x1038  LanmanServer - ok
16:55:34.0630 0x1038  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:55:34.0661 0x1038  LanmanWorkstation - ok
16:55:34.0677 0x1038  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:55:34.0724 0x1038  lltdio - ok
16:55:34.0770 0x1038  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:55:34.0848 0x1038  lltdsvc - ok
16:55:34.0848 0x1038  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:55:34.0895 0x1038  lmhosts - ok
16:55:34.0895 0x1038  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:55:34.0911 0x1038  LSI_FC - ok
16:55:34.0926 0x1038  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:55:34.0942 0x1038  LSI_SAS - ok
16:55:34.0958 0x1038  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:55:34.0958 0x1038  LSI_SAS2 - ok
16:55:34.0973 0x1038  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:55:34.0989 0x1038  LSI_SCSI - ok
16:55:35.0004 0x1038  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:55:35.0036 0x1038  luafv - ok
16:55:35.0067 0x1038  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:55:35.0082 0x1038  Mcx2Svc - ok
16:55:35.0082 0x1038  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:55:35.0098 0x1038  megasas - ok
16:55:35.0114 0x1038  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:55:35.0145 0x1038  MegaSR - ok
16:55:35.0145 0x1038  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:55:35.0192 0x1038  MMCSS - ok
16:55:35.0192 0x1038  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:55:35.0238 0x1038  Modem - ok
16:55:35.0238 0x1038  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:55:35.0254 0x1038  monitor - ok
16:55:35.0270 0x1038  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:55:35.0285 0x1038  mouclass - ok
16:55:35.0285 0x1038  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
16:55:35.0332 0x1038  mouhid - ok
16:55:35.0348 0x1038  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:55:35.0363 0x1038  mountmgr - ok
16:55:35.0410 0x1038  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:55:35.0472 0x1038  MozillaMaintenance - ok
16:55:35.0488 0x1038  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:55:35.0504 0x1038  mpio - ok
16:55:35.0519 0x1038  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:55:35.0566 0x1038  mpsdrv - ok
16:55:35.0597 0x1038  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:55:35.0644 0x1038  MpsSvc - ok
16:55:35.0675 0x1038  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:55:35.0691 0x1038  MRxDAV - ok
16:55:35.0706 0x1038  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:55:35.0753 0x1038  mrxsmb - ok
16:55:35.0769 0x1038  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:55:35.0784 0x1038  mrxsmb10 - ok
16:55:35.0800 0x1038  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:55:35.0816 0x1038  mrxsmb20 - ok
16:55:35.0847 0x1038  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:55:35.0862 0x1038  msahci - ok
16:55:35.0894 0x1038  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:55:35.0940 0x1038  msdsm - ok
16:55:35.0956 0x1038  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:55:35.0987 0x1038  MSDTC - ok
16:55:36.0003 0x1038  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:55:36.0065 0x1038  Msfs - ok
16:55:36.0065 0x1038  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:55:36.0096 0x1038  mshidkmdf - ok
16:55:36.0096 0x1038  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:55:36.0112 0x1038  msisadrv - ok
16:55:36.0143 0x1038  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:55:36.0190 0x1038  MSiSCSI - ok
16:55:36.0190 0x1038  msiserver - ok
16:55:36.0221 0x1038  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:55:36.0252 0x1038  MSKSSRV - ok
16:55:36.0252 0x1038  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:55:36.0299 0x1038  MSPCLOCK - ok
16:55:36.0299 0x1038  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:55:36.0330 0x1038  MSPQM - ok
16:55:36.0362 0x1038  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:55:36.0377 0x1038  MsRPC - ok
16:55:36.0377 0x1038  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:55:36.0393 0x1038  mssmbios - ok
16:55:36.0393 0x1038  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:55:36.0471 0x1038  MSTEE - ok
16:55:36.0471 0x1038  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:55:36.0486 0x1038  MTConfig - ok
16:55:36.0502 0x1038  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:55:36.0518 0x1038  Mup - ok
