Verdacht Schadsoftware wegen Öffnen von ZIP-Datei in Spam-Mail (Vista)

REC · 09.12.2015, 17:51

Guten Abend,

ich habe heute den ZIP-Anhang einer Spam-Mail geöffnet und bin unsicher, ob ich mir einen Virus o.ä. eingefangen habe.

Ein Scan mit der Unitymedia-Sicherheitspaket-Software (F-Secure) hat nichts ergeben. Trotzdem bin ich unsicher und frage Euch deshalb um Rat.

FRST habe ich schon laufen lassen. Die Dateien FRST.txt und Addition.txt sind beigefügt.

Mit freundlichen Grüßen
REC

PS: Ich bin zum ersten Mal in einem Forum, um Hilfe zu suchen. Daher bitte ich um Nachsicht, falls meine Anfrage etwas "ruckelt".

FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:09-12-2015
durchgeführt von user (Administrator) auf LAPTOP-RE (09-12-2015 16:07:01)
Gestartet von C:\Users\user\Downloads
Geladene Profile: user (Verfügbare Profile: user)
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\fshoster32.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSM32.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\FastStone Capture\FSCapture.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy ALS Manager\EasyALSManager.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\fshoster32.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\CCF_Reputation\fsorsp.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSMA32.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [255528 2007-02-01] (Nuance Communications, Inc.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
HKLM\...\Run: [hpqSRMon] => [X]
HKLM\...\Run: [F-Secure Hoster (47796)] => C:\Program Files\Unitymedia\fshoster32.exe [183864 2012-11-26] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] => C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSM32.EXE [310312 2015-10-13] (F-Secure Corporation)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-12] (Brother Industries, Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: {2ecf8c99-a51a-11e1-bd18-001e101f9843} - F:\AutoRun.exe
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: {7a0846ea-1204-11e2-a85f-001e101fb681} - F:\AutoRun.exe
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: {a9ac5fe6-17f6-11df-98d6-00234eeb401b} - F:\AutoRun.exe
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: {a9ac5ff8-17f6-11df-98d6-001e101f82a7} - F:\AutoRun.exe
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2010-05-23]
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files\FastStone Capture\FSCapture.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-11-25] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-11-25] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-11-25] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-11-25] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-11-25] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.212 80.69.100.108
Tcpip\..\Interfaces\{7615E728-A4BB-4802-91DD-24EAC9F6B390}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7E810B4B-C31F-4EA9-8E64-6B7882AB9EC6}: [DhcpNameServer] 80.69.100.212 80.69.100.108
Tcpip\..\Interfaces\{B08AD617-97EB-4779-94CB-104957170114}: [DhcpNameServer] 139.7.30.125 139.7.30.126

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp:\\www.samsungcomputer.com
HKU\S-1-5-21-696081317-418671648-604485187-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
HKU\S-1-5-21-696081317-418671648-604485187-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp:\\www.samsungcomputer.com
SearchScopes: HKU\S-1-5-21-696081317-418671648-604485187-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D112515-A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
SearchScopes: HKU\S-1-5-21-696081317-418671648-604485187-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D112515-A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06] (Hewlett-Packard Co.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sesmy4vo.default-1442087199076
FF NewTab: about:home
FF SelectedSearchEngine: Bing®
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sesmy4vo.default-1442087199076\searchplugins\bing-lavasoft.xml [2015-11-25]
FF Extension: NoScript - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sesmy4vo.default-1442087199076\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sesmy4vo.default-1442087199076\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [ist nicht signiert]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 fshoster; C:\Program Files\Unitymedia\fshoster32.exe [183864 2012-11-26] (F-Secure Corporation)
R3 FSMA; C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSMA32.EXE [207912 2015-10-13] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files\Unitymedia\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-10] (F-Secure Corporation)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [103744 2008-03-14] (McAfee, Inc.)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [Datei ist nicht signiert]
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [31248 2008-01-16] (Syntek America Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146944 2008-05-30] (AuthenTec, Inc.)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-21] (Microsoft Corporation)
R3 F-Secure Gatekeeper; C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [152104 2015-11-17] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files\Unitymedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys [86600 2015-11-17] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [54968 2015-09-16] ()
R3 fsni; C:\Program Files\Unitymedia\apps\CCF_Scanning\bin\fsni32.sys [77864 2015-11-16] (F-Secure Corporation)
R1 fsvista; C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [12840 2015-10-13] ()
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-10-29] (SAMSUNG ELECTRONICS CO., LTD.)
S1 M9207; C:\Windows\System32\DRIVERS\M9207_543.sys [51072 2006-08-16] (Animation Technologies Inc.)
R3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1363088 2008-03-28] (Syntek)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [81232 2012-06-09] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [452432 2012-06-09] (Paragon)
R1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [283344 2012-06-09] (Paragon)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X]
U3 DfSdkS; kein ImagePath
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-09 16:07 - 2015-12-09 16:08 - 00016777 _____ C:\Users\user\Downloads\FRST.txt
2015-12-09 16:06 - 2015-12-09 16:07 - 00000000 ____D C:\FRST
2015-12-09 15:44 - 2015-12-09 15:44 - 01720320 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2015-12-06 20:37 - 2015-12-06 20:37 - 00000000 ____D C:\Users\user\Documents\Cadenzo
2015-12-06 20:32 - 2015-12-06 20:32 - 02018816 _____ C:\Users\user\Downloads\CaTutor_Setup.msi
2015-12-06 19:24 - 2015-12-06 19:24 - 00000000 ____D C:\Windows\pss
2015-12-01 17:15 - 2015-12-01 17:15 - 00002086 _____ C:\Users\Public\Desktop\SteuerSparErklärung 2016.lnk
2015-12-01 17:15 - 2015-12-01 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016
2015-11-29 19:08 - 2015-11-29 19:08 - 00000000 ____D C:\Program Files\Canon
2015-11-29 19:06 - 2015-11-29 19:06 - 00000000 ____D C:\Users\user\Documents\CanoScan 4400f
2015-11-25 16:14 - 2015-11-25 16:14 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2015-11-25 16:14 - 2015-11-25 16:14 - 00002896 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-11-23 14:45 - 2015-11-23 14:45 - 00000000 ____D C:\Program Files\Common Files\Java
2015-11-23 14:42 - 2015-11-23 14:42 - 00584288 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-8u66-windows-i586-iftw.exe
2015-11-18 18:32 - 2009-04-08 14:29 - 00001886 _____ C:\Users\user\Desktop\PaperPort.lnk
2015-11-11 23:21 - 2015-10-17 15:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 23:13 - 2015-10-13 15:31 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 23:13 - 2015-10-13 15:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 23:12 - 2015-10-17 17:01 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 23:10 - 2015-10-14 21:22 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 23:10 - 2015-10-14 17:01 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 23:10 - 2015-10-14 17:01 - 03554752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 23:05 - 2015-10-10 17:02 - 00526272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 23:01 - 2015-09-26 17:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 23:01 - 2015-09-26 17:04 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 23:01 - 2015-09-26 14:21 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-11-11 23:01 - 2015-09-22 14:11 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 19:13 - 2015-10-31 19:38 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 19:13 - 2015-10-31 19:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 19:13 - 2015-10-31 19:36 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 19:13 - 2015-10-31 19:36 - 01093632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 01088512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00711168 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 19:13 - 2015-10-31 19:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-11-11 19:13 - 2015-10-31 19:36 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-11-11 19:13 - 2015-10-31 19:36 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-11-11 19:12 - 2015-10-31 19:40 - 12376576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 19:12 - 2015-10-31 19:38 - 09727488 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 19:12 - 2015-10-31 19:37 - 01830912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-09 16:06 - 2006-11-02 12:18 - 00000000 ____D C:\Windows
2015-12-09 15:22 - 2008-10-29 02:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 15:21 - 2010-06-05 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 15:20 - 2009-03-16 18:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 15:07 - 2013-07-15 18:27 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 15:02 - 2006-11-02 11:24 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-12-09 14:52 - 2006-11-02 13:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 14:52 - 2006-11-02 13:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 12:52 - 2013-06-14 20:11 - 00000618 _____ C:\Windows\Tasks\Scheduled scanning task.job
2015-12-09 12:52 - 2013-02-09 11:43 - 00000312 _____ C:\Windows\Tasks\GlaryInitialize.job
2015-12-09 12:52 - 2009-03-10 10:11 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-12-09 12:52 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-09 12:15 - 2008-10-29 17:37 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-12-09 12:15 - 2006-11-02 14:01 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-09 11:57 - 2009-03-16 16:58 - 00002735 _____ C:\Users\user\Desktop\Microsoft Office Outlook 2007.lnk
2015-12-09 11:41 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2015-12-08 15:12 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2015-12-01 17:14 - 2011-04-09 13:57 - 00000000 ____D C:\Program Files\Akademische Arbeitsgemeinschaft
2015-12-01 14:33 - 2013-02-05 23:45 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2015-11-29 21:55 - 2008-10-28 12:19 - 00718230 _____ C:\Windows\system32\perfh007.dat
2015-11-29 21:55 - 2008-10-28 12:19 - 00165860 _____ C:\Windows\system32\perfc007.dat
2015-11-29 21:55 - 2006-11-02 11:33 - 01687090 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-25 16:21 - 2013-02-12 17:47 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2015-11-23 14:56 - 2014-01-17 13:56 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 14:45 - 2015-08-28 21:55 - 00000000 ____D C:\Users\user\.oracle_jre_usage
2015-11-23 14:44 - 2015-02-07 16:32 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-23 14:44 - 2014-10-21 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-23 14:43 - 2014-01-17 13:50 - 00000000 ____D C:\Program Files\Java
2015-11-13 15:27 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-11-13 10:09 - 2006-11-02 13:47 - 00400960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-13 10:05 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-13 10:05 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-11-11 23:15 - 2009-03-16 16:04 - 00000039 _____ C:\Windows\vbaddin.ini
2015-11-11 18:41 - 2014-08-25 10:58 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2015-11-11 18:39 - 2015-02-07 16:25 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 18:39 - 2015-02-07 16:25 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-09 20:35 - 2015-03-24 13:41 - 00000000 ____D C:\Users\user\AppData\Roaming\XnViewMP
2015-11-09 15:43 - 2009-03-21 22:51 - 00006656 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2009-03-19 18:43 - 2009-03-19 18:43 - 0024206 _____ () C:\Users\user\AppData\Roaming\UserTile.png
2009-03-21 22:51 - 2015-11-09 15:43 - 0006656 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-30 23:31 - 2011-11-30 23:31 - 0000092 _____ () C:\Users\user\AppData\Local\fusioncache.dat
2010-05-13 11:23 - 2011-10-24 10:14 - 0023552 _____ () C:\Users\user\AppData\Local\WebpageIcons.db
2010-05-13 09:19 - 2010-06-15 11:04 - 0002497 _____ () C:\ProgramData\hpzinstall.log
2013-02-06 23:26 - 2013-02-06 23:52 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-09 13:00

==================== Ende vom FRST.txt ============================

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:09-12-2015
durchgeführt von user (2015-12-09 16:08:30)
Gestartet von C:\Users\user\Downloads
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) (2009-02-18 09:54:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-696081317-418671648-604485187-500 - Administrator - Disabled)
ASPNET (S-1-5-21-696081317-418671648-604485187-1006 - Limited - Enabled)
Gast (S-1-5-21-696081317-418671648-604485187-501 - Limited - Enabled)
user (S-1-5-21-696081317-418671648-604485187-1003 - Administrator - Enabled) => C:\Users\user

