Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Telekom Fake-Rechnung: Anhang geöffnet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 14.11.2014, 16:45   #1
hans12345
 
Telekom Fake-Rechnung: Anhang geöffnet - Standard

Telekom Fake-Rechnung: Anhang geöffnet



Hallo zusammen,

ich habe am 10.11.14 eine E-Mail erhalten, die einer Rechnungsbenachrichtigung der Telekom sehr ähnlich sah (über diese Phishing-Welle wurde mittlerweile ja auch schon auf einigen Nachrichtenportalen berichtet). Ich habe den darin enthaltenen Link angeklickt und möglicherweise den dahinterliegenden Anhang geöffnet. Genau weiß ich das aber auf Grund der Hektik und Verunsicherung nicht mehr.
Nun befürchte ich, dass ich mir evtl. Schadsoftware eingefangen habe und bitte euch daher um eure Hilfe. Hier die Logs:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:20 on 12/11/2014 (Hans)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Hans (administrator) on ARBEO_III on 12-11-2014 19:23:07
Running from C:\Users\Hans\Desktop
Loaded Profile: Hans (Available profiles: Mama & Hans & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Hans\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\y80b5e3t.default
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2546554077-3108011590-2457289113-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Hans\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2546554077-3108011590-2457289113-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Hans\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\y80b5e3t.default\Extensions\abs@avira.com [2014-10-03]
FF Extension: Garmin Communicator - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\y80b5e3t.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]
FF Extension: Adblock Plus - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\y80b5e3t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-12-22]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-06] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-11] ()
S3 GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-11] ()
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 19:23 - 2014-11-12 19:23 - 00011087 _____ () C:\Users\Hans\Desktop\FRST.txt
2014-11-12 19:22 - 2014-11-12 19:23 - 00000000 ____D () C:\FRST
2014-11-12 19:22 - 2014-11-12 19:21 - 02116096 _____ (Farbar) C:\Users\Hans\Desktop\FRST64.exe
2014-11-12 19:21 - 2014-11-12 19:21 - 02116096 _____ (Farbar) C:\Users\Hans\Downloads\FRST64.exe
2014-11-12 19:20 - 2014-11-12 19:20 - 00000470 _____ () C:\Users\Hans\Desktop\defogger_disable.log
2014-11-12 19:20 - 2014-11-12 19:20 - 00000000 _____ () C:\Users\Hans\defogger_reenable
2014-11-12 19:19 - 2014-11-12 19:19 - 00050477 _____ () C:\Users\Hans\Downloads\Defogger.exe
2014-11-12 19:19 - 2014-11-12 19:19 - 00050477 _____ () C:\Users\Hans\Desktop\Defogger.exe
2014-11-10 17:26 - 2014-11-10 17:26 - 00000000 _____ () C:\Users\Hans\Desktop\Neues Textdokument.txt
2014-11-10 13:59 - 2014-11-10 13:59 - 00000000 ____D () C:\Users\Mama\AppData\Local\{08BE83A0-1759-40E9-B13F-1E16BB9517DD}
2014-11-09 15:22 - 2014-11-12 19:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 09:40 - 2014-11-05 09:40 - 01054912 _____ (Adobe) C:\Users\Hans\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2014-11-01 20:06 - 2014-11-01 20:06 - 00001214 _____ () C:\Users\Hans\Desktop\Eigene Bilder USA 2014 - Verknüpfung.lnk
2014-10-31 18:55 - 2014-11-10 17:05 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2546554077-3108011590-2457289113-1003UA.job
2014-10-31 18:55 - 2014-11-05 19:05 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2546554077-3108011590-2457289113-1003Core.job
2014-10-31 18:55 - 2014-10-31 19:06 - 00000297 _____ () C:\Windows\wininit.ini
2014-10-31 18:55 - 2014-10-31 19:00 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2546554077-3108011590-2457289113-1003UA
2014-10-31 18:55 - 2014-10-31 19:00 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2546554077-3108011590-2457289113-1003Core
2014-10-31 18:55 - 2014-10-31 18:55 - 00000000 ____D () C:\Users\Hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-10-28 17:27 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-28 17:27 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-28 17:27 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-28 17:27 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-28 17:27 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-28 17:27 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-28 17:27 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-28 17:27 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-28 17:27 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-28 17:27 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-28 17:27 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-28 17:27 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-28 17:27 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-28 17:27 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-28 17:27 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-28 17:27 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-28 17:27 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-28 17:27 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-28 17:27 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-28 17:27 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-28 17:27 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-28 17:27 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-28 17:27 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-28 17:27 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-28 17:27 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-28 17:27 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-28 17:27 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-28 17:27 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-28 17:27 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-28 17:27 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-28 17:27 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-28 17:27 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-28 17:27 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-28 17:27 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-28 17:27 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-28 17:27 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-28 17:27 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-28 17:27 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-28 17:27 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-28 17:27 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-28 17:27 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-28 17:27 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-28 17:27 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-28 17:27 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-28 17:27 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-28 17:27 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-28 17:27 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-28 17:27 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-28 17:27 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-28 17:27 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-28 17:27 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-28 17:27 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-28 17:27 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-28 17:27 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-28 17:27 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-28 17:27 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-28 17:27 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-28 17:27 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-28 17:27 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-28 17:27 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-28 17:27 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-28 17:27 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-28 17:27 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-28 17:27 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-28 17:27 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-28 17:27 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-28 17:24 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-28 17:24 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-28 17:23 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-28 17:23 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-28 17:23 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-28 17:23 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-28 17:23 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-28 17:23 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-28 17:23 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-28 17:23 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-28 17:23 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-28 17:23 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-28 17:23 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-28 17:23 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-28 17:23 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-28 17:23 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-28 17:23 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-28 17:23 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-28 17:23 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-28 17:23 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-28 17:23 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-28 17:23 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-28 17:23 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-28 17:23 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-28 17:23 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-28 17:23 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 19:22 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 19:22 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 19:21 - 2011-01-10 07:00 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-12 19:21 - 2011-01-10 07:00 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-12 19:21 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 19:20 - 2011-03-03 20:52 - 00000000 ____D () C:\Users\Hans
2014-11-12 19:20 - 2009-07-14 05:51 - 00148634 _____ () C:\Windows\setupact.log
2014-11-12 19:19 - 2011-01-12 23:39 - 01696637 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 19:16 - 2012-01-29 14:16 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 19:16 - 2011-01-12 23:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-12 19:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 17:13 - 2012-01-29 14:16 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 10:44 - 2012-05-06 10:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-07 23:53 - 2011-09-08 12:50 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-11-06 11:18 - 2014-09-09 09:23 - 00001149 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-06 11:18 - 2013-09-02 17:59 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-06 11:18 - 2013-05-01 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-06 11:18 - 2013-05-01 10:45 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-31 20:54 - 2012-02-12 20:40 - 00000000 ____D () C:\Users\Hans\Desktop\Hausverwaltung
2014-10-31 18:55 - 2012-01-29 14:16 - 00000000 ____D () C:\Users\Hans\AppData\Local\Google
2014-10-29 11:32 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-29 11:31 - 2009-07-14 05:45 - 00347104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-29 11:28 - 2014-05-06 20:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-28 17:54 - 2011-03-04 14:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-28 17:50 - 2013-08-16 18:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-28 17:44 - 2011-03-03 19:44 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-28 17:09 - 2013-05-07 13:58 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-28 17:09 - 2013-05-01 10:45 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-28 17:09 - 2013-05-01 10:45 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-28 17:08 - 2012-01-29 14:16 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-28 17:08 - 2012-01-29 14:16 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Hans\AppData\Local\Temp\AskSLib.dll
C:\Users\Hans\AppData\Local\Temp\avgnt.exe
C:\Users\Hans\AppData\Local\Temp\tmp3FBD.exe
C:\Users\Hans\AppData\Local\Temp\tmp4D73.exe
C:\Users\Hans\AppData\Local\Temp\tmp53F8.exe
C:\Users\Hans\AppData\Local\Temp\tmp735B.exe
C:\Users\Hans\AppData\Local\Temp\tmpB6B1.exe
C:\Users\Hans\AppData\Local\Temp\tmpC20.exe
C:\Users\Hans\AppData\Local\Temp\tmpC60C.exe
C:\Users\Hans\AppData\Local\Temp\tmpDF56.exe
C:\Users\Hans\AppData\Local\Temp\tmpEF1E.exe
C:\Users\Hans\AppData\Local\Temp\tmpEFF9.exe
C:\Users\Hans\AppData\Local\Temp\tmpF102.exe
C:\Users\Mama\AppData\Local\Temp\AskSLib.dll
C:\Users\Mama\AppData\Local\Temp\avgnt.exe
C:\Users\Mama\AppData\Local\Temp\MSN4D18.exe
C:\Users\Mama\AppData\Local\Temp\tmp12E4.exe
C:\Users\Mama\AppData\Local\Temp\tmp1795.exe
C:\Users\Mama\AppData\Local\Temp\tmp1BF8.exe
C:\Users\Mama\AppData\Local\Temp\tmp1DCC.exe
C:\Users\Mama\AppData\Local\Temp\tmp23D4.exe
C:\Users\Mama\AppData\Local\Temp\tmp2DD3.exe
C:\Users\Mama\AppData\Local\Temp\tmp81A.exe
C:\Users\Mama\AppData\Local\Temp\tmpE021.exe
C:\Users\Mama\AppData\Local\Temp\tmpF66E.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-01-08 19:04

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by Hans at 2014-11-12 19:24:08
Running from C:\Users\Hans\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-2546554077-3108011590-2457289113-1003\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 33.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{d3e72777-4162-442e-ae45-d285f16c8e68}) (Version:  - Nero AG)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Packard Bell Game Console (x32 Version:  - WildTangent) Hidden
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0825.2010 - Packard Bell )
Packard Bell Software Suite SE (HKLM-x32\...\Packard Bell Software Suite SE) (Version: 2.01.3003 - Packard Bell)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.00.62.00 - Samsung Electronics Co., Ltd.)
Samsung ML-1670 Series (HKLM-x32\...\Samsung ML-1670 Series) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3005 - Packard Bell)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2546554077-3108011590-2457289113-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Hans\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2546554077-3108011590-2457289113-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Hans\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