16:55:36.0564 0x1038  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:55:36.0611 0x1038  napagent - ok
16:55:36.0658 0x1038  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:55:36.0705 0x1038  NativeWifiP - ok
16:55:36.0798 0x1038  [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
16:55:36.0830 0x1038  NAUpdate - ok
16:55:36.0908 0x1038  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:55:36.0954 0x1038  NDIS - ok
16:55:36.0970 0x1038  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:55:37.0001 0x1038  NdisCap - ok
16:55:37.0017 0x1038  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:55:37.0048 0x1038  NdisTapi - ok
16:55:37.0048 0x1038  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:55:37.0079 0x1038  Ndisuio - ok
16:55:37.0079 0x1038  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:55:37.0126 0x1038  NdisWan - ok
16:55:37.0142 0x1038  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:55:37.0173 0x1038  NDProxy - ok
16:55:37.0204 0x1038  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
16:55:37.0235 0x1038  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
16:55:37.0329 0x1038  Netaapl ( UnsignedFile.Multi.Generic ) - warning
16:55:39.0778 0x1038  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:55:39.0872 0x1038  NetBIOS - ok
16:55:39.0887 0x1038  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:55:39.0918 0x1038  NetBT - ok
16:55:39.0934 0x1038  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
16:55:39.0950 0x1038  Netlogon - ok
16:55:39.0981 0x1038  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:55:40.0012 0x1038  Netman - ok
16:55:40.0074 0x1038  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:55:40.0152 0x1038  NetMsmqActivator - ok
16:55:40.0168 0x1038  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:55:40.0184 0x1038  NetPipeActivator - ok
16:55:40.0215 0x1038  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:55:40.0246 0x1038  netprofm - ok
16:55:40.0262 0x1038  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:55:40.0277 0x1038  NetTcpActivator - ok
16:55:40.0277 0x1038  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:55:40.0293 0x1038  NetTcpPortSharing - ok
16:55:40.0324 0x1038  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:55:40.0371 0x1038  nfrd960 - ok
16:55:40.0402 0x1038  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:55:40.0449 0x1038  NlaSvc - ok
16:55:40.0449 0x1038  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:55:40.0480 0x1038  Npfs - ok
16:55:40.0511 0x1038  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:55:40.0542 0x1038  nsi - ok
16:55:40.0542 0x1038  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:55:40.0589 0x1038  nsiproxy - ok
16:55:40.0652 0x1038  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:55:40.0698 0x1038  Ntfs - ok
16:55:40.0714 0x1038  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:55:40.0745 0x1038  Null - ok
16:55:40.0776 0x1038  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:55:40.0792 0x1038  nvraid - ok
16:55:40.0823 0x1038  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:55:40.0839 0x1038  nvstor - ok
16:55:40.0854 0x1038  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:55:40.0901 0x1038  nv_agp - ok
16:55:40.0901 0x1038  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:55:40.0932 0x1038  ohci1394 - ok
16:55:40.0979 0x1038  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:55:41.0026 0x1038  ose - ok
16:55:41.0104 0x1038  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:55:41.0135 0x1038  p2pimsvc - ok
16:55:41.0182 0x1038  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:55:41.0229 0x1038  p2psvc - ok
16:55:41.0260 0x1038  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:55:41.0307 0x1038  Parport - ok
16:55:41.0322 0x1038  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:55:41.0338 0x1038  partmgr - ok
16:55:41.0354 0x1038  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:55:41.0369 0x1038  PcaSvc - ok
16:55:41.0385 0x1038  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:55:41.0416 0x1038  pci - ok
16:55:41.0432 0x1038  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:55:41.0447 0x1038  pciide - ok
16:55:41.0463 0x1038  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:55:41.0478 0x1038  pcmcia - ok
16:55:41.0494 0x1038  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:55:41.0494 0x1038  pcw - ok
16:55:41.0525 0x1038  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:55:41.0572 0x1038  PEAUTH - ok