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Computer Schutz (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Schutz (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden
7-PDF Maker Version 1.4.0 (Build 128) (HKLM\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.4.0 (Build 128) - 7-PDF, Germany - Thorsten Hodes)
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
AuthenTec Fingerprint Sensor Minimum Install (HKLM\...\{31A5ED9F-E07B-4F6E-8179-27325BAAC502}) (Version: 7.10.0.1129 - AuthenTec)
BILDmobil (HKLM\...\BILDmobil) (Version: 11.301.08.01.35 - Huawei Technologies Co.,Ltd)
Brother MFL-Pro Suite (HKLM\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.00 - Brother Industries, Ltd.)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-2447-0000-800000000003}) (Version: 8.0.0 - Adobe Systems)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Computer Security 12.71.109.0 (release) (Version: 12.71.109.0 - F-Secure Corporation) Hidden
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CVE-2014-6352 (HKLM\...\{3a9498f9-243d-424b-893a-8da0b0cfad53}.sdb) (Version:  - )
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.2403 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.0.3825 - CyberLink Corp.)
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocMgr (Version: 100.0.201.000 - Hewlett-Packard) Hidden
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DTV (Version: 1.4.37.645 build 1247 - ) Hidden
Easy ALS Manager (HKLM\...\{9615709B-777E-4EF7-ADF6-45131FA64C1E}) (Version: 2.0.0.0 - Samsung)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.7 - Samsung)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Easy Network Manager 4.0 (HKLM\...\InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}) (Version: 4.0.0.13 - Samsung)
Easy Network Manager 4.0 (Version: 4.0.0.13 - Samsung) Hidden
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.1.3 - )
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
FastStone Capture 5.3 (HKLM\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Foto-Mosaik-Edda Standard V5.6.0 (HKLM\...\{BF962E1B-D17A-4713-A100-6531A132D83D}_is1) (Version:  - Steffen Schirmer)
Free Video Editor version 1.4.3.716 (HKLM\...\Free Video Editor_is1) (Version: 1.4.3.716 - DVDVideoSoft Ltd.)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
Fresh Minder 2 (HKLM\...\{8DBBABF7-15C7-4B1A-AE40-E95D3DB8EBCC}) (Version: 2.0.0 - Fresh Minder - Vertrieb)
Fresh Minder 3 (HKLM\...\{F6052C1E-FC7C-4626-B728-C9DAF8DF7F9D}) (Version: 3.0.0 - Fresh Minder - Vertrieb)
F-Secure CCF Reputation (Version: 1.0.25.1877 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.126 (Version: 1.02.126 - F-Secure Corporation) Hidden
Glary Utilities 2.52.0.1698 (HKLM\...\Glary Utilities_is1) (Version: 2.52.0.1698 - Glarysoft Ltd)
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version:  - EFD Software)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP LaserJet Professional CM1410 Series (HKLM\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version:  - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
imagine digital freedom - Samsung (HKLM\...\{8E106A57-A17E-431D-B48F-175E42EB9F74}) (Version: 1.0.2.2 - Samsung Electronics Co. Ltd.,)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: .2406 - CyberLink Corp.)
LightScribe System Software  1.12.37.1 (HKLM\...\{004C5DA2-2051-4D25-94BA-51CF810C91EB}) (Version: 1.12.37.1 - LightScribe)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
McAfee Agent (HKLM\...\{A638557B-1F13-40A0-9627-C892FBCA6960}) (Version: 4.0.0.1180 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-003B-0000-0000-0000000FF1CE}_PRJPROR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project Professional 2007 (HKLM\...\PRJPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM\...\VISPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Web Apps Browser Plugin (HKLM\...\{95140000-1148-0407-0000-0000000FF1CE}) (Version: 14.0.5568.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nokia Connectivity Cable Driver (HKLM\...\{82427977-8776-4087-90CA-9F65174D3C4D}) (Version: 7.1.16.0 - Nokia)
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
Online Safety 2.71.966.47 (Version: 2.71.966.47 - F-Secure Corporation) Hidden
PaperPort Image Printer (HKLM\...\{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Paragon Festplatten Manager™ 2012 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}) (Version: 9.13.1.0 - Nokia)
Play Camera (HKLM\...\InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}) (Version: 2.0.0.13 - Ihr Firmenname)
Play Camera (Version: 2.0.0.13 - Ihr Firmenname) Hidden
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 5.0.3927 - CyberLink Corp.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corp.)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 085120(3.7)_Vista_SSPC - CyberLink Corp.)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5605 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.06 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.54.06 - RICOH)
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.0 - Samsung Electronics Co., LTD)
Samsung Recovery Solution III (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 3.0.0.6 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM\...\{B6C89654-A6A2-477C-873B-724EC1C56407}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 100.0.272.000 - Hewlett-Packard) Hidden
Steuer-Spar-Erklärung 2012 (HKLM\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.02 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung 2013 (HKLM\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.02 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.02.10 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2015 (HKLM\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.20.70 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.20.38 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.2.0 - Synaptics)
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Unitymedia Programme (HKLM\...\F-Secure ServiceEnabler 47796) (Version: 1.71.340.0 - F-Secure Corporation)
Unitymedia Programme (Version: 1.71.340.0 - F-Secure Corporation) Hidden
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-003B-0000-0000-0000000FF1CE}_PRJPROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ULTIMATER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ULTIMATER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ULTIMATER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB2.0 UVC 1.3M WebCam (HKLM\...\USB2.0 UVC 1.3M WebCam) (Version:  - )
USB2.0 UVC WebCam (HKLM\...\{090962E2-4BE8-4A8A-86B0-7A5ED31C1273}) (Version: 6.11.706.012 - D-MAX)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - WIDCOMM, Inc.)
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

20-11-2015 17:00:48 Geplanter Prüfpunkt
27-11-2015 20:50:49 Geplanter Prüfpunkt
29-11-2015 21:05:56 Geplanter Prüfpunkt
01-12-2015 16:34:18 Geplanter Prüfpunkt
01-12-2015 17:12:28 SteuerSparErklärung 2016 wurde installiert.
05-12-2015 19:17:24 Geplanter Prüfpunkt
06-12-2015 20:33:54 Cadenzo-Tutor wird installiert
08-12-2015 18:56:53 Geplanter Prüfpunkt
08-12-2015 22:25:54 Cadenzo-Tutor wird entfernt
09-12-2015 15:01:15 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09EB5E70-6458-48B8-B899-64967C7985A6} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-08-07] (SAMSUNG Electronics co., LTD.)
Task: {102490C4-169A-49BB-AFA3-F2C72360DBE7} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-10-06] (SAMSUNG Electronics)
Task: {32F03D23-678C-4FB8-A883-7D6AB8DD3EE1} - System32\Tasks\GlaryInitialize => C:\Program Files\Glary Utilities\initialize.exe [2013-01-05] (Glarysoft Ltd)
Task: {4B4638DB-2635-472A-AE34-4DBF9CB0020E} - System32\Tasks\{75087878-6665-4982-8C23-A6EF7C941D49} => pcalua.exe -a "C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver2.exe" -c /M{D1BA1F1C-D88B-405D-953F-D7074B65453D}
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {4DE5753C-568E-4C0D-A3CB-C292BC9FEB80} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-10-08] (Samsung Electronics Co., Ltd.)
Task: {58FDB591-D595-4B76-AB26-246C3C3E4E01} - System32\Tasks\Scheduled scanning task => C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fsav.exe [2015-10-13] (F-Secure Corporation)
Task: {5F6844FF-733F-4FF1-ACFD-BD4DCE8DD6E2} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2008-08-26] (Samsung Electronics Co., Ltd.)
Task: {662ED23E-F45E-4B3E-AF1A-AE0A651D7F85} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {9C311485-CD4B-40E8-8591-F59DC1E35D34} - System32\Tasks\Easy ALS Manager => C:\Program Files\Samsung\Easy ALS Manager\EasyALSManager.exe [2008-05-29] (SAMSUNG Electronics)
Task: {C0503236-2DDD-4553-B59D-2865BEF5FEA3} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~1\UNITYM~1\apps\COMPUT~1\ANTI-V~1\fsav.exeX /HARD /POLICY /SCHED /REPORT C:\PROGRA~1\UNITYM~1\apps\COMPUT~1\ANTI-V~1\report.txt ,C:\PROGRA~1\UNITYM~1\apps\COMPUT~1\ANTI-V~1SYSTEM.Von