10-09-2014 16:53:43 Windows Update
11-09-2014 14:41:26 Windows Update
24-09-2014 07:18:41 Windows Update
01-10-2014 08:26:17 Windows Update
28-10-2014 16:43:28 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1D031354-446E-47FB-B33F-CE12D579F097} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {1D48A169-8B09-4167-974A-307B359EB9CE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2546554077-3108011590-2457289113-1003Core => C:\Users\Hans\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-31] (Google Inc.)
Task: {9E72EE0D-B147-4C29-85C9-258456CBAEF7} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] ()
Task: {B04A5953-17CA-4BB0-B572-3E8EF8B00CE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {B95D3472-8ABE-4615-9F5A-2B4D5FFECE15} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2546554077-3108011590-2457289113-1003UA => C:\Users\Hans\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-31] (Google Inc.)
Task: {EF7FEA4C-CD12-4A7D-ACF4-EA7081F96954} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2546554077-3108011590-2457289113-1003Core.job => C:\Users\Hans\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2546554077-3108011590-2457289113-1003UA.job => C:\Users\Hans\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-15 19:33 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-03-06 06:59 - 2011-03-06 06:59 - 00027648 _____ () C:\Windows\System32\ssb7mlm.dll
2011-03-06 06:59 - 2011-03-06 06:59 - 00958976 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssb7mdu.dll
2009-08-11 00:01 - 2009-08-11 00:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-08-11 00:00 - 2009-08-11 00:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-08-11 00:01 - 2009-08-11 00:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2010-12-17 17:13 - 2010-12-17 17:13 - 00438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2010-12-17 17:13 - 2010-12-17 17:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2009-08-11 00:01 - 2009-08-11 00:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2014-11-12 19:19 - 2014-11-12 19:19 - 00050477 _____ () C:\Users\Hans\Desktop\Defogger.exe
2014-11-09 15:22 - 2014-11-09 15:22 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-21 15:51 - 2014-09-21 15:51 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Hans\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Hans\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart

========================= Accounts: ==========================

Administrator (S-1-5-21-2546554077-3108011590-2457289113-500 - Administrator - Disabled)
Gast (S-1-5-21-2546554077-3108011590-2457289113-501 - Limited - Disabled)
Hans (S-1-5-21-2546554077-3108011590-2457289113-1003 - Administrator - Enabled) => C:\Users\Hans
HomeGroupUser$ (S-1-5-21-2546554077-3108011590-2457289113-1002 - Limited - Enabled)
Mama (S-1-5-21-2546554077-3108011590-2457289113-1001 - Administrator - Enabled) => C:\Users\Mama
UpdatusUser (S-1-5-21-2546554077-3108011590-2457289113-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/01/2014 04:41:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm POWERPNT.EXE, Version 14.0.6009.1000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: da4

Startzeit: 01cff5e9b52f6140

Endzeit: 145

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE

Berichts-ID: 80106bc1-61dd-11e4-8a7e-f80f410845d7

Error: (10/28/2014 05:43:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {4263a543-451d-4c61-bb1e-fee7d18cc4da}

Error: (10/07/2014 11:19:21 AM) (Source: MsiInstaller) (EventID: 1024) (User: ARBEO_III)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/01/2014 09:26:18 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {79db84f4-3f39-4f76-b01b-11f4d1344cfc}

Error: (09/24/2014 07:06:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: ARBEO_III)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/24/2014 08:18:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {5bfe297c-e9fb-46ef-9262-05694e33e706}

Error: (09/23/2014 04:51:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17280, Zeitstempel: 0x53f262ac
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 9.18.13.1106, Zeitstempel: 0x50f9458d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001a2519
ID des fehlerhaften Prozesses: 0x758
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/11/2014 03:41:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {49ba15b7-fa64-4afb-8af4-b07b75078875}

Error: (09/10/2014 05:53:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {3efdfe51-c2bf-462b-a53d-31fa250e6060}

Error: (09/07/2014 10:50:07 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={78E08E08-99EA-4853-8A6A-3B9EE1BCB12E}: Der Benutzer "ARBEO_III\Hans" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.


System errors:
=============
Error: (11/12/2014 07:19:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/12/2014 07:19:04 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/12/2014 07:16:56 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ARBEO_III      :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.101
registriert werden. Der Computer mit IP-Adresse 192.168.0.104 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (11/12/2014 07:16:56 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{01A69E6D-C369-43B1-A6F0-B017817DB90F} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (11/12/2014 07:16:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/12/2014 07:16:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (11/12/2014 07:16:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ARBEO_III      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.101
registriert werden. Der Computer mit IP-Adresse 192.168.0.104 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (11/12/2014 07:16:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ARBEO_III      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.101
registriert werden. Der Computer mit IP-Adresse 192.168.0.104 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (11/10/2014 04:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/10/2014 04:39:13 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (11/01/2014 04:41:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: POWERPNT.EXE14.0.6009.1000da401cff5e9b52f6140145C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE80106bc1-61dd-11e4-8a7e-f80f410845d7

Error: (10/28/2014 05:43:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {4263a543-451d-4c61-bb1e-fee7d18cc4da}

Error: (10/07/2014 11:19:21 AM) (Source: MsiInstaller) (EventID: 1024) (User: ARBEO_III)
Description: Adobe Reader XI (11.0.08) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

Error: (10/01/2014 09:26:18 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {79db84f4-3f39-4f76-b01b-11f4d1344cfc}

Error: (09/24/2014 07:06:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: ARBEO_III)
Description: Adobe Reader XI (11.0.08) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

Error: (09/24/2014 08:18:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {5bfe297c-e9fb-46ef-9262-05694e33e706}

Error: (09/23/2014 04:51:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acnvwgf2um.dll9.18.13.110650f9458dc0000005001a251975801cfd746254ed680C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\nvwgf2um.dll8134bf00-4339-11e4-980f-f80f410845d7

Error: (09/11/2014 03:41:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {49ba15b7-fa64-4afb-8af4-b07b75078875}

Error: (09/10/2014 05:53:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2546554077-3108011590-2457289113-1001.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {3efdfe51-c2bf-462b-a53d-31fa250e6060}

Error: (09/07/2014 10:50:07 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {78E08E08-99EA-4853-8A6A-3B9EE1BCB12E}ARBEO_III\HansBreitbandverbindung651


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X2 255 Processor
Percentage of memory in use: 42%
Total physical RAM: 6143.37 MB
Available physical RAM: 3521.45 MB
Total Pagefile: 12284.91 MB
Available Pagefile: 9239.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:456.45 GB) (Free:376.71 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.96 GB) (Free:449.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EE8E4A81)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-12 19:56:21
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000059 WDC_WD10 rev.80.0 931,51GB
Running: c466b6xp.exe; Driver: C:\Users\Hans\AppData\Local\Temp\ugliipow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3212] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   00000000753c1465 2 bytes [3C, 75]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3212] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000753c14bb 2 bytes [3C, 75]
.text  ...                                                                                                                                                    * 2

---- EOF - GMER 2.1 ----
         
Und hier noch das Log vom Virenscanner:

Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 12. November 2014  20:33


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : Hans
Computername   : ARBEO_III