16:55:41.0619 0x1038  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:55:41.0666 0x1038  PerfHost - ok
16:55:41.0744 0x1038  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:55:41.0822 0x1038  pla - ok
16:55:41.0853 0x1038  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:55:41.0884 0x1038  PlugPlay - ok
16:55:41.0900 0x1038  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:55:41.0915 0x1038  PNRPAutoReg - ok
16:55:41.0931 0x1038  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:55:41.0946 0x1038  PNRPsvc - ok
16:55:41.0962 0x1038  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:55:42.0024 0x1038  PolicyAgent - ok
16:55:42.0056 0x1038  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:55:42.0087 0x1038  Power - ok
16:55:42.0102 0x1038  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:55:42.0149 0x1038  PptpMiniport - ok
16:55:42.0149 0x1038  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:55:42.0165 0x1038  Processor - ok
16:55:42.0196 0x1038  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:55:42.0212 0x1038  ProfSvc - ok
16:55:42.0227 0x1038  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:55:42.0243 0x1038  ProtectedStorage - ok
16:55:42.0274 0x1038  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:55:42.0368 0x1038  Psched - ok
16:55:42.0430 0x1038  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:55:42.0477 0x1038  ql2300 - ok
16:55:42.0492 0x1038  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:55:42.0508 0x1038  ql40xx - ok
16:55:42.0524 0x1038  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:55:42.0555 0x1038  QWAVE - ok
16:55:42.0555 0x1038  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:55:42.0570 0x1038  QWAVEdrv - ok
16:55:42.0570 0x1038  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:55:42.0602 0x1038  RasAcd - ok
16:55:42.0633 0x1038  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:55:42.0648 0x1038  RasAgileVpn - ok
16:55:42.0680 0x1038  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:55:42.0726 0x1038  RasAuto - ok
16:55:42.0726 0x1038  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:55:42.0773 0x1038  Rasl2tp - ok
16:55:42.0789 0x1038  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:55:42.0836 0x1038  RasMan - ok
16:55:42.0836 0x1038  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:55:42.0882 0x1038  RasPppoe - ok
16:55:42.0898 0x1038  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:55:42.0929 0x1038  RasSstp - ok
16:55:42.0929 0x1038  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:55:42.0976 0x1038  rdbss - ok
16:55:42.0976 0x1038  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:55:42.0992 0x1038  rdpbus - ok
16:55:43.0007 0x1038  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:55:43.0023 0x1038  RDPCDD - ok
16:55:43.0038 0x1038  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:55:43.0085 0x1038  RDPENCDD - ok
16:55:43.0085 0x1038  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:55:43.0116 0x1038  RDPREFMP - ok
16:55:43.0179 0x1038  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:55:43.0226 0x1038  RdpVideoMiniport - ok
16:55:43.0257 0x1038  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:55:43.0288 0x1038  RDPWD - ok
16:55:43.0304 0x1038  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:55:43.0319 0x1038  rdyboost - ok
16:55:43.0350 0x1038  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:55:43.0444 0x1038  RemoteAccess - ok
16:55:43.0460 0x1038  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:55:43.0506 0x1038  RemoteRegistry - ok
16:55:43.0522 0x1038  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:55:43.0553 0x1038  RpcEptMapper - ok
16:55:43.0569 0x1038  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:55:43.0569 0x1038  RpcLocator - ok
16:55:43.0616 0x1038  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:55:43.0647 0x1038  RpcSs - ok
16:55:43.0647 0x1038  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:55:43.0678 0x1038  rspndr - ok
16:55:43.0756 0x1038  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:55:43.0803 0x1038  RTL8167 - ok
16:55:43.0803 0x1038  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
16:55:43.0818 0x1038  SamSs - ok
16:55:43.0834 0x1038  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:55:43.0850 0x1038  sbp2port - ok
16:55:43.0865 0x1038  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:55:43.0912 0x1038  SCardSvr - ok