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-06-14 19:52 - 2013-06-14 19:52 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
2013-06-14 20:09 - 2015-10-13 09:12 - 00056360 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\FSGUI\fsavures.eng
2013-06-14 20:09 - 2015-10-13 09:12 - 00093224 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\FSGUI\strres.eng
2013-06-14 20:09 - 2015-10-13 09:12 - 00154664 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\FSGUI\flyerres.eng
2007-02-12 20:51 - 2007-02-12 20:51 - 01111552 _____ () C:\Program Files\FastStone Capture\FSCapture.exe
2008-10-29 02:17 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2008-10-29 02:17 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2008-10-29 02:18 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2013-06-14 20:09 - 2015-10-13 09:12 - 00045608 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2012-11-26 12:49 - 2012-11-26 12:49 - 00216632 _____ () C:\Program Files\Unitymedia\daas2.dll
2005-08-22 15:38 - 2005-08-22 15:38 - 03264512 _____ () C:\Program Files\McAfee\Common Framework\cryptocme2.dll
2008-03-14 04:00 - 2008-03-14 04:00 - 00057344 _____ () C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll
2008-10-29 02:12 - 2006-12-19 14:23 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2013-06-14 20:16 - 2013-06-14 20:16 - 00030888 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2013-06-14 20:10 - 2015-06-09 14:26 - 00175144 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Gemini\fsgem.dll
2013-06-14 20:10 - 2015-10-14 17:43 - 00212008 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Spam Control\fsas.dll
2013-06-14 20:09 - 2015-11-17 21:28 - 00945192 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fm4av.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-696081317-418671648-604485187-1003\...\ciwi.eu -> hxxp://portal.ciwi.eu
IE trusted site: HKU\S-1-5-21-696081317-418671648-604485187-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-696081317-418671648-604485187-1003\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-696081317-418671648-604485187-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img30.jpg
DNS Servers: 80.69.100.212 - 80.69.100.108
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: DTVRemote => "C:\Program Files\DTV\RemoteControl.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: OmniPass => C:\Program Files\Softex\OmniPass\scureapp.exe
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [{ED395783-3044-423B-B248-8FFE2568DEAF}] => (Allow) C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{D6D79297-277C-470F-BA09-9CE0EAA23963}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{B7543088-B9A5-46E3-A06C-854E9A3E70AF}] => (Allow) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{20321F45-DF90-46F6-8A6A-2D6904AE0050}] => (Allow) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [TCP Query User{94508D2F-FA92-48CB-A5BE-859054103B25}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{9885B74F-CC89-432D-AB01-EC575E90BAEF}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{E8EDA576-B454-4675-A2FD-C5EE1FDA5287}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{6566C1D4-662D-498C-BF29-D463DB818AD1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{64D389F0-FD2E-40A1-93DA-B8F7FFC67A9A}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{84F7A784-7646-4A35-949E-656A675D1814}C:\program files\microsoft office\office12\groove.exe] => (Block) C:\program files\microsoft office\office12\groove.exe
FirewallRules: [UDP Query User{E5146CF5-BA15-4419-9606-7DEDA62494FD}C:\program files\microsoft office\office12\groove.exe] => (Block) C:\program files\microsoft office\office12\groove.exe
FirewallRules: [{EB8D856F-E5D2-4F08-810C-518D939BF8EC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{D5199C6E-ADEE-4B34-9166-2939E64F38EB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C67B4863-43E1-4B7D-978D-97FCDBBA0346}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3FDEC60B-F927-46ED-BF0D-D9CD05AEF3A6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{76E000AB-EAA0-4E36-8905-564FDD127D58}] => (Allow) E:\setup\HPZNUI01.EXE
FirewallRules: [{D5417D88-0C45-4694-8FF4-718B9425181A}] => (Allow) E:\setup\HPZNUI01.EXE
FirewallRules: [{A6A2DC79-EFC7-41B5-BDD9-E5D24D26E006}] => (Allow) LPort=80
FirewallRules: [{944869EE-D166-4C46-90A5-9C566702C8CA}] => (Allow) LPort=80
FirewallRules: [{BA92DCEA-B11C-4C64-9F11-ED33FDE236F4}] => (Allow) LPort=80
FirewallRules: [{F93E874D-AC88-40F7-99A1-9766ADAEC696}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{8CC190BA-9F70-43BB-90DA-835A799D71B1}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{04D470AA-C9AA-4429-8D6A-05BF2C5C0CB7}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{F448507B-FE65-4C66-B25A-7A51D037B3E1}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{2CF57BB6-EC82-4EB7-ACCE-683E1BDDC8E6}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{ABABD3DE-33C9-43BC-9B81-A8FC2F2E7DBF}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{3A5CA28C-786C-4627-998D-BC61DFA97056}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{5413B472-0959-4A20-A5A8-E5A2F84A289D}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{53B6B7DB-64E4-4745-BC40-5B9866CA8276}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{CB04DB18-5F13-4A26-A44B-3A014B5CC8FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8272CC71-6416-4060-8CEF-B7FAE10F35CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8A24CD7D-D1D3-4532-B401-44D3934A5E79}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BC39C3F0-BF27-4021-9D1C-05BAF5032292}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{E37580AD-FF3F-40BB-950C-D8609BD266D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{40326EEE-7C8F-43D2-BA16-77202E9CAFE1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #5
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #8
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/09/2015 03:07:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (12/09/2015 03:07:36 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (12/09/2015 02:22:37 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <MAPI://{S-1-5-21-696081317-418671648-604485187-1003}/PERSÖNLICHE ORDNER($F89C2BD7)/0/GELÖSCHTE OBJEKTE/가가가가겡갢겶걹걳갧곃걁겁걒개곅걣겜곪곴갤갶갪가> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/09/2015 02:22:33 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\USER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SESMY4VO.DEFAULT-1442087199076\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/09/2015 02:22:33 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\USER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SESMY4VO.DEFAULT-1442087199076\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/09/2015 02:22:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <MAPI://{S-1-5-21-696081317-418671648-604485187-1003}/PERSÖNLICHE ORDNER($F89C2BD7)/0/GELÖSCHTE OBJEKTE/가가가가겡갢겶걹걳갧곃걁겁걒개곅걣겜곪곴겄갵갪가> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/09/2015 02:22:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <MAPI://{S-1-5-21-696081317-418671648-604485187-1003}/PERSÖNLICHE ORDNER($F89C2BD7)/0/GELÖSCHTE OBJEKTE/가가가가겡갢겶걹걳갧곃걁겁걒개곅걣겜곪곴간갵갪가> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/09/2015 02:22:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <MAPI://{S-1-5-21-696081317-418671648-604485187-1003}/PERSÖNLICHE ORDNER($F89C2BD7)/0/GELÖSCHTE OBJEKTE/가가가가겡갢겶걹걳갧곃걁겁걒개곅걣겜곪곴계갵갪가> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/09/2015 02:22:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <MAPI://{S-1-5-21-696081317-418671648-604485187-1003}/PERSÖNLICHE ORDNER($F89C2BD7)/0/GELÖSCHTE OBJEKTE/가가가가겡갢겶걹걳갧곃걁겁걒개곅걣겜곪곴겤갵갪가> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/09/2015 02:22:28 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <MAPI://{S-1-5-21-696081317-418671648-604485187-1003}/PERSÖNLICHE ORDNER($F89C2BD7)/0/GELÖSCHTE OBJEKTE/가가가가겡갢겶걹걳갧곃걁겁걒개곅걣겜곪곴걄갵갪가> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


Systemfehler:
=============
Error: (12/09/2015 03:22:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/09/2015 03:22:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (12/09/2015 03:22:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (12/09/2015 03:22:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (12/09/2015 03:22:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (12/09/2015 03:19:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (12/09/2015 03:19:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (12/09/2015 03:18:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (12/09/2015 03:18:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (12/09/2015 03:13:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053


CodeIntegrity:
===================================
  Date: 2015-12-09 16:07:41.042
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-09 16:07:40.652
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-09 16:07:40.246
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-09 16:07:39.794
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-17 21:48:19.061
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\133a796512593c4a3df2a6e1fa620c2473546cfe0840488ac79a1025591e6516\upd_fshs32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-17 21:48:18.016
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\133a796512593c4a3df2a6e1fa620c2473546cfe0840488ac79a1025591e6516\upd_fshs32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-17 21:48:16.846
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\133a796512593c4a3df2a6e1fa620c2473546cfe0840488ac79a1025591e6516\upd_fshs32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-17 21:48:15.800
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\133a796512593c4a3df2a6e1fa620c2473546cfe0840488ac79a1025591e6516\upd_fshs32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-17 21:41:10.167
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\133a796512593c4a3df2a6e1fa620c2473546cfe0840488ac79a1025591e6516\upd_fshs32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-17 21:41:09.075
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\133a796512593c4a3df2a6e1fa620c2473546cfe0840488ac79a1025591e6516\upd_fshs32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
Prozentuale Nutzung des RAM: 89%
Installierter physikalischer RAM: 2007.79 MB
Verfügbarer physikalischer RAM: 214.66 MB
Summe virtueller Speicher: 4252.63 MB
Verfügbarer virtueller Speicher: 1953.67 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:80.1 GB) (Free:13.5 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:55.55 GB) (Free:55.34 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: B16B91D5)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=80.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=55.6 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================

schrauber · 09.12.2015, 18:58

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

REC · 10.12.2015, 00:33

Hallo schrauber,

vielen Dank für die schnelle Antwort.

Hier die erste Logfile; bei der zweiten "merkert" das System wegen der Länge:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.12.09.06
  rootkit: v2015.12.07.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
user :: LAPTOP-RE [administrator]

09.12.2015 22:40:51
mbar-log-2015-12-09 (22-40-51).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 304231
Time elapsed: 23 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Viele Grüße und vorab vielen Dank
REC

Hallo schrauber,

....ich schicke nun Teil 1 der zweiten Logfile:

Code:

ATTFilter

23:22:01.0959 0x1684  TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
23:22:07.0435 0x1684  ============================================================
23:22:07.0435 0x1684  Current date / time: 2015/12/09 23:22:07.0435
23:22:07.0435 0x1684  SystemInfo:
23:22:07.0435 0x1684  
23:22:07.0435 0x1684  OS Version: 6.0.6002 ServicePack: 2.0
23:22:07.0435 0x1684  Product type: Workstation
23:22:07.0435 0x1684  ComputerName: LAPTOP-RE
23:22:07.0435 0x1684  UserName: user
23:22:07.0435 0x1684  Windows directory: C:\Windows
23:22:07.0435 0x1684  System windows directory: C:\Windows
23:22:07.0435 0x1684  Processor architecture: Intel x86
23:22:07.0435 0x1684  Number of processors: 2
23:22:07.0435 0x1684  Page size: 0x1000
23:22:07.0435 0x1684  Boot type: Normal boot
23:22:07.0435 0x1684  ============================================================
23:22:07.0887 0x1684  KLMD registered as C:\Windows\system32\drivers\39252087.sys
23:22:08.0854 0x1684  System UUID: {F1D10FDE-E129-3382-8656-3539526E64BE}
23:22:09.0790 0x1684  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:22:09.0884 0x1684  ============================================================
23:22:09.0884 0x1684  \Device\Harddisk0\DR0:
23:22:09.0884 0x1684  MBR partitions:
23:22:09.0884 0x1684  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0xA030FF8
23:22:09.0884 0x1684  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF3C5800, BlocksNum 0x6F1AFF8
23:22:09.0884 0x1684  ============================================================
23:22:09.0931 0x1684  C: <-> \Device\Harddisk0\DR0\Partition1
23:22:09.0977 0x1684  D: <-> \Device\Harddisk0\DR0\Partition2
23:22:09.0977 0x1684  ============================================================
23:22:09.0977 0x1684  Initialize success
23:22:09.0977 0x1684  ============================================================
23:22:19.0790 0x0918  ============================================================
23:22:19.0790 0x0918  Scan started
23:22:19.0790 0x0918  Mode: Manual; 
23:22:19.0790 0x0918  ============================================================
23:22:19.0790 0x0918  KSN ping started
23:22:22.0411 0x0918  KSN ping finished: true
23:22:24.0205 0x0918  ================ Scan system memory ========================
23:22:24.0205 0x0918  System memory - ok
23:22:24.0205 0x0918  ================ Scan services =============================
23:22:24.0314 0x0918  [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
23:22:24.0329 0x0918  AAV UpdateService - ok
23:22:24.0532 0x0918  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
23:22:24.0548 0x0918  ACPI - ok
23:22:24.0688 0x0918  [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:22:24.0688 0x0918  AdobeARMservice - ok
23:22:24.0751 0x0918  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:22:24.0766 0x0918  adp94xx - ok
23:22:24.0813 0x0918  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:22:24.0829 0x0918  adpahci - ok
23:22:24.0844 0x0918  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
23:22:24.0860 0x0918  adpu160m - ok
23:22:24.0875 0x0918  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:22:24.0875 0x0918  adpu320 - ok
23:22:24.0922 0x0918  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:22:24.0922 0x0918  AeLookupSvc - ok
23:22:24.0969 0x0918  [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD             C:\Windows\system32\drivers\afd.sys
23:22:24.0985 0x0918  AFD - ok
23:22:25.0016 0x0918  [ EFBC44FBD75E4F80BD927AEBF6E7EADE, 0A1ACFE5D007DF8ABB97081C93111A1F18D90CB34093CD5784588971BFE86AE7 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
23:22:25.0016 0x0918  AgereModemAudio - ok
23:22:25.0109 0x0918  [ 1CFEBA39FC613E45B49D3EDDFBCDA289, 15E8102FD9C50DBC16DDC523FC9C17DBE21F2C5C4E081C54901379C0D99277AA ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
23:22:25.0141 0x0918  AgereSoftModem - ok
23:22:25.0187 0x0918  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:22:25.0203 0x0918  agp440 - ok
23:22:25.0250 0x0918  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
23:22:25.0250 0x0918  aic78xx - ok
23:22:25.0281 0x0918  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
23:22:25.0281 0x0918  ALG - ok
23:22:25.0297 0x0918  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
23:22:25.0297 0x0918  aliide - ok
23:22:25.0312 0x0918  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:22:25.0328 0x0918  amdagp - ok
23:22:25.0343 0x0918  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
23:22:25.0343 0x0918  amdide - ok
23:22:25.0375 0x0918  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
23:22:25.0375 0x0918  AmdK7 - ok
23:22:25.0421 0x0918  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:22:25.0421 0x0918  AmdK8 - ok
23:22:25.0453 0x0918  [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA, 834B397F365D930DA01D5189DDF06195CFE4C0F9249223C5A9004643F41BA6E4 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
23:22:25.0453 0x0918  androidusb - ok
23:22:25.0515 0x0918  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
23:22:25.0515 0x0918  Appinfo - ok
23:22:25.0562 0x0918  [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:22:25.0562 0x0918  AppMgmt - ok
23:22:25.0609 0x0918  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
23:22:25.0609 0x0918  arc - ok
23:22:25.0655 0x0918  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:22:25.0655 0x0918  arcsas - ok
23:22:25.0780 0x0918  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:22:25.0780 0x0918  aspnet_state - ok
23:22:25.0796 0x0918  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:22:25.0796 0x0918  AsyncMac - ok
23:22:25.0827 0x0918  [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:22:25.0827 0x0918  atapi - ok
23:22:25.0858 0x0918  [ 73742099982CF514512E1941F2862C33, 3B838304AA395C0BD244545C439F131499A76731ACD35AAA8E676F1F3925DDE3 ] ATSWPDRV        C:\Windows\system32\DRIVERS\ATSwpDrv.sys
23:22:25.0858 0x0918  ATSWPDRV - ok
23:22:25.0921 0x0918  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:22:25.0921 0x0918  AudioEndpointBuilder - ok
23:22:25.0936 0x0918  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:22:25.0936 0x0918  Audiosrv - ok
23:22:26.0014 0x0918  [ 08015D34F6FDD0B355805BAD978497C3, AAD5F919215B8630DCCADF2AC8DC82BAA543C52B1682B476093E014532B20EBD ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
23:22:26.0030 0x0918  bcm4sbxp - ok
23:22:26.0045 0x0918  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:22:26.0045 0x0918  Beep - ok
23:22:26.0092 0x0918  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
23:22:26.0108 0x0918  BFE - ok
23:22:26.0155 0x0918  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
23:22:26.0186 0x0918  BITS - ok
23:22:26.0217 0x0918  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
23:22:26.0217 0x0918  blbdrive - ok
23:22:26.0233 0x0918  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:22:26.0248 0x0918  bowser - ok
23:22:26.0279 0x0918  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
23:22:26.0279 0x0918  BrFiltLo - ok
23:22:26.0295 0x0918  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
23:22:26.0295 0x0918  BrFiltUp - ok
23:22:26.0326 0x0918  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
23:22:26.0326 0x0918  Browser - ok
23:22:26.0357 0x0918  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
23:22:26.0357 0x0918  Brserid - ok
23:22:26.0389 0x0918  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
23:22:26.0389 0x0918  BrSerWdm - ok
23:22:26.0404 0x0918  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
23:22:26.0404 0x0918  BrUsbMdm - ok
23:22:26.0420 0x0918  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
23:22:26.0420 0x0918  BrUsbSer - ok
23:22:26.0467 0x0918  [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
23:22:26.0467 0x0918  BthEnum - ok
23:22:26.0513 0x0918  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:22:26.0513 0x0918  BTHMODEM - ok
23:22:26.0545 0x0918  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:22:26.0545 0x0918  BthPan - ok
23:22:26.0607 0x0918  [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
23:22:26.0623 0x0918  BTHPORT - ok
23:22:26.0654 0x0918  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
23:22:26.0654 0x0918  BthServ - ok
23:22:26.0669 0x0918  [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
23:22:26.0685 0x0918  BTHUSB - ok
23:22:26.0716 0x0918  [ 3EA1A20DC0CA1AD23E7AA8C37A91BCD1, 4AF75222BF49EBFA93C98DF206D715DFE2B5EB742BDE06622256F628A756AAD6 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
23:22:26.0732 0x0918  btwaudio - ok
23:22:26.0747 0x0918  [ 195872E48A7FB01F8BC9B800F70F4054, 5F37D7CE44F00791241911BA1E77AD5DAD22C08584F19367BBE27BBFA3484616 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
23:22:26.0763 0x0918  btwavdt - ok
23:22:26.0779 0x0918  [ 0724E7D6C9B6A289EDDDA33FA8176E80, 836BFED3A4A374AB1C699D950D87A0709F529FD65B860890699584640490DBE8 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
23:22:26.0779 0x0918  btwrchid - ok
23:22:26.0794 0x0918  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:22:26.0794 0x0918  cdfs - ok
23:22:26.0857 0x0918  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:22:26.0857 0x0918  cdrom - ok
23:22:26.0888 0x0918  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
23:22:26.0888 0x0918  CertPropSvc - ok
23:22:26.0919 0x0918  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:22:26.0919 0x0918  circlass - ok
23:22:26.0966 0x0918  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
23:22:26.0966 0x0918  CLFS - ok
23:22:27.0028 0x0918  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:22:27.0028 0x0918  clr_optimization_v2.0.50727_32 - ok
23:22:27.0075 0x0918  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:22:27.0075 0x0918  clr_optimization_v4.0.30319_32 - ok
23:22:27.0122 0x0918  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:22:27.0122 0x0918  CmBatt - ok
23:22:27.0137 0x0918  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:22:27.0137 0x0918  cmdide - ok
23:22:27.0169 0x0918  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:22:27.0169 0x0918  Compbatt - ok
23:22:27.0169 0x0918  COMSysApp - ok
23:22:27.0371 0x0918  cpuz135 - ok
23:22:27.0481 0x0918  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:22:27.0496 0x0918  crcdisk - ok
23:22:27.0512 0x0918  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
23:22:27.0512 0x0918  Crusoe - ok
23:22:27.0559 0x0918  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:22:27.0559 0x0918  CryptSvc - ok
23:22:27.0621 0x0918  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] CSC             C:\Windows\system32\drivers\csc.sys
23:22:27.0637 0x0918  CSC - ok
23:22:27.0683 0x0918  [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] CscService      C:\Windows\System32\cscsvc.dll
23:22:27.0699 0x0918  CscService - ok
23:22:27.0746 0x0918  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:22:27.0777 0x0918  DcomLaunch - ok
23:22:27.0808 0x0918  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:22:27.0824 0x0918  DfsC - ok
23:22:27.0949 0x0918  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
23:22:28.0058 0x0918  DFSR - ok
23:22:28.0105 0x0918  [ FF0E8993EEA607B9B184AFB0D5324EE2, DB68501184F50D761DFA2AE6F449728EF39C0B88345072CAFA63C530DCA5FF2D ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
23:22:28.0105 0x0918  dg_ssudbus - ok
23:22:28.0151 0x0918  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
23:22:28.0167 0x0918  Dhcp - ok
23:22:28.0198 0x0918  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
23:22:28.0198 0x0918  disk - ok
23:22:28.0229 0x0918  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:22:28.0245 0x0918  Dnscache - ok
23:22:28.0276 0x0918  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
23:22:28.0276 0x0918  dot3svc - ok
23:22:28.0323 0x0918  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
23:22:28.0323 0x0918  Dot4 - ok
23:22:28.0339 0x0918  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:22:28.0339 0x0918  Dot4Print - ok
23:22:28.0385 0x0918  [ A84D8A9006B1AE515CC7B6B3586C295A, 6B69D1723296FEFC751A415BAA1F8AD070CC19B84599964148A9D834B78CD617 ] Dot4Scan        C:\Windows\system32\DRIVERS\Dot4Scan.sys
23:22:28.0401 0x0918  Dot4Scan - ok
23:22:28.0417 0x0918  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
23:22:28.0417 0x0918  dot4usb - ok
23:22:28.0463 0x0918  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
23:22:28.0463 0x0918  DPS - ok
23:22:28.0495 0x0918  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:22:28.0495 0x0918  drmkaud - ok
23:22:28.0541 0x0918  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:22:28.0557 0x0918  DXGKrnl - ok
23:22:28.0619 0x0918  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
23:22:28.0619 0x0918  E1G60 - ok
23:22:28.0666 0x0918  [ 039C592148FFE479F26C418971FB8022, D9024CC0FD9500AAD812D23834FFDCEC5F9B16F7A99BE7D09DB1F245BFEE85EB ] e1yexpress      C:\Windows\system32\DRIVERS\e1y6032.sys
23:22:28.0666 0x0918  e1yexpress - ok
23:22:28.0697 0x0918  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
23:22:28.0697 0x0918  EapHost - ok
23:22:28.0760 0x0918  [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache          C:\Windows\system32\drivers\ecache.sys
23:22:28.0775 0x0918  Ecache - ok
23:22:28.0822 0x0918  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:22:28.0838 0x0918  elxstor - ok
23:22:28.0885 0x0918  [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
23:22:28.0900 0x0918  EMDMgmt - ok
23:22:28.0931 0x0918  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:22:28.0931 0x0918  ErrDev - ok
23:22:28.0978 0x0918  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
23:22:28.0978 0x0918  EventSystem - ok
23:22:29.0025 0x0918  [ 82E7EB9F12321052CD9A904B13724EE2, 47025BCC20F0C86E4ADD127D25402813CE2DEBB768A99CF54BE08466E4D29206 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
23:22:29.0025 0x0918  ewusbnet - ok
23:22:29.0072 0x0918  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:22:29.0072 0x0918  exfat - ok
23:22:29.0243 0x0918  [ 61687DE5FB1370FA9C006B2C8B859EED, 032DD24D28A141EAC58AE6E1775F775EEE4418A8C55551254ACEDBDD953164F5 ] F-Secure Gatekeeper C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
23:22:29.0243 0x0918  F-Secure Gatekeeper - ok
23:22:29.0306 0x0918  [ C8082FF11599E7A8016C4CBB53BAD42E, F38613356752C125A62879A3146ABC30A41FB83FFD8805C6E67F77B5DD25C72A ] F-Secure HIPS   C:\Program Files\Unitymedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys
23:22:29.0306 0x0918  F-Secure HIPS - ok
23:22:29.0337 0x0918  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:22:29.0353 0x0918  fastfat - ok
23:22:29.0399 0x0918  [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax             C:\Windows\system32\fxssvc.exe
23:22:29.0415 0x0918  Fax - ok
23:22:29.0462 0x0918  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:22:29.0477 0x0918  fdc - ok
23:22:29.0493 0x0918  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
23:22:29.0493 0x0918  fdPHost - ok
23:22:29.0509 0x0918  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:22:29.0509 0x0918  FDResPub - ok