Versionsinformationen:
BUILD.DAT      : 14.0.7.342     92013 Bytes  23.10.2014 14:02:00
AVSCAN.EXE     : 14.0.7.312   1015544 Bytes  06.11.2014 10:09:46
AVSCANRC.DLL   : 14.0.7.308     64304 Bytes  06.11.2014 10:09:46
LUKE.DLL       : 14.0.7.310     60664 Bytes  06.11.2014 10:09:56
AVSCPLR.DLL    : 14.0.7.310     93488 Bytes  06.11.2014 10:09:46
REPAIR.DLL     : 14.0.7.312    366328 Bytes  06.11.2014 10:09:45
REPAIR.RDF     : 1.0.2.30      596694 Bytes  28.10.2014 16:11:03
AVREG.DLL      : 14.0.7.310    264952 Bytes  06.11.2014 10:09:45
AVLODE.DLL     : 14.0.7.312    563448 Bytes  06.11.2014 10:09:45
AVLODE.RDF     : 14.0.4.50      76508 Bytes  12.11.2014 18:21:35
XBV00012.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:47
XBV00013.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:47
XBV00014.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:47
XBV00015.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:47
XBV00016.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:47
XBV00017.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:47
XBV00018.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:47
XBV00019.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:47
XBV00020.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00021.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00022.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00023.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00024.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00025.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00026.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00027.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00028.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00029.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00030.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00031.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00032.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00033.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:48
XBV00034.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:49
XBV00035.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:49
XBV00036.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:49
XBV00037.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:49
XBV00038.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:49
XBV00039.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:49
XBV00040.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:49
XBV00041.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 08:33:49
XBV00054.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00055.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00056.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00057.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00058.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00059.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00060.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00061.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00062.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:37
XBV00063.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00064.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00065.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00066.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00067.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00068.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00069.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00070.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00071.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00072.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00073.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00074.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00075.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00076.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00077.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00078.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00079.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00080.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00081.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00082.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00083.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00084.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00085.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:38
XBV00086.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00087.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00088.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00089.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00090.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00091.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00092.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00093.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00094.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00095.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00096.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00097.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00098.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00099.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00100.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00101.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00102.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00103.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00104.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00105.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00106.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00107.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:39
XBV00108.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00109.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00110.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00111.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00112.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00113.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00114.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00115.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00116.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00117.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00118.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00119.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00120.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00121.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00122.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00123.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00124.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00125.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00126.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00127.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00128.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00129.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00130.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00131.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00132.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00133.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00134.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00135.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00136.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00137.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00138.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:40
XBV00139.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00140.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00141.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00142.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00143.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00144.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00145.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00146.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00147.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00148.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00149.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00150.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00151.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00152.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00153.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00154.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00155.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00156.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00157.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00158.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00159.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00160.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00161.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00162.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00163.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00164.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00165.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00166.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:41
XBV00167.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00168.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00169.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00170.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00171.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00172.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00173.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00174.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00175.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00176.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00177.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00178.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00179.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00180.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00181.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00182.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00183.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00184.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00185.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00186.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00187.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00188.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00189.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00190.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00191.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00192.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00193.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00194.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00195.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:42
XBV00196.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00197.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00198.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00199.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00200.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00201.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00202.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00203.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00204.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00205.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00206.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00207.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00208.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00209.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00210.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00211.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00212.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00213.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00214.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00215.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00216.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00217.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00218.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00219.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00220.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:43
XBV00221.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00222.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00223.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00224.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00225.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00226.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00227.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00228.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00229.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00230.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00231.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00232.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00233.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00234.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00235.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00236.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00237.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00238.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00239.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00240.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00241.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00242.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00243.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00244.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:44
XBV00245.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00246.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00247.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00248.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00249.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00250.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00251.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00252.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00253.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00254.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00255.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 18:21:45
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 14:17:07
XBV00001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 08:39:02
XBV00002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 11:21:34
XBV00003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 19:47:13
XBV00004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 20:44:33
XBV00005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 18:12:39
XBV00006.VDF   : 7.11.139.38 15708672 Bytes  27.03.2014 18:32:45
XBV00007.VDF   : 7.11.152.100  4193792 Bytes  02.06.2014 16:47:55
XBV00008.VDF   : 8.11.165.192  4251136 Bytes  07.08.2014 08:33:47
XBV00009.VDF   : 8.11.172.30  2094080 Bytes  15.09.2014 16:06:13
XBV00010.VDF   : 8.11.178.32  1581056 Bytes  14.10.2014 16:10:30
XBV00011.VDF   : 8.11.184.50  2178560 Bytes  11.11.2014 18:21:36
XBV00042.VDF   : 8.11.184.74     2048 Bytes  11.11.2014 18:21:37
XBV00043.VDF   : 8.11.184.98    37376 Bytes  11.11.2014 18:21:37
XBV00044.VDF   : 8.11.184.124    20992 Bytes  11.11.2014 18:21:37
XBV00045.VDF   : 8.11.184.126     2048 Bytes  11.11.2014 18:21:37
XBV00046.VDF   : 8.11.184.152    17920 Bytes  11.11.2014 18:21:37
XBV00047.VDF   : 8.11.184.154    12288 Bytes  11.11.2014 18:21:37
XBV00048.VDF   : 8.11.184.156     5632 Bytes  12.11.2014 18:21:37
XBV00049.VDF   : 8.11.184.160     6656 Bytes  12.11.2014 18:21:37
XBV00050.VDF   : 8.11.184.182     8704 Bytes  12.11.2014 18:21:37
XBV00051.VDF   : 8.11.184.202     6144 Bytes  12.11.2014 18:21:37
XBV00052.VDF   : 8.11.184.204    10752 Bytes  12.11.2014 18:21:37
XBV00053.VDF   : 8.11.184.224    28160 Bytes  12.11.2014 18:21:37
LOCAL000.VDF   : 8.11.184.224 113920000 Bytes  12.11.2014 18:22:02
Engineversion  : 8.3.26.8  
AEVDF.DLL      : 8.3.1.6       133992 Bytes  20.08.2014 16:58:07
AESCRIPT.DLL   : 8.2.2.12      527216 Bytes  07.11.2014 18:25:02
AESCN.DLL      : 8.3.2.2       139456 Bytes  22.07.2014 09:22:13
AESBX.DLL      : 8.2.20.24    1409224 Bytes  08.05.2014 16:27:25
AERDL.DLL      : 8.2.1.16      743328 Bytes  30.10.2014 15:32:19
AEPACK.DLL     : 8.4.0.54      788392 Bytes  24.09.2014 17:54:15
AEOFFICE.DLL   : 8.3.0.38      224112 Bytes  31.10.2014 10:50:30
AEHEUR.DLL     : 8.1.4.1384   7759784 Bytes  07.11.2014 18:25:01
AEHELP.DLL     : 8.3.1.0       278728 Bytes  28.05.2014 19:38:42
AEGEN.DLL      : 8.1.7.34      453480 Bytes  07.11.2014 18:25:00
AEEXP.DLL      : 8.4.2.32      247712 Bytes  03.09.2014 05:48:29
AEEMU.DLL      : 8.1.3.4       399264 Bytes  08.08.2014 08:32:52
AEDROID.DLL    : 8.4.2.24      442568 Bytes  05.06.2014 10:21:13
AECORE.DLL     : 8.3.2.6       243712 Bytes  08.08.2014 08:32:52
AEBB.DLL       : 8.1.2.0        60448 Bytes  08.08.2014 08:32:51
AVWINLL.DLL    : 14.0.7.308     25904 Bytes  06.11.2014 10:09:43
AVPREF.DLL     : 14.0.7.308     52016 Bytes  06.11.2014 10:09:45
AVREP.DLL      : 14.0.7.308    220976 Bytes  06.11.2014 10:09:45
AVARKT.DLL     : 14.0.7.308    227632 Bytes  06.11.2014 10:09:43
AVEVTLOG.DLL   : 14.0.7.310    184112 Bytes  06.11.2014 10:09:44
SQLITE3.DLL    : 14.0.7.308    453936 Bytes  06.11.2014 10:09:58
AVSMTP.DLL     : 14.0.7.308     79096 Bytes  06.11.2014 10:09:46
NETNT.DLL      : 14.0.7.308     15152 Bytes  06.11.2014 10:09:56
RCIMAGE.DLL    : 14.0.7.308   4865328 Bytes  06.11.2014 10:09:43
RCTEXT.DLL     : 14.0.7.318     77048 Bytes  06.11.2014 10:09:43

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, Q:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +PFS,+SPR,

Beginn des Suchlaufs: Mittwoch, 12. November 2014  20:33

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:, Q:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '140' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '133' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'nSvcAppFlt.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'Garmin.Cartography.MapUpdate.CoreService.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'GREGsvc.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'nSvcIp.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '152' Modul(e) wurden durchsucht
Durchsuche Prozess 'CDASrv.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '131' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '144' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1272' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <Packard Bell>
Beginne mit der Suche in 'D:\' <DATA>
Beginne mit der Suche in 'Q:\'
Der zu durchsuchende Pfad Q:\ konnte nicht geöffnet werden!
Systemfehler [5]: Zugriff verweigert


Ende des Suchlaufs: Donnerstag, 13. November 2014  00:20
Benötigte Zeit:  3:47:06 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  38852 Verzeichnisse wurden überprüft
 647521 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 647521 Dateien ohne Befall
  19088 Archive wurden durchsucht
      0 Warnungen
      0 Hinweise
 960380 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         
Ich bdeanke mich jetzt schon für eure Hilfe.

Alt 14.11.2014, 17:04   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Fake-Rechnung: Anhang geöffnet - Standard

Telekom Fake-Rechnung: Anhang geöffnet



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 15.11.2014, 10:58   #3
hans12345
 
Telekom Fake-Rechnung: Anhang geöffnet - Standard

Telekom Fake-Rechnung: Anhang geöffnet



Hi schrauber,

vielen Dank für deine Hilfe. Hier ist das Log:

Code:
ATTFilter
10:56:43.0959 0x035c  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
10:56:48.0819 0x035c  ============================================================
10:56:48.0819 0x035c  Current date / time: 2014/11/15 10:56:48.0819
10:56:48.0819 0x035c  SystemInfo:
10:56:48.0819 0x035c  
10:56:48.0819 0x035c  OS Version: 6.1.7601 ServicePack: 1.0
10:56:48.0819 0x035c  Product type: Workstation
10:56:48.0820 0x035c  ComputerName: ARBEO_III
10:56:48.0820 0x035c  UserName: Hans
10:56:48.0820 0x035c  Windows directory: C:\Windows
10:56:48.0820 0x035c  System windows directory: C:\Windows
10:56:48.0820 0x035c  Running under WOW64
10:56:48.0820 0x035c  Processor architecture: Intel x64
10:56:48.0820 0x035c  Number of processors: 2
10:56:48.0820 0x035c  Page size: 0x1000
10:56:48.0820 0x035c  Boot type: Normal boot
10:56:48.0820 0x035c  ============================================================
10:56:50.0815 0x035c  KLMD registered as C:\Windows\system32\drivers\98765694.sys
10:56:51.0136 0x035c  System UUID: {EFE9C9C5-925C-EFA6-8789-C2A72A8DF626}
10:56:51.0663 0x035c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:56:51.0676 0x035c  ============================================================
10:56:51.0676 0x035c  \Device\Harddisk0\DR0:
10:56:51.0677 0x035c  MBR partitions:
10:56:51.0677 0x035c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
10:56:51.0677 0x035c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x390E7000
10:56:51.0677 0x035c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B519800, BlocksNum 0x391EC800
10:56:51.0677 0x035c  ============================================================
10:56:51.0700 0x035c  C: <-> \Device\Harddisk0\DR0\Partition2
10:56:51.0720 0x035c  D: <-> \Device\Harddisk0\DR0\Partition3
10:56:51.0720 0x035c  ============================================================
10:56:51.0720 0x035c  Initialize success
10:56:51.0720 0x035c  ============================================================
10:57:37.0749 0x0ffc  ============================================================
10:57:37.0749 0x0ffc  Scan started
10:57:37.0749 0x0ffc  Mode: Manual; SigCheck; TDLFS; 
10:57:37.0749 0x0ffc  ============================================================
10:57:37.0749 0x0ffc  KSN ping started
10:57:40.0526 0x0ffc  KSN ping finished: true
10:57:41.0649 0x0ffc  ================ Scan system memory ========================
10:57:41.0649 0x0ffc  System memory - ok
10:57:41.0649 0x0ffc  ================ Scan services =============================
10:57:41.0899 0x0ffc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:57:41.0977 0x0ffc  1394ohci - ok
10:57:42.0008 0x0ffc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:57:42.0023 0x0ffc  ACPI - ok
10:57:42.0039 0x0ffc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:57:42.0070 0x0ffc  AcpiPmi - ok
10:57:42.0148 0x0ffc  [ 34400005DE52842C4D6D4EE978B4D7CE, E7C3121812284B9FE6A12910C67C98354BAF5DB74865A5B4E0C2E64852BDB50A ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
10:57:42.0164 0x0ffc  AdobeActiveFileMonitor8.0 - ok
10:57:42.0226 0x0ffc  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:57:42.0242 0x0ffc  AdobeARMservice - ok
10:57:42.0320 0x0ffc  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:57:42.0351 0x0ffc  AdobeFlashPlayerUpdateSvc - ok
10:57:42.0382 0x0ffc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:57:42.0413 0x0ffc  adp94xx - ok
10:57:42.0429 0x0ffc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:57:42.0445 0x0ffc  adpahci - ok
10:57:42.0460 0x0ffc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:57:42.0476 0x0ffc  adpu320 - ok
10:57:42.0507 0x0ffc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:57:42.0554 0x0ffc  AeLookupSvc - ok
10:57:42.0601 0x0ffc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:57:42.0632 0x0ffc  AFD - ok
10:57:42.0647 0x0ffc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:57:42.0663 0x0ffc  agp440 - ok
10:57:42.0679 0x0ffc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:57:42.0710 0x0ffc  ALG - ok
10:57:42.0757 0x0ffc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:57:42.0772 0x0ffc  aliide - ok
10:57:42.0803 0x0ffc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:57:42.0819 0x0ffc  amdide - ok
10:57:42.0835 0x0ffc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:57:42.0881 0x0ffc  AmdK8 - ok
10:57:42.0913 0x0ffc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:57:42.0944 0x0ffc  AmdPPM - ok
10:57:42.0975 0x0ffc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:57:42.0991 0x0ffc  amdsata - ok
10:57:43.0006 0x0ffc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:57:43.0022 0x0ffc  amdsbs - ok
10:57:43.0037 0x0ffc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:57:43.0037 0x0ffc  amdxata - ok
10:57:43.0131 0x0ffc  [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:57:43.0147 0x0ffc  AntiVirSchedulerService - ok
10:57:43.0193 0x0ffc  [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:57:43.0209 0x0ffc  AntiVirService - ok
10:57:43.0240 0x0ffc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:57:43.0287 0x0ffc  AppID - ok
10:57:43.0287 0x0ffc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:57:43.0349 0x0ffc  AppIDSvc - ok
10:57:43.0365 0x0ffc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:57:43.0396 0x0ffc  Appinfo - ok
10:57:43.0412 0x0ffc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:57:43.0427 0x0ffc  arc - ok
10:57:43.0443 0x0ffc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:57:43.0459 0x0ffc  arcsas - ok
10:57:43.0537 0x0ffc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:57:43.0568 0x0ffc  aspnet_state - ok
10:57:43.0583 0x0ffc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:57:43.0630 0x0ffc  AsyncMac - ok
10:57:43.0646 0x0ffc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:57:43.0661 0x0ffc  atapi - ok
10:57:43.0708 0x0ffc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:57:43.0755 0x0ffc  AudioEndpointBuilder - ok
10:57:43.0786 0x0ffc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:57:43.0817 0x0ffc  AudioSrv - ok
10:57:43.0849 0x0ffc  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:57:43.0864 0x0ffc  avgntflt - ok
10:57:43.0911 0x0ffc  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:57:43.0911 0x0ffc  avipbb - ok
10:57:43.0958 0x0ffc  [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
10:57:43.0973 0x0ffc  Avira.OE.ServiceHost - ok
10:57:43.0989 0x0ffc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:57:44.0005 0x0ffc  avkmgr - ok
10:57:44.0036 0x0ffc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:57:44.0067 0x0ffc  AxInstSV - ok
10:57:44.0098 0x0ffc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:57:44.0145 0x0ffc  b06bdrv - ok
10:57:44.0161 0x0ffc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:57:44.0176 0x0ffc  b57nd60a - ok
10:57:44.0192 0x0ffc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:57:44.0223 0x0ffc  BDESVC - ok
10:57:44.0254 0x0ffc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:57:44.0285 0x0ffc  Beep - ok
10:57:44.0332 0x0ffc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:57:44.0363 0x0ffc  BFE - ok
10:57:44.0410 0x0ffc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:57:44.0457 0x0ffc  BITS - ok
10:57:44.0473 0x0ffc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:57:44.0519 0x0ffc  blbdrive - ok
10:57:44.0551 0x0ffc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:57:44.0566 0x0ffc  bowser - ok
10:57:44.0566 0x0ffc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:57:44.0613 0x0ffc  BrFiltLo - ok
10:57:44.0613 0x0ffc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:57:44.0629 0x0ffc  BrFiltUp - ok
10:57:44.0644 0x0ffc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:57:44.0675 0x0ffc  Browser - ok
10:57:44.0691 0x0ffc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:57:44.0753 0x0ffc  Brserid - ok
10:57:44.0753 0x0ffc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:57:44.0769 0x0ffc  BrSerWdm - ok
10:57:44.0785 0x0ffc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:57:44.0800 0x0ffc  BrUsbMdm - ok
10:57:44.0800 0x0ffc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:57:44.0831 0x0ffc  BrUsbSer - ok
10:57:44.0831 0x0ffc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:57:44.0863 0x0ffc  BTHMODEM - ok
10:57:44.0878 0x0ffc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:57:44.0925 0x0ffc  bthserv - ok
10:57:44.0925 0x0ffc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:57:44.0972 0x0ffc  cdfs - ok
10:57:44.0987 0x0ffc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:57:45.0003 0x0ffc  cdrom - ok
10:57:45.0034 0x0ffc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:57:45.0050 0x0ffc  CertPropSvc - ok
10:57:45.0065 0x0ffc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:57:45.0081 0x0ffc  circlass - ok
10:57:45.0112 0x0ffc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:57:45.0128 0x0ffc  CLFS - ok
10:57:45.0175 0x0ffc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:57:45.0206 0x0ffc  clr_optimization_v2.0.50727_32 - ok
10:57:45.0221 0x0ffc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:57:45.0237 0x0ffc  clr_optimization_v2.0.50727_64 - ok
10:57:45.0315 0x0ffc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:57:45.0331 0x0ffc  clr_optimization_v4.0.30319_32 - ok
10:57:45.0346 0x0ffc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:57:45.0362 0x0ffc  clr_optimization_v4.0.30319_64 - ok
10:57:45.0377 0x0ffc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:57:45.0377 0x0ffc  CmBatt - ok
10:57:45.0409 0x0ffc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:57:45.0424 0x0ffc  cmdide - ok
10:57:45.0455 0x0ffc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:57:45.0487 0x0ffc  CNG - ok
10:57:45.0487 0x0ffc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:57:45.0502 0x0ffc  Compbatt - ok
10:57:45.0518 0x0ffc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:57:45.0549 0x0ffc  CompositeBus - ok
10:57:45.0565 0x0ffc  COMSysApp - ok
10:57:45.0565 0x0ffc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:57:45.0580 0x0ffc  crcdisk - ok
10:57:45.0611 0x0ffc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:57:45.0643 0x0ffc  CryptSvc - ok
10:57:45.0752 0x0ffc  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:57:45.0767 0x0ffc  cvhsvc - ok
10:57:45.0814 0x0ffc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:57:45.0861 0x0ffc  DcomLaunch - ok
10:57:45.0892 0x0ffc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:57:45.0939 0x0ffc  defragsvc - ok
10:57:45.0955 0x0ffc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:57:46.0001 0x0ffc  DfsC - ok
10:57:46.0033 0x0ffc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:57:46.0079 0x0ffc  Dhcp - ok
10:57:46.0095 0x0ffc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:57:46.0126 0x0ffc  discache - ok
10:57:46.0142 0x0ffc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:57:46.0157 0x0ffc  Disk - ok
10:57:46.0173 0x0ffc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:57:46.0204 0x0ffc  Dnscache - ok
10:57:46.0235 0x0ffc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:57:46.0267 0x0ffc  dot3svc - ok
10:57:46.0298 0x0ffc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:57:46.0345 0x0ffc  DPS - ok
10:57:46.0376 0x0ffc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:57:46.0391 0x0ffc  drmkaud - ok
10:57:46.0454 0x0ffc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:57:46.0485 0x0ffc  DXGKrnl - ok
10:57:46.0516 0x0ffc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:57:46.0547 0x0ffc  EapHost - ok
10:57:46.0641 0x0ffc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:57:46.0813 0x0ffc  ebdrv - ok
10:57:46.0859 0x0ffc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:57:46.0891 0x0ffc  EFS - ok
10:57:46.0969 0x0ffc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:57:47.0015 0x0ffc  ehRecvr - ok
10:57:47.0062 0x0ffc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:57:47.0093 0x0ffc  ehSched - ok
10:57:47.0140 0x0ffc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:57:47.0156 0x0ffc  elxstor - ok
10:57:47.0203 0x0ffc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:57:47.0218 0x0ffc  ErrDev - ok
10:57:47.0249 0x0ffc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:57:47.0359 0x0ffc  EventSystem - ok
10:57:47.0421 0x0ffc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:57:47.0546 0x0ffc  exfat - ok
10:57:47.0546 0x0ffc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:57:47.0608 0x0ffc  fastfat - ok
10:57:47.0655 0x0ffc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:57:47.0702 0x0ffc  Fax - ok