16:55:43.0912 0x1038  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:55:43.0943 0x1038  scfilter - ok
16:55:43.0990 0x1038  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:55:44.0052 0x1038  Schedule - ok
16:55:44.0084 0x1038  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:55:44.0099 0x1038  SCPolicySvc - ok
16:55:44.0162 0x1038  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:55:44.0208 0x1038  SDRSVC - ok
16:55:44.0240 0x1038  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:55:44.0255 0x1038  secdrv - ok
16:55:44.0286 0x1038  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:55:44.0318 0x1038  seclogon - ok
16:55:44.0333 0x1038  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:55:44.0364 0x1038  SENS - ok
16:55:44.0380 0x1038  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:55:44.0411 0x1038  SensrSvc - ok
16:55:44.0411 0x1038  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:55:44.0427 0x1038  Serenum - ok
16:55:44.0442 0x1038  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:55:44.0458 0x1038  Serial - ok
16:55:44.0474 0x1038  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:55:44.0489 0x1038  sermouse - ok
16:55:44.0505 0x1038  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:55:44.0552 0x1038  SessionEnv - ok
16:55:44.0552 0x1038  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:55:44.0567 0x1038  sffdisk - ok
16:55:44.0567 0x1038  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:55:44.0598 0x1038  sffp_mmc - ok
16:55:44.0598 0x1038  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:55:44.0614 0x1038  sffp_sd - ok
16:55:44.0630 0x1038  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:55:44.0630 0x1038  sfloppy - ok
16:55:44.0676 0x1038  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:55:44.0770 0x1038  SharedAccess - ok
16:55:44.0801 0x1038  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:55:44.0832 0x1038  ShellHWDetection - ok
16:55:44.0864 0x1038  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:55:44.0879 0x1038  SiSRaid2 - ok
16:55:44.0879 0x1038  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:55:44.0895 0x1038  SiSRaid4 - ok
16:55:44.0910 0x1038  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:55:44.0957 0x1038  Smb - ok
16:55:44.0973 0x1038  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:55:44.0988 0x1038  SNMPTRAP - ok
16:55:44.0988 0x1038  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:55:45.0004 0x1038  spldr - ok
16:55:45.0051 0x1038  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:55:45.0082 0x1038  Spooler - ok
16:55:45.0207 0x1038  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:55:45.0347 0x1038  sppsvc - ok
16:55:45.0347 0x1038  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:55:45.0378 0x1038  sppuinotify - ok
16:55:45.0410 0x1038  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:55:45.0456 0x1038  srv - ok
16:55:45.0472 0x1038  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:55:45.0503 0x1038  srv2 - ok
16:55:45.0519 0x1038  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:55:45.0534 0x1038  srvnet - ok
16:55:45.0550 0x1038  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:55:45.0597 0x1038  SSDPSRV - ok
16:55:45.0612 0x1038  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:55:45.0644 0x1038  SstpSvc - ok
16:55:45.0659 0x1038  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:55:45.0659 0x1038  stexstor - ok
16:55:45.0690 0x1038  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:55:45.0722 0x1038  StillCam - ok
16:55:45.0784 0x1038  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:55:45.0846 0x1038  stisvc - ok
16:55:45.0862 0x1038  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:55:45.0862 0x1038  swenum - ok
16:55:45.0893 0x1038  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:55:45.0956 0x1038  swprv - ok
16:55:46.0049 0x1038  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:55:46.0127 0x1038  SysMain - ok
16:55:46.0143 0x1038  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:55:46.0174 0x1038  TabletInputService - ok
16:55:46.0205 0x1038  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:55:46.0252 0x1038  TapiSrv - ok
16:55:46.0268 0x1038  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:55:46.0299 0x1038  TBS - ok
16:55:46.0377 0x1038  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:55:46.0439 0x1038  Tcpip - ok
16:55:46.0486 0x1038  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:55:46.0533 0x1038  TCPIP6 - ok