23:22:29.0524 0x0918  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:22:29.0524 0x0918  FileInfo - ok
23:22:29.0540 0x0918  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:22:29.0540 0x0918  Filetrace - ok
23:22:29.0555 0x0918  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:22:29.0555 0x0918  flpydisk - ok
23:22:29.0587 0x0918  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:22:29.0602 0x0918  FltMgr - ok
23:22:29.0696 0x0918  [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache       C:\Windows\system32\FntCache.dll
23:22:29.0727 0x0918  FontCache - ok
23:22:29.0805 0x0918  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:22:29.0805 0x0918  FontCache3.0.0.0 - ok
23:22:29.0836 0x0918  [ 271939BB83A468A582781BC6FCC05D21, 2B5BEBCD2E3C2FD716BBEE9187BA05AF13B4103C4A3D09C7E05E951646E7025B ] fsbts           C:\Windows\system32\Drivers\fsbts.sys
23:22:29.0852 0x0918  fsbts - ok
23:22:29.0883 0x0918  [ 10881D41226100F44DF3BF66F5EA75C6, A2B3B46A085D10F30A2D82186C51BCBC006390EB66E6ECF4B26293FF6506B2A9 ] fshoster        C:\Program Files\Unitymedia\fshoster32.exe
23:22:29.0883 0x0918  fshoster - ok
23:22:29.0930 0x0918  [ 072395C30DCA25AC644BE9B2D6B78AAF, 06A4D4C0E5DDC8B6FA9E6A1095AD3036C43AEC593F4C8C30C1F99E1356EF726F ] FSMA            C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSMA32.EXE
23:22:29.0945 0x0918  FSMA - ok
23:22:30.0039 0x0918  [ 47F9AFCDF8C4D313D12F719C0FA9DB6E, 3E7037800DBDF24A30A98E3D41BF9F3E7907719977DBB936253A7DFF6B11B4EA ] fsni            C:\Program Files\Unitymedia\apps\CCF_Scanning\bin\fsni32.sys
23:22:30.0039 0x0918  fsni - ok
23:22:30.0086 0x0918  [ 277A41EB7D2DAA7105DF85BFC2F1C9AD, 59141146C7292C4B9ABC4D019B07E6A3EEB759DB97B629046F168B944459208D ] FSORSPClient    C:\Program Files\Unitymedia\apps\CCF_Reputation\fsorsp.exe
23:22:30.0086 0x0918  FSORSPClient - ok
23:22:30.0117 0x0918  [ 35DDEB0B730C5D9165BB19054B891CDA, B653234CD032B0B1FE9CA8C92082C893B099D65E7151783AB020663CBF8D73DF ] fsvista         C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
23:22:30.0117 0x0918  fsvista - ok
23:22:30.0133 0x0918  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:22:30.0148 0x0918  Fs_Rec - ok
23:22:30.0164 0x0918  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:22:30.0164 0x0918  gagp30kx - ok
23:22:30.0226 0x0918  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
23:22:30.0242 0x0918  gpsvc - ok
23:22:30.0289 0x0918  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:22:30.0289 0x0918  HdAudAddService - ok
23:22:30.0351 0x0918  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:22:30.0382 0x0918  HDAudBus - ok
23:22:30.0398 0x0918  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:22:30.0413 0x0918  HidBth - ok
23:22:30.0429 0x0918  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:22:30.0429 0x0918  HidIr - ok
23:22:30.0445 0x0918  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
23:22:30.0460 0x0918  hidserv - ok
23:22:30.0491 0x0918  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:22:30.0491 0x0918  HidUsb - ok
23:22:30.0523 0x0918  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:22:30.0523 0x0918  hkmsvc - ok
23:22:30.0538 0x0918  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
23:22:30.0538 0x0918  HpCISSs - ok
23:22:30.0616 0x0918  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:22:30.0632 0x0918  hpqcxs08 - ok
23:22:30.0647 0x0918  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:22:30.0647 0x0918  hpqddsvc - ok
23:22:30.0694 0x0918  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:22:30.0710 0x0918  HTTP - ok
23:22:30.0757 0x0918  [ 348C3A9D01E68A0222A246346924AA55, 6F8803BA37760043A78DC1E0D4E20853E5ABEF55B0201676B281EC2685E951DD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:22:30.0772 0x0918  hwdatacard - ok
23:22:30.0788 0x0918  [ 460B1945C3E6B0419A76E1B507B90B71, C78B32ABB98ABAFF647500CD70AFA78C9848A4978E79EEE83D654E69F51D5F93 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
23:22:30.0788 0x0918  hwusbdev - ok
23:22:30.0819 0x0918  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
23:22:30.0819 0x0918  i2omp - ok
23:22:30.0850 0x0918  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:22:30.0850 0x0918  i8042prt - ok
23:22:31.0240 0x0918  [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
23:22:31.0615 0x0918  ialm - ok
23:22:31.0693 0x0918  [ 3E349157986C533E3CBEB8C1E17290BB, 1DEB9C8829D95FCB9DFA26169E64C2F26E09BDDB98416368A031F7D6C5630F5B ] iaNvStor        C:\Windows\system32\DRIVERS\iaNvStor.sys
23:22:31.0693 0x0918  iaNvStor - ok
23:22:31.0724 0x0918  [ ABFEBC5F846C71AFEBD7F8F6BA740C03, 3BD7EA27EC21A7A9BE544A11E5A284DF00FFB3E2554DDBE113802153D62DFDEF ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:22:31.0724 0x0918  iaStor - ok
23:22:31.0755 0x0918  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
23:22:31.0755 0x0918  iaStorV - ok
23:22:31.0833 0x0918  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:22:31.0864 0x0918  idsvc - ok
23:22:32.0254 0x0918  [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
23:22:32.0441 0x0918  igfx - ok
23:22:32.0504 0x0918  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:22:32.0504 0x0918  iirsp - ok
23:22:32.0551 0x0918  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:22:32.0566 0x0918  IKEEXT - ok
23:22:32.0675 0x0918  [ FFD2B3BC042596ABE785D3C15F51AB46, C2CA6E15FE95ADE211325CA907FBC213DB3B5E871DBD22CC485837FAB4E9BCEC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:22:32.0738 0x0918  IntcAzAudAddService - ok
23:22:32.0785 0x0918  [ C7E7E43CBD34D3B0A0156B51B917DFCC, 8F40D053D1AF89E0739D798D41F92801F95AB55CA0109386C426AB57784DD540 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
23:22:32.0785 0x0918  IntcHdmiAddService - ok
23:22:32.0816 0x0918  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
23:22:32.0816 0x0918  intelide - ok
23:22:32.0847 0x0918  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:22:32.0847 0x0918  intelppm - ok
23:22:32.0878 0x0918  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:22:32.0878 0x0918  IPBusEnum - ok
23:22:32.0894 0x0918  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:22:32.0894 0x0918  IpFilterDriver - ok
23:22:32.0925 0x0918  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:22:32.0941 0x0918  iphlpsvc - ok
23:22:32.0941 0x0918  IpInIp - ok
23:22:32.0956 0x0918  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
23:22:32.0956 0x0918  IPMIDRV - ok
23:22:32.0972 0x0918  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
23:22:32.0987 0x0918  IPNAT - ok
23:22:33.0003 0x0918  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:22:33.0003 0x0918  IRENUM - ok
23:22:33.0019 0x0918  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:22:33.0034 0x0918  isapnp - ok
23:22:33.0065 0x0918  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:22:33.0065 0x0918  iScsiPrt - ok
23:22:33.0081 0x0918  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
23:22:33.0081 0x0918  iteatapi - ok
23:22:33.0097 0x0918  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
23:22:33.0112 0x0918  iteraid - ok
23:22:33.0128 0x0918  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:22:33.0128 0x0918  kbdclass - ok
23:22:33.0159 0x0918  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:22:33.0159 0x0918  kbdhid - ok
23:22:33.0206 0x0918  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
23:22:33.0206 0x0918  KeyIso - ok
23:22:33.0237 0x0918  [ EBC507F129DF8F0E0CA270DCFC0CF87F, 232E2C4118A3177019E111E23D02F669338AE251308DE9BEDE3869C1208D7F0B ] KMDFMEMIO       C:\Windows\system32\DRIVERS\kmdfmemio.sys
23:22:33.0237 0x0918  KMDFMEMIO - ok
23:22:33.0268 0x0918  [ C89E473697B67F0E3AE9211ADBD43278, DECC1CA1E0FB0CDE384F29F5FC5D234C2C923999EB98FE1F88CDCA37859116A3 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:22:33.0284 0x0918  KSecDD - ok
23:22:33.0331 0x0918  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:22:33.0346 0x0918  KtmRm - ok
23:22:33.0377 0x0918  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:22:33.0393 0x0918  LanmanServer - ok
23:22:33.0409 0x0918  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:22:33.0424 0x0918  LanmanWorkstation - ok
23:22:33.0487 0x0918  [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:22:33.0487 0x0918  LightScribeService - ok
23:22:33.0518 0x0918  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:22:33.0518 0x0918  lltdio - ok
23:22:33.0549 0x0918  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:22:33.0549 0x0918  lltdsvc - ok
23:22:33.0565 0x0918  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:22:33.0580 0x0918  lmhosts - ok
23:22:33.0596 0x0918  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:22:33.0596 0x0918  LSI_FC - ok
23:22:33.0627 0x0918  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:22:33.0627 0x0918  LSI_SAS - ok
23:22:33.0643 0x0918  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:22:33.0658 0x0918  LSI_SCSI - ok
23:22:33.0689 0x0918  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:22:33.0689 0x0918  luafv - ok
23:22:33.0721 0x0918  [ 6DC377794EA2E7F5C3B15BEA2ECFCA0F, B42F74BFE603734C6F3C2F7CEBE172652C8F7B76CD3A1D2B2793835467FABBD0 ] M9207           C:\Windows\system32\DRIVERS\M9207_543.sys
23:22:33.0721 0x0918  M9207 - ok
23:22:33.0783 0x0918  [ 4CD3EE64736B4D156DAC5C1D6EB60C24, B9405B8C4611B5B4B2F6B85DD2CD62A54D42B31049D5DB4607832A1B7A9C1D8B ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
23:22:33.0783 0x0918  McAfeeFramework - ok
23:22:33.0845 0x0918  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
23:22:33.0861 0x0918  MDM - ok
23:22:33.0908 0x0918  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
23:22:33.0908 0x0918  megasas - ok
23:22:33.0955 0x0918  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
23:22:33.0970 0x0918  MegaSR - ok
23:22:34.0064 0x0918  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:22:34.0079 0x0918  Microsoft Office Groove Audit Service - ok
23:22:34.0095 0x0918  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
23:22:34.0095 0x0918  MMCSS - ok
23:22:34.0111 0x0918  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
23:22:34.0111 0x0918  Modem - ok
23:22:34.0142 0x0918  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:22:34.0142 0x0918  monitor - ok
23:22:34.0157 0x0918  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:22:34.0157 0x0918  mouclass - ok
23:22:34.0173 0x0918  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:22:34.0173 0x0918  mouhid - ok
23:22:34.0204 0x0918  [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
23:22:34.0220 0x0918  MountMgr - ok
23:22:34.0282 0x0918  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:22:34.0298 0x0918  MozillaMaintenance - ok
23:22:34.0329 0x0918  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:22:34.0329 0x0918  mpio - ok
23:22:34.0345 0x0918  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:22:34.0345 0x0918  mpsdrv - ok
23:22:34.0391 0x0918  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:22:34.0407 0x0918  MpsSvc - ok
23:22:34.0454 0x0918  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
23:22:34.0469 0x0918  Mraid35x - ok
23:22:34.0501 0x0918  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:22:34.0501 0x0918  MRxDAV - ok
23:22:34.0532 0x0918  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:22:34.0532 0x0918  mrxsmb - ok
23:22:34.0547 0x0918  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:22:34.0563 0x0918  mrxsmb10 - ok
23:22:34.0579 0x0918  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:22:34.0579 0x0918  mrxsmb20 - ok
23:22:34.0594 0x0918  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:22:34.0594 0x0918  msahci - ok
23:22:34.0625 0x0918  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:22:34.0625 0x0918  msdsm - ok
23:22:34.0657 0x0918  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
23:22:34.0657 0x0918  MSDTC - ok
23:22:34.0703 0x0918  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:22:34.0703 0x0918  Msfs - ok
23:22:34.0703 0x0918  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:22:34.0719 0x0918  msisadrv - ok
23:22:34.0750 0x0918  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:22:34.0750 0x0918  MSiSCSI - ok
23:22:34.0766 0x0918  msiserver - ok
23:22:34.0797 0x0918  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:22:34.0797 0x0918  MSKSSRV - ok
23:22:34.0797 0x0918  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:22:34.0797 0x0918  MSPCLOCK - ok
23:22:34.0844 0x0918  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:22:34.0844 0x0918  MSPQM - ok
23:22:34.0875 0x0918  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:22:34.0875 0x0918  MsRPC - ok
23:22:34.0891 0x0918  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:22:34.0891 0x0918  mssmbios - ok
23:22:34.0906 0x0918  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:22:34.0906 0x0918  MSTEE - ok
23:22:34.0937 0x0918  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:22:34.0937 0x0918  Mup - ok
23:22:34.0984 0x0918  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
23:22:34.0984 0x0918  napagent - ok
23:22:35.0031 0x0918  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:22:35.0047 0x0918  NativeWifiP - ok
23:22:35.0078 0x0918  [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:22:35.0093 0x0918  NDIS - ok
23:22:35.0125 0x0918  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:22:35.0140 0x0918  NdisTapi - ok
23:22:35.0140 0x0918  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:22:35.0140 0x0918  Ndisuio - ok
23:22:35.0171 0x0918  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:22:35.0171 0x0918  NdisWan - ok
23:22:35.0187 0x0918  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:22:35.0187 0x0918  NDProxy - ok
23:22:35.0234 0x0918  [ 80B7A96F908DA13617E7E6832C5C6A64, 08B81AFE120B8064B6E001BDF424168305D55F38AE2071300F57C8EA32BEAE56 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:22:35.0234 0x0918  Net Driver HPZ12 - ok
23:22:35.0234 0x0918  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:22:35.0234 0x0918  NetBIOS - ok
23:22:35.0265 0x0918  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
23:22:35.0281 0x0918  netbt - ok
23:22:35.0296 0x0918  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
23:22:35.0296 0x0918  Netlogon - ok
23:22:35.0327 0x0918  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
23:22:35.0343 0x0918  Netman - ok
23:22:35.0421 0x0918  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:22:35.0421 0x0918  NetMsmqActivator - ok
23:22:35.0437 0x0918  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:22:35.0437 0x0918  NetPipeActivator - ok
23:22:35.0468 0x0918  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
23:22:35.0483 0x0918  netprofm - ok
23:22:35.0483 0x0918  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:22:35.0483 0x0918  NetTcpActivator - ok
23:22:35.0499 0x0918  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:22:35.0499 0x0918  NetTcpPortSharing - ok
23:22:35.0624 0x0918  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
23:22:35.0717 0x0918  NETw3v32 - ok
23:22:35.0905 0x0918  [ 8DE67BD902095A13329FD82C85A1FA09, 7F0B058D0C306A845F7BF14B24B0BDBCE6F152A054331072549F46284E75A367 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