10:57:47.0702 0x0ffc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:57:47.0733 0x0ffc  fdc - ok
10:57:47.0733 0x0ffc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:57:47.0764 0x0ffc  fdPHost - ok
10:57:47.0764 0x0ffc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:57:47.0811 0x0ffc  FDResPub - ok
10:57:47.0842 0x0ffc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:57:47.0858 0x0ffc  FileInfo - ok
10:57:47.0873 0x0ffc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:57:47.0905 0x0ffc  Filetrace - ok
10:57:47.0951 0x0ffc  [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:57:48.0014 0x0ffc  FLEXnet Licensing Service - ok
10:57:48.0014 0x0ffc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:57:48.0029 0x0ffc  flpydisk - ok
10:57:48.0061 0x0ffc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:57:48.0092 0x0ffc  FltMgr - ok
10:57:48.0139 0x0ffc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:57:48.0201 0x0ffc  FontCache - ok
10:57:48.0232 0x0ffc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:57:48.0248 0x0ffc  FontCache3.0.0.0 - ok
10:57:48.0326 0x0ffc  [ 52B58A46BEEFB238C580B69FD051CB5B, 6C3B92F953DD55619BD6F0876850A441CAF7774EB873196F567F6A1C0D8CF182 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
10:57:48.0357 0x0ffc  ForceWare Intelligent Application Manager (IAM) - ok
10:57:48.0373 0x0ffc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:57:48.0388 0x0ffc  FsDepends - ok
10:57:48.0404 0x0ffc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:57:48.0419 0x0ffc  Fs_Rec - ok
10:57:48.0466 0x0ffc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:57:48.0482 0x0ffc  fvevol - ok
10:57:48.0482 0x0ffc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:57:48.0497 0x0ffc  gagp30kx - ok
10:57:48.0544 0x0ffc  [ CE16683CFD11FE70BDE435DDA5EA1FCA, 43D850361F2B5C9389F7FABC3C62BD1517349C03834F436579DD01CFD09919F4 ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
10:57:48.0575 0x0ffc  GameConsoleService - ok
10:57:48.0653 0x0ffc  [ 0215DAF58C80D7EBE6084E5065717C3D, 5AED70D789FEB9EB3DBB4BC3284D8ECFD5BF96A57AF66FD527A5A0D3777D6216 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
10:57:48.0685 0x0ffc  Garmin Core Update Service - ok
10:57:48.0716 0x0ffc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:57:48.0778 0x0ffc  gpsvc - ok
10:57:48.0841 0x0ffc  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
10:57:48.0841 0x0ffc  GREGService - ok
10:57:48.0903 0x0ffc  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:57:48.0919 0x0ffc  gupdate - ok
10:57:48.0934 0x0ffc  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:57:48.0934 0x0ffc  gupdatem - ok
10:57:48.0965 0x0ffc  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:57:48.0997 0x0ffc  gusvc - ok
10:57:49.0012 0x0ffc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:57:49.0043 0x0ffc  hcw85cir - ok
10:57:49.0090 0x0ffc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:57:49.0121 0x0ffc  HdAudAddService - ok
10:57:49.0153 0x0ffc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:57:49.0168 0x0ffc  HDAudBus - ok
10:57:49.0184 0x0ffc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:57:49.0199 0x0ffc  HidBatt - ok
10:57:49.0215 0x0ffc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:57:49.0231 0x0ffc  HidBth - ok
10:57:49.0246 0x0ffc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:57:49.0262 0x0ffc  HidIr - ok
10:57:49.0277 0x0ffc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:57:49.0324 0x0ffc  hidserv - ok
10:57:49.0340 0x0ffc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:57:49.0355 0x0ffc  HidUsb - ok
10:57:49.0371 0x0ffc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:57:49.0402 0x0ffc  hkmsvc - ok
10:57:49.0433 0x0ffc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:57:49.0465 0x0ffc  HomeGroupListener - ok
10:57:49.0496 0x0ffc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:57:49.0527 0x0ffc  HomeGroupProvider - ok
10:57:49.0558 0x0ffc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:57:49.0574 0x0ffc  HpSAMD - ok
10:57:49.0621 0x0ffc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:57:49.0683 0x0ffc  HTTP - ok
10:57:49.0730 0x0ffc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:57:49.0730 0x0ffc  hwpolicy - ok
10:57:49.0761 0x0ffc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:57:49.0777 0x0ffc  i8042prt - ok
10:57:49.0823 0x0ffc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:57:49.0839 0x0ffc  iaStorV - ok
10:57:49.0933 0x0ffc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:57:49.0979 0x0ffc  idsvc - ok
10:57:49.0995 0x0ffc  IEEtwCollectorService - ok
10:57:50.0011 0x0ffc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:57:50.0026 0x0ffc  iirsp - ok
10:57:50.0073 0x0ffc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:57:50.0104 0x0ffc  IKEEXT - ok
10:57:50.0120 0x0ffc  IntcAzAudAddService - ok
10:57:50.0135 0x0ffc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:57:50.0151 0x0ffc  intelide - ok
10:57:50.0167 0x0ffc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:57:50.0198 0x0ffc  intelppm - ok
10:57:50.0213 0x0ffc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:57:50.0260 0x0ffc  IPBusEnum - ok
10:57:50.0276 0x0ffc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:57:50.0323 0x0ffc  IpFilterDriver - ok
10:57:50.0354 0x0ffc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:57:50.0401 0x0ffc  iphlpsvc - ok
10:57:50.0416 0x0ffc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:57:50.0447 0x0ffc  IPMIDRV - ok
10:57:50.0463 0x0ffc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:57:50.0494 0x0ffc  IPNAT - ok
10:57:50.0525 0x0ffc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:57:50.0557 0x0ffc  IRENUM - ok
10:57:50.0572 0x0ffc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:57:50.0588 0x0ffc  isapnp - ok
10:57:50.0619 0x0ffc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:57:50.0635 0x0ffc  iScsiPrt - ok
10:57:50.0650 0x0ffc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:57:50.0666 0x0ffc  kbdclass - ok
10:57:50.0681 0x0ffc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:57:50.0697 0x0ffc  kbdhid - ok
10:57:50.0713 0x0ffc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:57:50.0728 0x0ffc  KeyIso - ok
10:57:50.0759 0x0ffc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:57:50.0759 0x0ffc  KSecDD - ok
10:57:50.0806 0x0ffc  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:57:50.0806 0x0ffc  KSecPkg - ok
10:57:50.0822 0x0ffc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:57:50.0869 0x0ffc  ksthunk - ok
10:57:50.0900 0x0ffc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:57:50.0978 0x0ffc  KtmRm - ok
10:57:50.0993 0x0ffc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:57:51.0040 0x0ffc  LanmanServer - ok
10:57:51.0056 0x0ffc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:57:51.0087 0x0ffc  LanmanWorkstation - ok
10:57:51.0118 0x0ffc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:57:51.0165 0x0ffc  lltdio - ok
10:57:51.0196 0x0ffc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:57:51.0243 0x0ffc  lltdsvc - ok
10:57:51.0259 0x0ffc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:57:51.0290 0x0ffc  lmhosts - ok
10:57:51.0305 0x0ffc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:57:51.0321 0x0ffc  LSI_FC - ok
10:57:51.0321 0x0ffc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:57:51.0337 0x0ffc  LSI_SAS - ok
10:57:51.0352 0x0ffc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:57:51.0368 0x0ffc  LSI_SAS2 - ok
10:57:51.0368 0x0ffc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:57:51.0383 0x0ffc  LSI_SCSI - ok
10:57:51.0383 0x0ffc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:57:51.0446 0x0ffc  luafv - ok
10:57:51.0477 0x0ffc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:57:51.0508 0x0ffc  Mcx2Svc - ok
10:57:51.0524 0x0ffc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:57:51.0539 0x0ffc  megasas - ok
10:57:51.0539 0x0ffc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:57:51.0571 0x0ffc  MegaSR - ok
10:57:51.0586 0x0ffc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:57:51.0617 0x0ffc  MMCSS - ok
10:57:51.0617 0x0ffc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:57:51.0649 0x0ffc  Modem - ok
10:57:51.0664 0x0ffc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:57:51.0680 0x0ffc  monitor - ok
10:57:51.0695 0x0ffc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:57:51.0711 0x0ffc  mouclass - ok
10:57:51.0727 0x0ffc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:57:51.0742 0x0ffc  mouhid - ok
10:57:51.0773 0x0ffc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:57:51.0789 0x0ffc  mountmgr - ok
10:57:51.0836 0x0ffc  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:57:51.0851 0x0ffc  MozillaMaintenance - ok
10:57:51.0867 0x0ffc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:57:51.0883 0x0ffc  mpio - ok
10:57:51.0898 0x0ffc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:57:51.0929 0x0ffc  mpsdrv - ok
10:57:51.0976 0x0ffc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:57:52.0023 0x0ffc  MpsSvc - ok
10:57:52.0054 0x0ffc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:57:52.0085 0x0ffc  MRxDAV - ok
10:57:52.0132 0x0ffc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:57:52.0163 0x0ffc  mrxsmb - ok
10:57:52.0179 0x0ffc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:57:52.0226 0x0ffc  mrxsmb10 - ok
10:57:52.0257 0x0ffc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:57:52.0273 0x0ffc  mrxsmb20 - ok
10:57:52.0319 0x0ffc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:57:52.0319 0x0ffc  msahci - ok
10:57:52.0351 0x0ffc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:57:52.0382 0x0ffc  msdsm - ok
10:57:52.0397 0x0ffc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:57:52.0413 0x0ffc  MSDTC - ok
10:57:52.0429 0x0ffc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:57:52.0460 0x0ffc  Msfs - ok
10:57:52.0475 0x0ffc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:57:52.0522 0x0ffc  mshidkmdf - ok
10:57:52.0538 0x0ffc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:57:52.0553 0x0ffc  msisadrv - ok
10:57:52.0569 0x0ffc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:57:52.0631 0x0ffc  MSiSCSI - ok
10:57:52.0631 0x0ffc  msiserver - ok
10:57:52.0663 0x0ffc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:57:52.0694 0x0ffc  MSKSSRV - ok
10:57:52.0709 0x0ffc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:57:52.0741 0x0ffc  MSPCLOCK - ok
10:57:52.0756 0x0ffc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:57:52.0787 0x0ffc  MSPQM - ok
10:57:52.0819 0x0ffc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:57:52.0850 0x0ffc  MsRPC - ok
10:57:52.0865 0x0ffc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:57:52.0865 0x0ffc  mssmbios - ok
10:57:52.0881 0x0ffc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:57:52.0912 0x0ffc  MSTEE - ok
10:57:52.0912 0x0ffc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:57:52.0928 0x0ffc  MTConfig - ok
10:57:52.0943 0x0ffc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:57:52.0959 0x0ffc  Mup - ok
10:57:52.0990 0x0ffc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:57:53.0053 0x0ffc  napagent - ok
10:57:53.0084 0x0ffc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:57:53.0099 0x0ffc  NativeWifiP - ok
10:57:53.0162 0x0ffc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:57:53.0193 0x0ffc  NDIS - ok
10:57:53.0209 0x0ffc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:57:53.0255 0x0ffc  NdisCap - ok
10:57:53.0271 0x0ffc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:57:53.0318 0x0ffc  NdisTapi - ok
10:57:53.0349 0x0ffc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:57:53.0380 0x0ffc  Ndisuio - ok
10:57:53.0411 0x0ffc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:57:53.0458 0x0ffc  NdisWan - ok
10:57:53.0489 0x0ffc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:57:53.0521 0x0ffc  NDProxy - ok
10:57:53.0599 0x0ffc  [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
10:57:53.0645 0x0ffc  Nero BackItUp Scheduler 4.0 - ok
10:57:53.0661 0x0ffc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:57:53.0708 0x0ffc  NetBIOS - ok
10:57:53.0723 0x0ffc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:57:53.0770 0x0ffc  NetBT - ok
10:57:53.0770 0x0ffc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:57:53.0786 0x0ffc  Netlogon - ok
10:57:53.0817 0x0ffc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:57:53.0864 0x0ffc  Netman - ok
10:57:53.0926 0x0ffc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:57:53.0942 0x0ffc  NetMsmqActivator - ok