16:55:46.0564 0x1038  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:55:46.0611 0x1038  tcpipreg - ok
16:55:46.0626 0x1038  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:55:46.0673 0x1038  TDPIPE - ok
16:55:46.0704 0x1038  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:55:46.0736 0x1038  TDTCP - ok
16:55:46.0751 0x1038  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:55:46.0814 0x1038  tdx - ok
16:55:46.0814 0x1038  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:55:46.0829 0x1038  TermDD - ok
16:55:46.0892 0x1038  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:55:46.0970 0x1038  TermService - ok
16:55:46.0970 0x1038  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:55:47.0001 0x1038  Themes - ok
16:55:47.0001 0x1038  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:55:47.0032 0x1038  THREADORDER - ok
16:55:47.0048 0x1038  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:55:47.0094 0x1038  TrkWks - ok
16:55:47.0157 0x1038  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:55:47.0219 0x1038  TrustedInstaller - ok
16:55:47.0235 0x1038  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:55:47.0282 0x1038  tssecsrv - ok
16:55:47.0313 0x1038  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:55:47.0360 0x1038  TsUsbFlt - ok
16:55:47.0375 0x1038  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:55:47.0391 0x1038  TsUsbGD - ok
16:55:47.0438 0x1038  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:55:47.0500 0x1038  tunnel - ok
16:55:47.0500 0x1038  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:55:47.0516 0x1038  uagp35 - ok
16:55:47.0531 0x1038  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:55:47.0578 0x1038  udfs - ok
16:55:47.0594 0x1038  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:55:47.0625 0x1038  UI0Detect - ok
16:55:47.0640 0x1038  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:55:47.0656 0x1038  uliagpkx - ok
16:55:47.0672 0x1038  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:55:47.0687 0x1038  umbus - ok
16:55:47.0703 0x1038  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:55:47.0718 0x1038  UmPass - ok
16:55:47.0750 0x1038  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:55:47.0796 0x1038  upnphost - ok
16:55:47.0843 0x1038  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:55:47.0859 0x1038  USBAAPL64 - ok
16:55:47.0874 0x1038  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:55:47.0921 0x1038  usbccgp - ok
16:55:47.0952 0x1038  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:55:47.0999 0x1038  usbcir - ok
16:55:47.0999 0x1038  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:55:48.0046 0x1038  usbehci - ok
16:55:48.0062 0x1038  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:55:48.0108 0x1038  usbhub - ok
16:55:48.0124 0x1038  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:55:48.0140 0x1038  usbohci - ok
16:55:48.0155 0x1038  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:55:48.0202 0x1038  usbprint - ok
16:55:48.0249 0x1038  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:55:48.0296 0x1038  usbscan - ok
16:55:48.0327 0x1038  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:55:48.0374 0x1038  USBSTOR - ok
16:55:48.0389 0x1038  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:55:48.0420 0x1038  usbuhci - ok
16:55:48.0436 0x1038  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:55:48.0467 0x1038  UxSms - ok
16:55:48.0467 0x1038  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
16:55:48.0483 0x1038  VaultSvc - ok
16:55:48.0483 0x1038  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:55:48.0498 0x1038  vdrvroot - ok
16:55:48.0514 0x1038  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:55:48.0576 0x1038  vds - ok
16:55:48.0576 0x1038  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:55:48.0592 0x1038  vga - ok
16:55:48.0608 0x1038  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:55:48.0639 0x1038  VgaSave - ok
16:55:48.0639 0x1038  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:55:48.0670 0x1038  vhdmp - ok
16:55:48.0686 0x1038  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:55:48.0701 0x1038  viaide - ok
16:55:48.0717 0x1038  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:55:48.0732 0x1038  volmgr - ok
16:55:48.0748 0x1038  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:55:48.0764 0x1038  volmgrx - ok
16:55:48.0779 0x1038  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:55:48.0810 0x1038  volsnap - ok