23:22:36.0061 0x0918  NETw5v32 - ok
23:22:36.0107 0x0918  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:22:36.0107 0x0918  nfrd960 - ok
23:22:36.0154 0x0918  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:22:36.0154 0x0918  NlaSvc - ok
23:22:36.0185 0x0918  [ 4A8A2AA0706B659175169DECF198E9D7, AF43D63652AA0545FD790476E3EFA448D0328575D2443D6F9983FFA9E169657F ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
23:22:36.0185 0x0918  nmwcd - ok
23:22:36.0217 0x0918  [ FD3E61831095AC62E6840D986B5A2016, 6BA836A8CFD62C9EF0EADB057CA58509EC97C353288A30DA3C0CEC4542EA8293 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
23:22:36.0217 0x0918  nmwcdc - ok
23:22:36.0248 0x0918  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:22:36.0248 0x0918  Npfs - ok
23:22:36.0279 0x0918  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
23:22:36.0279 0x0918  nsi - ok
23:22:36.0295 0x0918  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:22:36.0310 0x0918  nsiproxy - ok
23:22:36.0373 0x0918  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:22:36.0404 0x0918  Ntfs - ok
23:22:36.0435 0x0918  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
23:22:36.0435 0x0918  ntrigdigi - ok
23:22:36.0451 0x0918  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
23:22:36.0451 0x0918  Null - ok
23:22:36.0466 0x0918  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:22:36.0482 0x0918  nvraid - ok
23:22:36.0497 0x0918  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:22:36.0497 0x0918  nvstor - ok
23:22:36.0529 0x0918  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:22:36.0529 0x0918  nv_agp - ok
23:22:36.0529 0x0918  NwlnkFlt - ok
23:22:36.0544 0x0918  NwlnkFwd - ok
23:22:36.0622 0x0918  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:22:36.0622 0x0918  odserv - ok
23:22:36.0653 0x0918  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
23:22:36.0653 0x0918  ohci1394 - ok
23:22:36.0700 0x0918  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:22:36.0700 0x0918  ose - ok
23:22:36.0747 0x0918  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
23:22:36.0778 0x0918  p2pimsvc - ok
23:22:36.0794 0x0918  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:22:36.0809 0x0918  p2psvc - ok
23:22:36.0856 0x0918  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
23:22:36.0856 0x0918  Parport - ok
23:22:36.0887 0x0918  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:22:36.0887 0x0918  partmgr - ok
23:22:36.0919 0x0918  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
23:22:36.0919 0x0918  Parvdm - ok
23:22:36.0950 0x0918  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:22:36.0950 0x0918  PcaSvc - ok
23:22:36.0981 0x0918  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
23:22:36.0981 0x0918  pccsmcfd - ok
23:22:37.0028 0x0918  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
23:22:37.0028 0x0918  pci - ok
23:22:37.0059 0x0918  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:22:37.0059 0x0918  pciide - ok
23:22:37.0090 0x0918  [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:22:37.0090 0x0918  pcmcia - ok
23:22:37.0137 0x0918  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:22:37.0168 0x0918  PEAUTH - ok
23:22:37.0246 0x0918  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
23:22:37.0293 0x0918  pla - ok
23:22:37.0324 0x0918  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:22:37.0340 0x0918  PlugPlay - ok
23:22:37.0371 0x0918  [ 0C155C5D8942B3CBCF9506A9D376B9AD, 37F4878548DD7063CA31FB21D6955A45C25F648C332A736DA84DEA5AAE7486AF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:22:37.0387 0x0918  Pml Driver HPZ12 - ok
23:22:37.0418 0x0918  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
23:22:37.0433 0x0918  PNRPAutoReg - ok
23:22:37.0465 0x0918  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
23:22:37.0480 0x0918  PNRPsvc - ok
23:22:37.0511 0x0918  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:22:37.0527 0x0918  PolicyAgent - ok
23:22:37.0574 0x0918  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:22:37.0574 0x0918  PptpMiniport - ok
23:22:37.0589 0x0918  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
23:22:37.0589 0x0918  Processor - ok
23:22:37.0636 0x0918  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:22:37.0636 0x0918  ProfSvc - ok
23:22:37.0652 0x0918  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
23:22:37.0652 0x0918  ProtectedStorage - ok
23:22:37.0683 0x0918  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
23:22:37.0683 0x0918  PSched - ok
23:22:37.0761 0x0918  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:22:37.0808 0x0918  ql2300 - ok
23:22:37.0823 0x0918  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:22:37.0823 0x0918  ql40xx - ok
23:22:37.0870 0x0918  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
23:22:37.0870 0x0918  QWAVE - ok
23:22:37.0886 0x0918  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:22:37.0886 0x0918  QWAVEdrv - ok
23:22:37.0901 0x0918  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:22:37.0901 0x0918  RasAcd - ok
23:22:37.0933 0x0918  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
23:22:37.0933 0x0918  RasAuto - ok
23:22:37.0964 0x0918  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:22:37.0964 0x0918  Rasl2tp - ok
23:22:38.0011 0x0918  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
23:22:38.0011 0x0918  RasMan - ok
23:22:38.0042 0x0918  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:22:38.0042 0x0918  RasPppoe - ok
23:22:38.0073 0x0918  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:22:38.0073 0x0918  RasSstp - ok
23:22:38.0104 0x0918  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:22:38.0104 0x0918  rdbss - ok
23:22:38.0135 0x0918  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:22:38.0135 0x0918  RDPCDD - ok
23:22:38.0182 0x0918  [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
23:22:38.0182 0x0918  rdpdr - ok
23:22:38.0182 0x0918  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:22:38.0198 0x0918  RDPENCDD - ok
23:22:38.0229 0x0918  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:22:38.0229 0x0918  RDPWD - ok
23:22:38.0260 0x0918  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:22:38.0276 0x0918  RemoteAccess - ok
23:22:38.0307 0x0918  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:22:38.0307 0x0918  RemoteRegistry - ok
23:22:38.0338 0x0918  [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:22:38.0338 0x0918  RFCOMM - ok
23:22:38.0416 0x0918  [ 4D05898896EC49CF663DDA61041AB096, 1218A0AD84946F2555773D529F3D55D7B675780EC1E79A634ED0FECF8D5C9C6D ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:22:38.0416 0x0918  RichVideo - ok
23:22:38.0463 0x0918  [ C2EF513BBE069F0D4EE0938A76F975D3, DDF90CDBCF3422BA9A39C5B372E617CE0047EC8D99148795E12204AC75BA7CE2 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
23:22:38.0463 0x0918  rimmptsk - ok
23:22:38.0494 0x0918  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
23:22:38.0494 0x0918  RpcLocator - ok
23:22:38.0557 0x0918  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
23:22:38.0572 0x0918  RpcSs - ok
23:22:38.0588 0x0918  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:22:38.0588 0x0918  rspndr - ok
23:22:38.0603 0x0918  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
23:22:38.0603 0x0918  SamSs - ok
23:22:38.0619 0x0918  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:22:38.0619 0x0918  sbp2port - ok
23:22:38.0650 0x0918  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:22:38.0666 0x0918  SCardSvr - ok
23:22:38.0728 0x0918  [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule        C:\Windows\system32\schedsvc.dll
23:22:38.0744 0x0918  Schedule - ok
23:22:38.0775 0x0918  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:22:38.0791 0x0918  SCPolicySvc - ok
23:22:38.0822 0x0918  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
23:22:38.0837 0x0918  sdbus - ok
23:22:38.0869 0x0918  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:22:38.0869 0x0918  SDRSVC - ok
23:22:38.0900 0x0918  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:22:38.0900 0x0918  secdrv - ok
23:22:38.0915 0x0918  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
23:22:38.0915 0x0918  seclogon - ok
23:22:38.0931 0x0918  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
23:22:38.0947 0x0918  SENS - ok
23:22:38.0978 0x0918  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:22:38.0978 0x0918  Serenum - ok
23:22:39.0009 0x0918  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:22:39.0009 0x0918  Serial - ok
23:22:39.0025 0x0918  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:22:39.0025 0x0918  sermouse - ok
23:22:39.0103 0x0918  [ 77FAA749C34193F003F666D2E368A1F8, FCFBB471754E6FF51CF21C2D72211CD8EAA3685AF56FBE575915492E21DAD517 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23:22:39.0134 0x0918  ServiceLayer - ok
23:22:39.0181 0x0918  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:22:39.0181 0x0918  SessionEnv - ok
23:22:39.0196 0x0918  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
23:22:39.0196 0x0918  sffdisk - ok
23:22:39.0212 0x0918  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:22:39.0212 0x0918  sffp_mmc - ok
23:22:39.0243 0x0918  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
23:22:39.0243 0x0918  sffp_sd - ok
23:22:39.0259 0x0918  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:22:39.0259 0x0918  sfloppy - ok
23:22:39.0305 0x0918  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:22:39.0305 0x0918  SharedAccess - ok
23:22:39.0352 0x0918  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:22:39.0368 0x0918  ShellHWDetection - ok
23:22:39.0383 0x0918  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:22:39.0383 0x0918  sisagp - ok
23:22:39.0415 0x0918  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
23:22:39.0415 0x0918  SiSRaid2 - ok
23:22:39.0430 0x0918  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:22:39.0430 0x0918  SiSRaid4 - ok
23:22:39.0617 0x0918  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
23:22:39.0758 0x0918  slsvc - ok
23:22:39.0805 0x0918  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
23:22:39.0805 0x0918  SLUINotify - ok
23:22:39.0836 0x0918  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:22:39.0851 0x0918  Smb - ok
23:22:39.0883 0x0918  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:22:39.0883 0x0918  SNMPTRAP - ok
23:22:39.0898 0x0918  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:22:39.0898 0x0918  spldr - ok
23:22:39.0929 0x0918  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
23:22:39.0945 0x0918  Spooler - ok
23:22:39.0992 0x0918  [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:22:40.0007 0x0918  SQLWriter - ok
23:22:40.0039 0x0918  [ DC7E6FCD8C51AEF8FF3F2E23C786014A, 02852FC293359BA89155367FA7D3A69922EC2574E5B85C842517272768BE8808 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:22:40.0054 0x0918  srv - ok
23:22:40.0085 0x0918  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:22:40.0101 0x0918  srv2 - ok
23:22:40.0117 0x0918  [ 8AE0783E3EDCED90D4B2961887056A2B, D24168259988576B13EB2A4B2C11622A736174DDF11F6718D9A0DC9837F50EA5 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:22:40.0117 0x0918  srvnet - ok
23:22:40.0163 0x0918  [ 64E44ACD8C238FCBBB78F0BA4BDC4B05, 59D015DD86EA35AC8F667C063AE76FAFA9497F04225D256DF5A37EB1461F15D4 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
23:22:40.0163 0x0918  ssadbus - ok
23:22:40.0195 0x0918  [ BB2C84A15C765DA89FD832B0E73F26CE, BAE3E7726F075340B8CC7BCA18869DFEA304A03B0A0429B4C3D186B1149E9A9A ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
23:22:40.0195 0x0918  ssadmdfl - ok
23:22:40.0210 0x0918  [ 6D0D132DDC6F43EDA00DCED6D8B1CA31, 0A37081D95A56861C3E48592048DFCFAE6FB38510D21AB41C9C73744743E7646 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
23:22:40.0210 0x0918  ssadmdm - ok
23:22:40.0241 0x0918  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:22:40.0241 0x0918  SSDPSRV - ok
23:22:40.0273 0x0918  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:22:40.0273 0x0918  SstpSvc - ok
23:22:40.0319 0x0918  [ E380ED6434563FB690B7A3A4642D171E, E1572DD8A1B6E6DF26970E40A4C80B46B1D0C1F7A8F7CFA3E662D8765E239EB0 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
23:22:40.0335 0x0918  ssudmdm - ok
23:22:40.0382 0x0918  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
23:22:40.0382 0x0918  StillCam - ok
23:22:40.0413 0x0918  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
23:22:40.0429 0x0918  stisvc - ok
23:22:40.0522 0x0918  [ AB80C9DDE1F8D9F9F946365205ED55EB, 47EFCAE1F815CE84105FAEDFA987A039A95AB7C758FB53A8AAA00259B9799D05 ] StkCMini        C:\Windows\system32\Drivers\StkCMini.sys
23:22:40.0569 0x0918  StkCMini - ok
23:22:40.0585 0x0918  [ 45062BF3AEEB2FEBE29A67D0448571DB, D16B93BB3BD32357B5FD3A627266A094747FE63F829FF3A86A0C7C9F54B221A0 ] StkSSrv         C:\Windows\System32\StkCSrv.exe
23:22:40.0585 0x0918  StkSSrv - ok
23:22:40.0616 0x0918  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:22:40.0616 0x0918  swenum - ok
23:22:40.0663 0x0918  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
23:22:40.0663 0x0918  swprv - ok
23:22:40.0694 0x0918  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
23:22:40.0694 0x0918  Symc8xx - ok
23:22:40.0709 0x0918  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
23:22:40.0725 0x0918  Sym_hi - ok
23:22:40.0741 0x0918  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
23:22:40.0756 0x0918  Sym_u3 - ok
23:22:40.0819 0x0918  [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
23:22:40.0834 0x0918  SynTP - ok
23:22:40.0881 0x0918  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
23:22:40.0897 0x0918  SysMain - ok
23:22:40.0928 0x0918  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:22:40.0928 0x0918  TabletInputService - ok
23:22:40.0959 0x0918  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:22:40.0975 0x0918  TapiSrv - ok
23:22:41.0006 0x0918  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
23:22:41.0006 0x0918  TBS - ok
23:22:41.0084 0x0918  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:22:41.0115 0x0918  Tcpip - ok
23:22:41.0146 0x0918  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
23:22:41.0162 0x0918  Tcpip6 - ok
23:22:41.0193 0x0918  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:22:41.0209 0x0918  tcpipreg - ok
23:22:41.0224 0x0918  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:22:41.0224 0x0918  TDPIPE - ok
23:22:41.0240 0x0918  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:22:41.0240 0x0918  TDTCP - ok
23:22:41.0271 0x0918  [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:22:41.0271 0x0918  tdx - ok
23:22:41.0287 0x0918  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:22:41.0287 0x0918  TermDD - ok
23:22:41.0333 0x0918  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
23:22:41.0349 0x0918  TermService - ok
23:22:41.0365 0x0918  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
23:22:41.0365 0x0918  Themes - ok
23:22:41.0380 0x0918  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