10:57:53.0942 0x0ffc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:57:53.0957 0x0ffc  NetPipeActivator - ok
10:57:53.0973 0x0ffc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:57:54.0004 0x0ffc  netprofm - ok
10:57:54.0051 0x0ffc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:57:54.0067 0x0ffc  NetTcpActivator - ok
10:57:54.0067 0x0ffc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:57:54.0082 0x0ffc  NetTcpPortSharing - ok
10:57:54.0113 0x0ffc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:57:54.0113 0x0ffc  nfrd960 - ok
10:57:54.0145 0x0ffc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:57:54.0191 0x0ffc  NlaSvc - ok
10:57:54.0207 0x0ffc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:57:54.0238 0x0ffc  Npfs - ok
10:57:54.0254 0x0ffc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:57:54.0269 0x0ffc  nsi - ok
10:57:54.0285 0x0ffc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:57:54.0332 0x0ffc  nsiproxy - ok
10:57:54.0363 0x0ffc  [ 20E179A7FE78B37A02D30C4D34C870E7, 3E720CD52749E2F86897A89A2B7D3DE4C14255638111DB644C8F2C15174A6A2A ] nSvcIp          C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
10:57:54.0379 0x0ffc  nSvcIp - ok
10:57:54.0457 0x0ffc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:57:54.0566 0x0ffc  Ntfs - ok
10:57:54.0566 0x0ffc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:57:54.0613 0x0ffc  Null - ok
10:57:54.0644 0x0ffc  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
10:57:54.0691 0x0ffc  NVENETFD - ok
10:57:54.0706 0x0ffc  NVHDA - ok
10:57:55.0018 0x0ffc  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:57:55.0252 0x0ffc  nvlddmkm - ok
10:57:55.0299 0x0ffc  [ 909EEDCBD365BB81027D8E742E6B3416, 6C346C7B0E26A12BB0F56918E5324BC8C1024FEEE5952BFEB02DB2BC47182B61 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
10:57:55.0330 0x0ffc  NVNET - ok
10:57:55.0361 0x0ffc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:57:55.0377 0x0ffc  nvraid - ok
10:57:55.0408 0x0ffc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:57:55.0424 0x0ffc  nvstor - ok
10:57:55.0471 0x0ffc  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] NVSvc           C:\Windows\system32\nvvsvc.exe
10:57:55.0502 0x0ffc  NVSvc - ok
10:57:55.0580 0x0ffc  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:57:55.0627 0x0ffc  nvUpdatusService - ok
10:57:55.0658 0x0ffc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:57:55.0673 0x0ffc  nv_agp - ok
10:57:55.0705 0x0ffc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:57:55.0720 0x0ffc  ohci1394 - ok
10:57:55.0736 0x0ffc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:57:55.0751 0x0ffc  ose - ok
10:57:55.0907 0x0ffc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:57:56.0063 0x0ffc  osppsvc - ok
10:57:56.0079 0x0ffc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:57:56.0110 0x0ffc  p2pimsvc - ok
10:57:56.0126 0x0ffc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:57:56.0157 0x0ffc  p2psvc - ok
10:57:56.0157 0x0ffc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:57:56.0173 0x0ffc  Parport - ok
10:57:56.0204 0x0ffc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:57:56.0219 0x0ffc  partmgr - ok
10:57:56.0219 0x0ffc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:57:56.0251 0x0ffc  PcaSvc - ok
10:57:56.0282 0x0ffc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:57:56.0282 0x0ffc  pci - ok
10:57:56.0297 0x0ffc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:57:56.0313 0x0ffc  pciide - ok
10:57:56.0329 0x0ffc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:57:56.0360 0x0ffc  pcmcia - ok
10:57:56.0360 0x0ffc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:57:56.0375 0x0ffc  pcw - ok
10:57:56.0391 0x0ffc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:57:56.0453 0x0ffc  PEAUTH - ok
10:57:56.0516 0x0ffc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:57:56.0547 0x0ffc  PerfHost - ok
10:57:56.0609 0x0ffc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:57:56.0719 0x0ffc  pla - ok
10:57:56.0781 0x0ffc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:57:56.0812 0x0ffc  PlugPlay - ok
10:57:56.0828 0x0ffc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:57:56.0843 0x0ffc  PNRPAutoReg - ok
10:57:56.0859 0x0ffc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:57:56.0875 0x0ffc  PNRPsvc - ok
10:57:56.0906 0x0ffc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:57:56.0937 0x0ffc  PolicyAgent - ok
10:57:56.0953 0x0ffc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:57:56.0999 0x0ffc  Power - ok
10:57:57.0031 0x0ffc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:57:57.0062 0x0ffc  PptpMiniport - ok
10:57:57.0077 0x0ffc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:57:57.0109 0x0ffc  Processor - ok
10:57:57.0124 0x0ffc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:57:57.0155 0x0ffc  ProfSvc - ok
10:57:57.0171 0x0ffc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:57:57.0187 0x0ffc  ProtectedStorage - ok
10:57:57.0218 0x0ffc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:57:57.0233 0x0ffc  Psched - ok
10:57:57.0265 0x0ffc  [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
10:57:57.0265 0x0ffc  PxHlpa64 - ok
10:57:57.0311 0x0ffc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:57:57.0389 0x0ffc  ql2300 - ok
10:57:57.0405 0x0ffc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:57:57.0421 0x0ffc  ql40xx - ok
10:57:57.0436 0x0ffc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:57:57.0483 0x0ffc  QWAVE - ok
10:57:57.0499 0x0ffc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:57:57.0530 0x0ffc  QWAVEdrv - ok
10:57:57.0530 0x0ffc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:57:57.0561 0x0ffc  RasAcd - ok
10:57:57.0577 0x0ffc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:57:57.0639 0x0ffc  RasAgileVpn - ok
10:57:57.0639 0x0ffc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:57:57.0701 0x0ffc  RasAuto - ok
10:57:57.0733 0x0ffc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:57:57.0779 0x0ffc  Rasl2tp - ok
10:57:57.0811 0x0ffc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:57:57.0857 0x0ffc  RasMan - ok
10:57:57.0873 0x0ffc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:57:57.0904 0x0ffc  RasPppoe - ok
10:57:57.0920 0x0ffc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:57:57.0967 0x0ffc  RasSstp - ok
10:57:57.0998 0x0ffc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:57:58.0045 0x0ffc  rdbss - ok
10:57:58.0045 0x0ffc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:57:58.0060 0x0ffc  rdpbus - ok
10:57:58.0076 0x0ffc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:57:58.0123 0x0ffc  RDPCDD - ok
10:57:58.0123 0x0ffc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:57:58.0169 0x0ffc  RDPENCDD - ok
10:57:58.0169 0x0ffc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:57:58.0201 0x0ffc  RDPREFMP - ok
10:57:58.0263 0x0ffc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:57:58.0263 0x0ffc  RdpVideoMiniport - ok
10:57:58.0310 0x0ffc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:57:58.0341 0x0ffc  RDPWD - ok
10:57:58.0372 0x0ffc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:57:58.0388 0x0ffc  rdyboost - ok
10:57:58.0403 0x0ffc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:57:58.0450 0x0ffc  RemoteAccess - ok
10:57:58.0450 0x0ffc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:57:58.0497 0x0ffc  RemoteRegistry - ok
10:57:58.0513 0x0ffc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:57:58.0544 0x0ffc  RpcEptMapper - ok
10:57:58.0559 0x0ffc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:57:58.0591 0x0ffc  RpcLocator - ok
10:57:58.0637 0x0ffc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:57:58.0669 0x0ffc  RpcSs - ok
10:57:58.0684 0x0ffc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:57:58.0715 0x0ffc  rspndr - ok
10:57:58.0747 0x0ffc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:57:58.0747 0x0ffc  SamSs - ok
10:57:58.0778 0x0ffc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:57:58.0793 0x0ffc  sbp2port - ok
10:57:58.0809 0x0ffc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:57:58.0840 0x0ffc  SCardSvr - ok
10:57:58.0871 0x0ffc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:57:58.0903 0x0ffc  scfilter - ok
10:57:58.0949 0x0ffc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:57:59.0012 0x0ffc  Schedule - ok
10:57:59.0043 0x0ffc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:57:59.0074 0x0ffc  SCPolicySvc - ok
10:57:59.0090 0x0ffc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:57:59.0105 0x0ffc  SDRSVC - ok
10:57:59.0121 0x0ffc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:57:59.0152 0x0ffc  secdrv - ok
10:57:59.0183 0x0ffc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:57:59.0215 0x0ffc  seclogon - ok
10:57:59.0246 0x0ffc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:57:59.0277 0x0ffc  SENS - ok
10:57:59.0277 0x0ffc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:57:59.0308 0x0ffc  SensrSvc - ok
10:57:59.0339 0x0ffc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:57:59.0355 0x0ffc  Serenum - ok
10:57:59.0371 0x0ffc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:57:59.0386 0x0ffc  Serial - ok
10:57:59.0402 0x0ffc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:57:59.0417 0x0ffc  sermouse - ok
10:57:59.0449 0x0ffc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:57:59.0495 0x0ffc  SessionEnv - ok
10:57:59.0511 0x0ffc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:57:59.0542 0x0ffc  sffdisk - ok
10:57:59.0558 0x0ffc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:57:59.0573 0x0ffc  sffp_mmc - ok
10:57:59.0573 0x0ffc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:57:59.0605 0x0ffc  sffp_sd - ok
10:57:59.0605 0x0ffc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:57:59.0620 0x0ffc  sfloppy - ok
10:57:59.0683 0x0ffc  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
10:57:59.0714 0x0ffc  Sftfs - ok
10:57:59.0807 0x0ffc  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:57:59.0823 0x0ffc  sftlist - ok
10:57:59.0839 0x0ffc  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:57:59.0854 0x0ffc  Sftplay - ok
10:57:59.0870 0x0ffc  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:57:59.0885 0x0ffc  Sftredir - ok
10:57:59.0901 0x0ffc  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
10:57:59.0917 0x0ffc  Sftvol - ok
10:57:59.0917 0x0ffc  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:57:59.0932 0x0ffc  sftvsa - ok
10:57:59.0963 0x0ffc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:58:00.0026 0x0ffc  SharedAccess - ok
10:58:00.0057 0x0ffc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:58:00.0088 0x0ffc  ShellHWDetection - ok
10:58:00.0104 0x0ffc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:58:00.0104 0x0ffc  SiSRaid2 - ok
10:58:00.0119 0x0ffc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:58:00.0135 0x0ffc  SiSRaid4 - ok
10:58:00.0135 0x0ffc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:58:00.0166 0x0ffc  Smb - ok
10:58:00.0182 0x0ffc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:58:00.0213 0x0ffc  SNMPTRAP - ok
10:58:00.0229 0x0ffc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:58:00.0229 0x0ffc  spldr - ok
10:58:00.0275 0x0ffc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:58:00.0291 0x0ffc  Spooler - ok
10:58:00.0400 0x0ffc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:58:00.0556 0x0ffc  sppsvc - ok
10:58:00.0572 0x0ffc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:58:00.0619 0x0ffc  sppuinotify - ok
10:58:00.0650 0x0ffc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:58:00.0681 0x0ffc  srv - ok
10:58:00.0712 0x0ffc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:58:00.0743 0x0ffc  srv2 - ok
10:58:00.0759 0x0ffc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:58:00.0775 0x0ffc  srvnet - ok
10:58:00.0790 0x0ffc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:58:00.0837 0x0ffc  SSDPSRV - ok
10:58:00.0868 0x0ffc  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
10:58:00.0884 0x0ffc  SSPORT - ok
10:58:00.0899 0x0ffc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:58:00.0931 0x0ffc  SstpSvc - ok
10:58:01.0009 0x0ffc  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:58:01.0024 0x0ffc  Stereo Service - ok
10:58:01.0040 0x0ffc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:58:01.0055 0x0ffc  stexstor - ok
10:58:01.0087 0x0ffc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:58:01.0133 0x0ffc  stisvc - ok
10:58:01.0165 0x0ffc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:58:01.0180 0x0ffc  swenum - ok