16:55:48.0826 0x1038  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:55:48.0842 0x1038  vsmraid - ok
16:55:48.0920 0x1038  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:55:48.0998 0x1038  VSS - ok
16:55:48.0998 0x1038  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:55:49.0029 0x1038  vwifibus - ok
16:55:49.0044 0x1038  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:55:49.0122 0x1038  vwififlt - ok
16:55:49.0122 0x1038  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:55:49.0154 0x1038  vwifimp - ok
16:55:49.0169 0x1038  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:55:49.0216 0x1038  W32Time - ok
16:55:49.0216 0x1038  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:55:49.0247 0x1038  WacomPen - ok
16:55:49.0278 0x1038  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:55:49.0310 0x1038  WANARP - ok
16:55:49.0310 0x1038  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:55:49.0341 0x1038  Wanarpv6 - ok
16:55:49.0403 0x1038  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:55:49.0466 0x1038  wbengine - ok
16:55:49.0466 0x1038  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:55:49.0497 0x1038  WbioSrvc - ok
16:55:49.0512 0x1038  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:55:49.0544 0x1038  wcncsvc - ok
16:55:49.0544 0x1038  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:55:49.0559 0x1038  WcsPlugInService - ok
16:55:49.0575 0x1038  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:55:49.0590 0x1038  Wd - ok
16:55:49.0622 0x1038  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:55:49.0653 0x1038  Wdf01000 - ok
16:55:49.0684 0x1038  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:55:49.0746 0x1038  WdiServiceHost - ok
16:55:49.0762 0x1038  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:55:49.0778 0x1038  WdiSystemHost - ok
16:55:49.0809 0x1038  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:55:49.0840 0x1038  WebClient - ok
16:55:49.0856 0x1038  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:55:49.0918 0x1038  Wecsvc - ok
16:55:49.0918 0x1038  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:55:49.0965 0x1038  wercplsupport - ok
16:55:49.0980 0x1038  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:55:50.0012 0x1038  WerSvc - ok
16:55:50.0027 0x1038  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:55:50.0058 0x1038  WfpLwf - ok
16:55:50.0058 0x1038  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:55:50.0074 0x1038  WIMMount - ok
16:55:50.0105 0x1038  WinDefend - ok
16:55:50.0105 0x1038  WinHttpAutoProxySvc - ok
16:55:50.0152 0x1038  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:55:50.0246 0x1038  Winmgmt - ok
16:55:50.0355 0x1038  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:55:50.0464 0x1038  WinRM - ok
16:55:50.0495 0x1038  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:55:50.0542 0x1038  WinUsb - ok
16:55:50.0620 0x1038  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:55:50.0682 0x1038  Wlansvc - ok
16:55:50.0698 0x1038  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:55:50.0714 0x1038  WmiAcpi - ok
16:55:50.0729 0x1038  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:55:50.0745 0x1038  wmiApSrv - ok
16:55:50.0776 0x1038  WMPNetworkSvc - ok
16:55:50.0792 0x1038  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:55:50.0823 0x1038  WPCSvc - ok
16:55:50.0838 0x1038  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:55:50.0870 0x1038  WPDBusEnum - ok
16:55:50.0870 0x1038  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:55:50.0901 0x1038  ws2ifsl - ok
16:55:50.0932 0x1038  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:55:50.0948 0x1038  wscsvc - ok
16:55:50.0948 0x1038  WSearch - ok
16:55:51.0026 0x1038  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:55:51.0119 0x1038  wuauserv - ok
16:55:51.0135 0x1038  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:55:51.0166 0x1038  WudfPf - ok
16:55:51.0213 0x1038  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:55:51.0228 0x1038  WUDFRd - ok
16:55:51.0260 0x1038  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:55:51.0306 0x1038  wudfsvc - ok
16:55:51.0353 0x1038  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:55:51.0416 0x1038  WwanSvc - ok
16:55:51.0462 0x1038  ================ Scan global ===============================