23:22:41.0380 0x0918  THREADORDER - ok
23:22:41.0427 0x0918  [ CB258C2F726F1BE73C507022BE33EBB3, 096A6027D3C0D4D09DC4038505FAEA41E5DD9F62782CED648DC14314F138D666 ] TPM             C:\Windows\system32\drivers\tpm.sys
23:22:41.0427 0x0918  TPM - ok
23:22:41.0458 0x0918  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
23:22:41.0458 0x0918  TrkWks - ok
23:22:41.0505 0x0918  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:22:41.0505 0x0918  TrustedInstaller - ok
23:22:41.0536 0x0918  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:22:41.0536 0x0918  tssecsrv - ok
23:22:41.0567 0x0918  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
23:22:41.0567 0x0918  tunmp - ok
23:22:41.0614 0x0918  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:22:41.0614 0x0918  tunnel - ok
23:22:41.0630 0x0918  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:22:41.0630 0x0918  uagp35 - ok
23:22:41.0661 0x0918  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:22:41.0677 0x0918  udfs - ok
23:22:41.0708 0x0918  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:22:41.0723 0x0918  UI0Detect - ok
23:22:41.0755 0x0918  [ 649B7435EC35CBA22AEFE05CB487ED70, C95F9635D7B3BF6C3B73AE81165776F664BDCB47662CDA7692C8B1A42AD27399 ] UimBus          C:\Windows\system32\DRIVERS\UimBus.sys
23:22:41.0770 0x0918  UimBus - ok
23:22:41.0801 0x0918  [ 07139D8740EB7FF9D594BEA2544F61C4, 891A39790F41BE9EDAF11E4888549245E71F66832B331B8F40D3C98046C46A2B ] Uim_IM          C:\Windows\system32\Drivers\Uim_IM.sys
23:22:41.0817 0x0918  Uim_IM - ok
23:22:41.0848 0x0918  [ F6560B3F22662CCE7DBBD1212FEB270B, 4E74C74AD283B7886E1A722B3BD4AE6628CBB19BD881E862EC04D1943397B8DE ] Uim_Vim         C:\Windows\system32\Drivers\Uim_Vim.sys
23:22:41.0848 0x0918  Uim_Vim - ok
23:22:41.0879 0x0918  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:22:41.0879 0x0918  uliagpkx - ok
23:22:41.0895 0x0918  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
23:22:41.0911 0x0918  uliahci - ok
23:22:41.0926 0x0918  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
23:22:41.0926 0x0918  UlSata - ok
23:22:41.0942 0x0918  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
23:22:41.0957 0x0918  ulsata2 - ok
23:22:41.0957 0x0918  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:22:41.0957 0x0918  umbus - ok
23:22:41.0989 0x0918  [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:22:42.0004 0x0918  UmRdpService - ok
23:22:42.0035 0x0918  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
23:22:42.0051 0x0918  upnphost - ok
23:22:42.0098 0x0918  [ 587E643A4E2FFD9A00F114B057CEB773, CEB821A89FAE95D8CFAF468EEDA349B666C3FC13E1D142D5141484D621681197 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
23:22:42.0098 0x0918  upperdev - ok
23:22:42.0129 0x0918  [ 292A25BB75A568AE2C67169BA2C6365A, EE8B50DD446ECDEBC8B27D015FA9DE18F918ABBA8CF277B799D71CC9D79842FC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:22:42.0129 0x0918  usbaudio - ok
23:22:42.0176 0x0918  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:22:42.0176 0x0918  usbccgp - ok
23:22:42.0207 0x0918  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:22:42.0207 0x0918  usbcir - ok
23:22:42.0254 0x0918  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:22:42.0254 0x0918  usbehci - ok
23:22:42.0269 0x0918  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:22:42.0285 0x0918  usbhub - ok
23:22:42.0301 0x0918  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:22:42.0301 0x0918  usbohci - ok
23:22:42.0332 0x0918  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:22:42.0332 0x0918  usbprint - ok
23:22:42.0379 0x0918  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:22:42.0379 0x0918  usbscan - ok
23:22:42.0410 0x0918  [ FCA6A196D47CB972A0E4ADC0DB9CD17C, 31EF8E3839C3EB9404B72ABE777060B831AFAFAD51E10ADEB72E41DCC4FE8D47 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
23:22:42.0410 0x0918  UsbserFilt - ok
23:22:42.0441 0x0918  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:22:42.0441 0x0918  USBSTOR - ok
23:22:42.0472 0x0918  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:22:42.0472 0x0918  usbuhci - ok
23:22:42.0503 0x0918  [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:22:42.0519 0x0918  usbvideo - ok
23:22:42.0535 0x0918  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
23:22:42.0535 0x0918  UxSms - ok
23:22:42.0566 0x0918  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
23:22:42.0581 0x0918  vds - ok
23:22:42.0597 0x0918  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:22:42.0597 0x0918  vga - ok
23:22:42.0613 0x0918  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:22:42.0613 0x0918  VgaSave - ok
23:22:42.0628 0x0918  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:22:42.0644 0x0918  viaagp - ok
23:22:42.0659 0x0918  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
23:22:42.0659 0x0918  ViaC7 - ok
23:22:42.0675 0x0918  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
23:22:42.0675 0x0918  viaide - ok
23:22:42.0691 0x0918  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:22:42.0691 0x0918  volmgr - ok
23:22:42.0722 0x0918  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:22:42.0737 0x0918  volmgrx - ok
23:22:42.0769 0x0918  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:22:42.0784 0x0918  volsnap - ok
23:22:42.0831 0x0918  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:22:42.0831 0x0918  vsmraid - ok
23:22:42.0893 0x0918  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
23:22:42.0925 0x0918  VSS - ok
23:22:42.0956 0x0918  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
23:22:42.0971 0x0918  W32Time - ok
23:22:43.0003 0x0918  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:22:43.0003 0x0918  WacomPen - ok
23:22:43.0018 0x0918  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
23:22:43.0018 0x0918  Wanarp - ok
23:22:43.0034 0x0918  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:22:43.0034 0x0918  Wanarpv6 - ok
23:22:43.0081 0x0918  [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] wbengine        C:\Windows\system32\wbengine.exe
23:22:43.0127 0x0918  wbengine - ok
23:22:43.0174 0x0918  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:22:43.0190 0x0918  wcncsvc - ok
23:22:43.0221 0x0918  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:22:43.0221 0x0918  WcsPlugInService - ok
23:22:43.0252 0x0918  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
23:22:43.0252 0x0918  Wd - ok
23:22:43.0299 0x0918  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:22:43.0330 0x0918  Wdf01000 - ok
23:22:43.0346 0x0918  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:22:43.0346 0x0918  WdiServiceHost - ok
23:22:43.0346 0x0918  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:22:43.0361 0x0918  WdiSystemHost - ok
23:22:43.0408 0x0918  [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient       C:\Windows\System32\webclnt.dll
23:22:43.0408 0x0918  WebClient - ok
23:22:43.0471 0x0918  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:22:43.0471 0x0918  Wecsvc - ok
23:22:43.0502 0x0918  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:22:43.0502 0x0918  wercplsupport - ok
23:22:43.0533 0x0918  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:22:43.0533 0x0918  WerSvc - ok
23:22:43.0595 0x0918  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
23:22:43.0611 0x0918  WinDefend - ok
23:22:43.0611 0x0918  WinHttpAutoProxySvc - ok
23:22:43.0673 0x0918  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:22:43.0673 0x0918  Winmgmt - ok
23:22:43.0751 0x0918  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:22:43.0798 0x0918  WinRM - ok
23:22:43.0845 0x0918  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
23:22:43.0861 0x0918  WinUSB - ok
23:22:43.0892 0x0918  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:22:43.0923 0x0918  Wlansvc - ok
23:22:44.0017 0x0918  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:22:44.0048 0x0918  wlidsvc - ok
23:22:44.0095 0x0918  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:22:44.0095 0x0918  WmiAcpi - ok
23:22:44.0110 0x0918  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:22:44.0126 0x0918  wmiApSrv - ok
23:22:44.0204 0x0918  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
23:22:44.0235 0x0918  WMPNetworkSvc - ok
23:22:44.0282 0x0918  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:22:44.0282 0x0918  WPDBusEnum - ok
23:22:44.0375 0x0918  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:22:44.0407 0x0918  WPFFontCache_v0400 - ok
23:22:44.0438 0x0918  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:22:44.0438 0x0918  ws2ifsl - ok
23:22:44.0469 0x0918  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:22:44.0469 0x0918  wscsvc - ok
23:22:44.0500 0x0918  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
23:22:44.0500 0x0918  WSDPrintDevice - ok
23:22:44.0500 0x0918  WSearch - ok
23:22:44.0641 0x0918  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:22:44.0672 0x05e4  Object required for P2P: [ 61687DE5FB1370FA9C006B2C8B859EED ] F-Secure Gatekeeper
23:22:44.0687 0x0918  wuauserv - ok
23:22:44.0734 0x0918  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:22:44.0734 0x0918  WudfPf - ok
23:22:44.0750 0x0918  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:22:44.0765 0x0918  WUDFRd - ok
23:22:44.0781 0x0918  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:22:44.0781 0x0918  wudfsvc - ok
23:22:44.0828 0x0918  ================ Scan global ===============================
23:22:44.0859 0x0918  [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
23:22:44.0890 0x0918  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:22:44.0906 0x0918  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:22:44.0968 0x0918  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
23:22:44.0968 0x0918  [ Global ] - ok
23:22:44.0968 0x0918  ================ Scan MBR ==================================
23:22:44.0999 0x0918  [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
23:22:45.0327 0x0918  \Device\Harddisk0\DR0 - ok
23:22:45.0327 0x0918  ================ Scan VBR ==================================
23:22:45.0327 0x0918  [ 5B7BA6FEB6BCB68440A694750EC903F4 ] \Device\Harddisk0\DR0\Partition1
23:22:45.0358 0x0918  \Device\Harddisk0\DR0\Partition1 - ok
23:22:45.0358 0x0918  [ DBF17C27622D54BB73B62840BB298E00 ] \Device\Harddisk0\DR0\Partition2
23:22:45.0389 0x0918  \Device\Harddisk0\DR0\Partition2 - ok
23:22:45.0389 0x0918  ================ Scan generic autorun ======================
23:22:45.0467 0x0918  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
23:22:45.0514 0x0918  Windows Defender - ok
23:22:45.0764 0x0918  [ EB57A9927A39EB86194D664E781633B7, 673F5A8D2ACFE11CAA95FBDDB4962445CCFBBBF3547DDFFB820A335F4F6B1D13 ] C:\Windows\RtHDVCpl.exe
23:22:46.0045 0x0918  RtHDVCpl - ok
23:22:46.0216 0x0918  [ A37B2AB33BFF3C6705DC2C016328DD2F, C6F14E81FD9001048B178576FA01A4F77BF3F0A05DE443EB6AAC4982EE763D69 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
23:22:46.0247 0x0918  SynTPEnh - ok
23:22:46.0294 0x0918  [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
23:22:46.0294 0x0918  LanguageShortcut - ok
23:22:46.0325 0x0918  [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
23:22:46.0341 0x0918  SSBkgdUpdate - ok
23:22:46.0388 0x0918  [ 3983E99D3A28C7EEFFC728643715989D, BEAD92903A780AFB2977DCE3F3CBFCDC9A41AF013FEDA3A3F98B72709A3A472D ] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
23:22:46.0388 0x0918  IndexSearch - ok
23:22:46.0435 0x0918  [ 82C94CB8DF55112D06E05030A91F1C3F, 774F16512B7791FEF6313B892465A7AABCCB2FF0E0494FF831B4D6FFE06765D9 ] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
23:22:46.0435 0x0918  PPort11reminder - ok
23:22:46.0481 0x0918  [ 8148563E8623EB5AC747297FAED928E0, 6278A17785EA8B2A333B556315012866354017F86D6B600EFFD1B9440EAE6749 ] C:\Program Files\Brother\ControlCenter3\brctrcen.exe
23:22:46.0481 0x0918  ControlCenter3 - ok
23:22:46.0528 0x0918  [ 10881D41226100F44DF3BF66F5EA75C6, A2B3B46A085D10F30A2D82186C51BCBC006390EB66E6ECF4B26293FF6506B2A9 ] C:\Program Files\Unitymedia\fshoster32.exe
23:22:46.0544 0x0918  F-Secure Hoster (47796) - ok
23:22:46.0622 0x0918  [ 43AB323DFBD4B854FC19A0B76439F994, C8A8FBA8E4E573413CE139AAB48A65B4FB0BA24AC6DD736F4F8CDE17CB08B0C2 ] C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSM32.EXE
23:22:46.0637 0x0918  F-Secure Manager - ok
23:22:46.0669 0x0918  [ 2C1B1E9174D94E9F6EE3CF373ABAB7DD, 729D283DF70F727824EBCA223D5E5B27D16E3E2B5312B1B34CAE1E763192D7B5 ] C:\Windows\system32\igfxtray.exe
23:22:46.0669 0x0918  IgfxTray - ok
23:22:46.0684 0x0918  [ 87D78CF6365BDDACBE9D34B60FE0E23B, 4561DE7171FD9035FEDF7EEA059859732996A5E72364D0D9F230563A1A6AE3D4 ] C:\Windows\system32\hkcmd.exe
23:22:46.0700 0x0918  HotKeysCmds - ok
23:22:46.0715 0x0918  [ 89D3DE5E2C77DCD99C56F0E46310AEA0, 02E1B2353E5D5F65D7968698AFE079A4DF11C230F6213C07D128F47147BACA29 ] C:\Windows\system32\igfxpers.exe
23:22:46.0715 0x0918  Persistence - ok
23:22:46.0778 0x0918  [ 7E6EFC5383FEF3EF852F2C7D41DEE83F, 552A0A158CBEFEA6B2FC969F5E9481C6D688A0D3FEE1C2F1F3BD8A5A4F32F6F9 ] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
23:22:46.0809 0x0918  BrMfcWnd - ok
23:22:46.0871 0x0918  [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
23:22:46.0887 0x0918  SunJavaUpdateSched - ok
23:22:46.0981 0x0918  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:22:47.0012 0x0918  Sidebar - ok
23:22:47.0012 0x0918  WindowsWelcomeCenter - ok
23:22:47.0059 0x0918  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:22:47.0074 0x0918  Sidebar - ok
23:22:47.0090 0x0918  WindowsWelcomeCenter - ok
23:22:47.0090 0x0918  Waiting for KSN requests completion. In queue: 345
23:22:47.0152 0x05e4  Object send P2P result: true
23:22:48.0104 0x0918  Waiting for KSN requests completion. In queue: 70
23:22:49.0118 0x0918  Waiting for KSN requests completion. In queue: 70
23:22:49.0492 0x0c58  Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
23:22:50.0132 0x0918  Waiting for KSN requests completion. In queue: 3
23:22:51.0146 0x0918  Waiting for KSN requests completion. In queue: 3
23:22:52.0035 0x0c58  Object send P2P result: true
23:22:52.0316 0x0918  AV detected via SS2: Computer Schutz, C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fsavwsch.exe ( 9.10.15260.0 ), 0x41000 ( enabled : updated )
23:22:52.0363 0x0918  Win FW state via NFP2: enabled ( trusted )
23:22:54.0781 0x0918  ============================================================
23:22:54.0781 0x0918  Scan finished
23:22:54.0781 0x0918  ============================================================
23:22:54.0781 0x148c  Detected object count: 0
23:22:54.0781 0x148c  Actual detected object count: 0
23:24:59.0432 0x1034  ============================================================
23:24:59.0432 0x1034  Scan started
23:24:59.0432 0x1034  Mode: Manual; SigCheck; TDLFS; 
23:24:59.0432 0x1034  ============================================================
23:24:59.0432 0x1034  KSN ping started
23:25:01.0991 0x1034  KSN ping finished: true
23:25:02.0318 0x1034  ================ Scan system memory ========================
23:25:02.0318 0x1034  System memory - ok