10:58:01.0196 0x0ffc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:58:01.0258 0x0ffc  swprv - ok
10:58:01.0336 0x0ffc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:58:01.0430 0x0ffc  SysMain - ok
10:58:01.0461 0x0ffc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:58:01.0477 0x0ffc  TabletInputService - ok
10:58:01.0492 0x0ffc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:58:01.0539 0x0ffc  TapiSrv - ok
10:58:01.0555 0x0ffc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:58:01.0601 0x0ffc  TBS - ok
10:58:01.0679 0x0ffc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:58:01.0742 0x0ffc  Tcpip - ok
10:58:01.0820 0x0ffc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:58:01.0867 0x0ffc  TCPIP6 - ok
10:58:01.0898 0x0ffc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:58:01.0913 0x0ffc  tcpipreg - ok
10:58:01.0929 0x0ffc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:58:01.0960 0x0ffc  TDPIPE - ok
10:58:01.0991 0x0ffc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:58:02.0007 0x0ffc  TDTCP - ok
10:58:02.0023 0x0ffc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:58:02.0069 0x0ffc  tdx - ok
10:58:02.0085 0x0ffc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:58:02.0101 0x0ffc  TermDD - ok
10:58:02.0147 0x0ffc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:58:02.0179 0x0ffc  TermService - ok
10:58:02.0194 0x0ffc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:58:02.0241 0x0ffc  Themes - ok
10:58:02.0257 0x0ffc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:58:02.0288 0x0ffc  THREADORDER - ok
10:58:02.0288 0x0ffc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:58:02.0350 0x0ffc  TrkWks - ok
10:58:02.0381 0x0ffc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:58:02.0413 0x0ffc  TrustedInstaller - ok
10:58:02.0444 0x0ffc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:58:02.0475 0x0ffc  tssecsrv - ok
10:58:02.0506 0x0ffc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:58:02.0522 0x0ffc  TsUsbFlt - ok
10:58:02.0569 0x0ffc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:58:02.0615 0x0ffc  tunnel - ok
10:58:02.0615 0x0ffc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:58:02.0631 0x0ffc  uagp35 - ok
10:58:02.0662 0x0ffc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:58:02.0725 0x0ffc  udfs - ok
10:58:02.0740 0x0ffc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:58:02.0771 0x0ffc  UI0Detect - ok
10:58:02.0787 0x0ffc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:58:02.0803 0x0ffc  uliagpkx - ok
10:58:02.0849 0x0ffc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:58:02.0865 0x0ffc  umbus - ok
10:58:02.0881 0x0ffc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:58:02.0896 0x0ffc  UmPass - ok
10:58:02.0943 0x0ffc  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
10:58:02.0943 0x0ffc  Updater Service - ok
10:58:02.0974 0x0ffc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:58:03.0005 0x0ffc  upnphost - ok
10:58:03.0037 0x0ffc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
10:58:03.0083 0x0ffc  usbccgp - ok
10:58:03.0115 0x0ffc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:58:03.0130 0x0ffc  usbcir - ok
10:58:03.0161 0x0ffc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:58:03.0177 0x0ffc  usbehci - ok
10:58:03.0208 0x0ffc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:58:03.0255 0x0ffc  usbhub - ok
10:58:03.0255 0x0ffc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:58:03.0286 0x0ffc  usbohci - ok
10:58:03.0302 0x0ffc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:58:03.0333 0x0ffc  usbprint - ok
10:58:03.0364 0x0ffc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:58:03.0380 0x0ffc  USBSTOR - ok
10:58:03.0380 0x0ffc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:58:03.0395 0x0ffc  usbuhci - ok
10:58:03.0411 0x0ffc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:58:03.0442 0x0ffc  UxSms - ok
10:58:03.0458 0x0ffc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:58:03.0473 0x0ffc  VaultSvc - ok
10:58:03.0489 0x0ffc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:58:03.0505 0x0ffc  vdrvroot - ok
10:58:03.0536 0x0ffc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:58:03.0583 0x0ffc  vds - ok
10:58:03.0598 0x0ffc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:58:03.0614 0x0ffc  vga - ok
10:58:03.0629 0x0ffc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:58:03.0661 0x0ffc  VgaSave - ok
10:58:03.0676 0x0ffc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:58:03.0692 0x0ffc  vhdmp - ok
10:58:03.0723 0x0ffc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:58:03.0739 0x0ffc  viaide - ok
10:58:03.0754 0x0ffc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:58:03.0770 0x0ffc  volmgr - ok
10:58:03.0801 0x0ffc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:58:03.0832 0x0ffc  volmgrx - ok
10:58:03.0848 0x0ffc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:58:03.0863 0x0ffc  volsnap - ok
10:58:03.0879 0x0ffc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:58:03.0895 0x0ffc  vsmraid - ok
10:58:03.0957 0x0ffc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:58:04.0051 0x0ffc  VSS - ok
10:58:04.0066 0x0ffc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:58:04.0097 0x0ffc  vwifibus - ok
10:58:04.0129 0x0ffc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:58:04.0175 0x0ffc  W32Time - ok
10:58:04.0175 0x0ffc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:58:04.0207 0x0ffc  WacomPen - ok
10:58:04.0238 0x0ffc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:58:04.0269 0x0ffc  WANARP - ok
10:58:04.0285 0x0ffc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:58:04.0316 0x0ffc  Wanarpv6 - ok
10:58:04.0378 0x0ffc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:58:04.0472 0x0ffc  wbengine - ok
10:58:04.0487 0x0ffc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:58:04.0519 0x0ffc  WbioSrvc - ok
10:58:04.0550 0x0ffc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:58:04.0581 0x0ffc  wcncsvc - ok
10:58:04.0597 0x0ffc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:58:04.0612 0x0ffc  WcsPlugInService - ok
10:58:04.0628 0x0ffc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:58:04.0643 0x0ffc  Wd - ok
10:58:04.0690 0x0ffc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:58:04.0753 0x0ffc  Wdf01000 - ok
10:58:04.0768 0x0ffc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:58:04.0799 0x0ffc  WdiServiceHost - ok
10:58:04.0799 0x0ffc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:58:04.0815 0x0ffc  WdiSystemHost - ok
10:58:04.0862 0x0ffc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:58:04.0893 0x0ffc  WebClient - ok
10:58:04.0893 0x0ffc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:58:04.0940 0x0ffc  Wecsvc - ok
10:58:04.0955 0x0ffc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:58:05.0002 0x0ffc  wercplsupport - ok
10:58:05.0018 0x0ffc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:58:05.0049 0x0ffc  WerSvc - ok
10:58:05.0080 0x0ffc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:58:05.0111 0x0ffc  WfpLwf - ok
10:58:05.0111 0x0ffc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:58:05.0127 0x0ffc  WIMMount - ok
10:58:05.0143 0x0ffc  WinDefend - ok
10:58:05.0174 0x0ffc  WinHttpAutoProxySvc - ok
10:58:05.0236 0x0ffc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:58:05.0267 0x0ffc  Winmgmt - ok
10:58:05.0330 0x0ffc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:58:05.0439 0x0ffc  WinRM - ok
10:58:05.0501 0x0ffc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:58:05.0533 0x0ffc  WinUsb - ok
10:58:05.0564 0x0ffc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:58:05.0611 0x0ffc  Wlansvc - ok
10:58:05.0673 0x0ffc  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:58:05.0689 0x0ffc  wlcrasvc - ok
10:58:05.0767 0x0ffc  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:58:05.0845 0x0ffc  wlidsvc - ok
10:58:05.0876 0x0ffc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:58:05.0876 0x0ffc  WmiAcpi - ok
10:58:05.0891 0x0ffc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:58:05.0923 0x0ffc  wmiApSrv - ok
10:58:05.0938 0x0ffc  WMPNetworkSvc - ok
10:58:05.0954 0x0ffc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:58:05.0969 0x0ffc  WPCSvc - ok
10:58:06.0001 0x0ffc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:58:06.0016 0x0ffc  WPDBusEnum - ok
10:58:06.0016 0x0ffc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:58:06.0063 0x0ffc  ws2ifsl - ok
10:58:06.0079 0x0ffc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:58:06.0094 0x0ffc  wscsvc - ok
10:58:06.0094 0x0ffc  WSearch - ok
10:58:06.0188 0x0ffc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:58:06.0266 0x0ffc  wuauserv - ok
10:58:06.0313 0x0ffc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:58:06.0328 0x0ffc  WudfPf - ok
10:58:06.0328 0x0ffc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:58:06.0344 0x0ffc  WUDFRd - ok
10:58:06.0391 0x0ffc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:58:06.0422 0x0ffc  wudfsvc - ok
10:58:06.0453 0x0ffc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:58:06.0484 0x0ffc  WwanSvc - ok
10:58:06.0484 0x0ffc  ================ Scan global ===============================
10:58:06.0515 0x0ffc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:58:06.0562 0x0ffc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:58:06.0562 0x0ffc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:58:06.0578 0x0ffc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:58:06.0609 0x0ffc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:58:06.0609 0x0ffc  [ Global ] - ok
10:58:06.0609 0x0ffc  ================ Scan MBR ==================================
10:58:06.0625 0x0ffc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:58:06.0952 0x0ffc  \Device\Harddisk0\DR0 - ok
10:58:06.0952 0x0ffc  ================ Scan VBR ==================================
10:58:06.0952 0x0ffc  [ 243CD57CCB4F8B2788AB374E67673272 ] \Device\Harddisk0\DR0\Partition1
10:58:06.0968 0x0ffc  \Device\Harddisk0\DR0\Partition1 - ok
10:58:06.0968 0x0ffc  [ 3255424BF0DD5A9ECFD9F4BE2E2F0D12 ] \Device\Harddisk0\DR0\Partition2
10:58:06.0968 0x0ffc  \Device\Harddisk0\DR0\Partition2 - ok
10:58:06.0968 0x0ffc  [ A1C0BFC47D2183350211F66506D15955 ] \Device\Harddisk0\DR0\Partition3
10:58:06.0968 0x0ffc  \Device\Harddisk0\DR0\Partition3 - ok
10:58:06.0968 0x0ffc  ================ Scan generic autorun ======================
10:58:07.0015 0x0ffc  [ 4B5F92605D77D07041D8C05955A4B0B3, BA8E2AB779CC4FCA64DB54452E4D8543AA91305BA448E41D04132E5B760FD0E4 ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
10:58:07.0030 0x0ffc  CDAServer - detected UnsignedFile.Multi.Generic ( 1 )
10:58:09.0713 0x0ffc  Detect skipped due to KSN trusted
10:58:09.0713 0x0ffc  CDAServer - ok
10:58:09.0776 0x0ffc  [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
10:58:09.0791 0x0ffc  avgnt - ok
10:58:09.0854 0x0ffc  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:58:09.0885 0x0ffc  Adobe ARM - ok
10:58:09.0932 0x0ffc  [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
10:58:09.0932 0x0ffc  Avira Systray - ok
10:58:10.0010 0x0ffc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:58:10.0088 0x0ffc  Sidebar - ok
10:58:10.0119 0x0ffc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:58:10.0150 0x0ffc  mctadmin - ok
10:58:10.0181 0x0ffc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:58:10.0213 0x0ffc  Sidebar - ok
10:58:10.0213 0x0ffc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:58:10.0228 0x0ffc  mctadmin - ok
10:58:10.0259 0x0ffc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:58:10.0306 0x0ffc  Sidebar - ok
10:58:10.0306 0x0ffc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:58:10.0322 0x0ffc  mctadmin - ok
10:58:10.0400 0x0ffc  [ 6E9DBF6B982AEA2EC6614F0B81AB2846, BEBD1E26E3C2810B19A71446A2CC5B9BD9436E802DD8CD0432DFC35BFF248593 ] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe
10:58:10.0415 0x0ffc  ScrSav - ok
10:58:10.0415 0x0ffc  Waiting for KSN requests completion. In queue: 50
10:58:11.0429 0x0ffc  Waiting for KSN requests completion. In queue: 50
10:58:12.0443 0x0ffc  Waiting for KSN requests completion. In queue: 50
10:58:13.0457 0x0ffc  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x41000 ( enabled : updated )
10:58:13.0473 0x0ffc  Win FW state via NFP2: enabled
10:58:16.0219 0x0ffc  ============================================================
10:58:16.0219 0x0ffc  Scan finished
10:58:16.0219 0x0ffc  ============================================================
10:58:16.0219 0x0f70  Detected object count: 0
10:58:16.0219 0x0f70  Actual detected object count: 0
         