16:55:51.0478 0x1038  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:55:51.0525 0x1038  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:55:51.0556 0x1038  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:55:51.0587 0x1038  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:55:51.0634 0x1038  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:55:51.0650 0x1038  [ Global ] - ok
16:55:51.0650 0x1038  ================ Scan MBR ==================================
16:55:51.0665 0x1038  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:55:51.0884 0x1038  \Device\Harddisk0\DR0 - ok
16:55:51.0899 0x1038  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk5\DR5
16:55:52.0071 0x1038  \Device\Harddisk5\DR5 - ok
16:55:52.0071 0x1038  ================ Scan VBR ==================================
16:55:52.0071 0x1038  [ A273C8B3254D9983C9758C974543D069 ] \Device\Harddisk0\DR0\Partition1
16:55:52.0133 0x1038  \Device\Harddisk0\DR0\Partition1 - ok
16:55:52.0133 0x1038  [ 106D57C63A2010CE2D9501DDE3688A30 ] \Device\Harddisk0\DR0\Partition2
16:55:52.0180 0x1038  \Device\Harddisk0\DR0\Partition2 - ok
16:55:52.0180 0x1038  [ 724BD03D06864CA74BF5BD53DE17D9E0 ] \Device\Harddisk5\DR5\Partition1
16:55:52.0196 0x1038  \Device\Harddisk5\DR5\Partition1 - ok
16:55:52.0274 0x1038  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41000 ( enabled : updated )
16:55:52.0274 0x1038  FW detected via SS2: FireWall, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41010 ( enabled )
16:55:54.0707 0x1038  ============================================================
16:55:54.0707 0x1038  Scan finished
16:55:54.0707 0x1038  ============================================================
16:55:54.0723 0x0460  Detected object count: 1
16:55:54.0723 0x0460  Actual detected object count: 1
16:56:21.0992 0x0460  Netaapl ( UnsignedFile.Multi.Generic ) - skipped by user
16:56:21.0992 0x0460  Netaapl ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 11.04.2014, 06:51   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Kann den Virus nicht aufspüren - Standard

Kann den Virus nicht aufspüren



nüscht.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Kann den Virus nicht aufspüren
avira, eingeschränkt, entfernen, festplatte, folge, kaspersky, leute, mails, malwarebytes, neu, nichts, outlook, problem, probleme, scan, scannen, security, smtp, spam, system, telekom, virenproblem, virus, win7, winxp



Ähnliche Themen: Kann den Virus nicht aufspüren


  1. Datenleck Aufspüren PC2
    Log-Analyse und Auswertung - 27.06.2015 (13)
  2. Torpig Infektion im Netzwerk aufspüren
    Plagegeister aller Art und deren Bekämpfung - 25.06.2013 (7)
  3. Telekom lanciert Cloud-Service zum Aufspüren von Sicherheitslücken
    Nachrichten - 14.05.2013 (0)
  4. Aufspüren von Spy-/Malware nach Öffnen von Anhang in SpamMail
    Log-Analyse und Auswertung - 02.05.2013 (9)
  5. 2x | Kenntnisse benötigt: Aufspüren von Spy-/Malware nach Öffnen von Spam
    Mülltonne - 30.04.2013 (1)
  6. definitiv aktiver virus lässt sich nicht aufspüren und beseitigen
    Log-Analyse und Auswertung - 10.10.2011 (8)
  7. bka virus: kaspersky rescue-cd wird nicht gebootet und OTLPENet.exe kann nicht gedownloaded werden
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (30)
  8. Virus den ich nicht finden kann
    Mülltonne - 25.04.2011 (1)
  9. virtumonde, svchost? lässt sich nicht aufspüren/entfernen
    Plagegeister aller Art und deren Bekämpfung - 26.02.2011 (3)
  10. Trojaner aufspüren und erfolgreich entfernen!
    Plagegeister aller Art und deren Bekämpfung - 17.09.2010 (5)
  11. Kann Virus nicht etfernen
    Antiviren-, Firewall- und andere Schutzprogramme - 26.04.2010 (7)
  12. Trojaner aufspüren und ggf beseitigen
    Plagegeister aller Art und deren Bekämpfung - 18.08.2008 (1)
  13. kann virus nicht löschen
    Mülltonne - 16.08.2008 (0)
  14. Kann Virus nicht löschen ?!?
    Plagegeister aller Art und deren Bekämpfung - 30.03.2008 (2)
  15. PC reagiert nicht mehr! Virus kann nicht entfernt werden! -WICHTIG-
    Plagegeister aller Art und deren Bekämpfung - 12.02.2007 (9)
  16. Kann Virus nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 02.12.2006 (6)
  17. Kann Virus nicht entfernen
    Log-Analyse und Auswertung - 23.02.2005 (10)

Zum Thema Kann den Virus nicht aufspüren - Hallo Leutz, bin neu hier und grüße erstmal nett in die Runde *wink* Ich möchte einem Bekannten bei seinem Virenproblem helfen, aber komme leider nicht weiter. Folgender Sachverhalt: Er hat - Kann den Virus nicht aufspüren...
Archiv
Du betrachtest: Kann den Virus nicht aufspüren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.