__________________

Alt 15.11.2014, 20:50   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Fake-Rechnung: Anhang geöffnet - Standard

Telekom Fake-Rechnung: Anhang geöffnet



Sieht soweit gut aus. Ich würde jetzt mal die Temps bereingen, und dann das System mal beobachten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.11.2014, 14:00   #5
hans12345
 
Telekom Fake-Rechnung: Anhang geöffnet - Standard

Telekom Fake-Rechnung: Anhang geöffnet



Da bin ich aber erleichtert.
Was genau meinst du mit "Temps"? C:\Windows\Temp?
Vielen Dank!


Alt 16.11.2014, 19:47   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Fake-Rechnung: Anhang geöffnet - Standard

Telekom Fake-Rechnung: Anhang geöffnet



Datenträgerbereinigung von Windows ausführen
__________________
--> Telekom Fake-Rechnung: Anhang geöffnet

Alt 17.11.2014, 08:37   #7
hans12345
 
Telekom Fake-Rechnung: Anhang geöffnet - Standard

Telekom Fake-Rechnung: Anhang geöffnet



Alles klar, vielen Dank! :-) Daumen hoch für dich und dein Team!
Dann werde ich mich mit einer kleinen Spende erkenntlich zeigen.

Alt 17.11.2014, 14:25   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Fake-Rechnung: Anhang geöffnet - Standard

Telekom Fake-Rechnung: Anhang geöffnet



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Telekom Fake-Rechnung: Anhang geöffnet
adware, antivir, antivirus, avira, browser, computer, e-mail, error, fehler, firefox, flash player, hdd0(c:, helper, home, homepage, iexplore.exe, installation, mozilla, netzwerk, packard bell, registry, scan, schadsoftware eingefangen, security, services.exe, svchost.exe, system, windows



Ähnliche Themen: Telekom Fake-Rechnung: Anhang geöffnet


  1. Windows7 64Bit: mit malwarebyts schädliche Elemente gefunden, außerdem wurde eine "Telekom-Rechnung" mit Anhang geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 05.12.2014 (5)
  2. Telekom Deutschland - Fake Rechnung 13.11.2014
    Plagegeister aller Art und deren Bekämpfung - 01.12.2014 (21)
  3. Fake Telekom Rechnung geöffnet
    Log-Analyse und Auswertung - 01.12.2014 (29)
  4. Fake Telekom Rechnung leider downgeloadet und geöffnet
    Plagegeister aller Art und deren Bekämpfung - 28.11.2014 (5)
  5. Telekom Rechnung geöffnet..
    Plagegeister aller Art und deren Bekämpfung - 24.11.2014 (5)
  6. Telekom Fake Rechnung geöffnet!
    Log-Analyse und Auswertung - 27.07.2014 (19)
  7. Windows 8.1 / Habe Anhang Telekom Rechnung geöffnet
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (7)
  8. Windows 7: Anhang in Fake Telekom-Mail (Rechnung) geöffnet - Trojaner TR/Kryptik.vnyz gefunden
    Log-Analyse und Auswertung - 06.07.2014 (9)
  9. Windows 7: A1 Rechnung mit .rtf Anhang geöffnet...
    Log-Analyse und Auswertung - 01.07.2014 (7)
  10. Trojaner durch Telekom-Rechnung-Fake eingefangen?
    Log-Analyse und Auswertung - 29.06.2014 (12)
  11. Nach fake Telekom Rechnung, Onlinebanking gesperrt!
    Log-Analyse und Auswertung - 10.06.2014 (7)
  12. Win 7: Anhang von Fake Telekom-Rechnung geöffnet. Trojanerinfektion
    Log-Analyse und Auswertung - 19.01.2014 (9)
  13. Rechnung mit MS DOS-Anhang geöffnet - Virus?
    Plagegeister aller Art und deren Bekämpfung - 30.06.2013 (25)
  14. Seitensprung AG-Rechnung Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (7)
  15. Telekom Rechnung Februar 2013 - PDF - Anhang geöffnet - keine Meldung von Seucrity Essentials
    Plagegeister aller Art und deren Bekämpfung - 29.03.2013 (14)
  16. Anhang von Fake-Rechnung geöffnet
    Plagegeister aller Art und deren Bekämpfung - 17.03.2013 (2)
  17. Anhang von Fake-Rechnung.zip geöffnet - Trojaner und Worms
    Log-Analyse und Auswertung - 15.03.2013 (15)

Zum Thema Telekom Fake-Rechnung: Anhang geöffnet - Hallo zusammen, ich habe am 10.11.14 eine E-Mail erhalten, die einer Rechnungsbenachrichtigung der Telekom sehr ähnlich sah (über diese Phishing-Welle wurde mittlerweile ja auch schon auf einigen Nachrichtenportalen berichtet). Ich - Telekom Fake-Rechnung: Anhang geöffnet...
Archiv
Du betrachtest: Telekom Fake-Rechnung: Anhang geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.