... Teil 2 folgt gleich...

REC · 10.12.2015, 00:36

...und hier Teil 2 der zweiten Logfile:

Code:

ATTFilter

23:25:02.0318 0x1034  ================ Scan services =============================
23:25:02.0412 0x1034  [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
23:25:02.0521 0x1034  AAV UpdateService - ok
23:25:02.0662 0x1034  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
23:25:02.0724 0x1034  ACPI - ok
23:25:02.0833 0x1034  [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:25:02.0864 0x1034  AdobeARMservice - ok
23:25:02.0927 0x1034  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:25:03.0005 0x1034  adp94xx - ok
23:25:03.0036 0x1034  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:25:03.0130 0x1034  adpahci - ok
23:25:03.0161 0x1034  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
23:25:03.0192 0x1034  adpu160m - ok
23:25:03.0223 0x1034  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:25:03.0254 0x1034  adpu320 - ok
23:25:03.0286 0x1034  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:25:03.0442 0x1034  AeLookupSvc - ok
23:25:03.0488 0x1034  [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD             C:\Windows\system32\drivers\afd.sys
23:25:03.0582 0x1034  AFD - ok
23:25:03.0629 0x1034  [ EFBC44FBD75E4F80BD927AEBF6E7EADE, 0A1ACFE5D007DF8ABB97081C93111A1F18D90CB34093CD5784588971BFE86AE7 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
23:25:03.0676 0x1034  AgereModemAudio - ok
23:25:03.0754 0x1034  [ 1CFEBA39FC613E45B49D3EDDFBCDA289, 15E8102FD9C50DBC16DDC523FC9C17DBE21F2C5C4E081C54901379C0D99277AA ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
23:25:03.0956 0x1034  AgereSoftModem - ok
23:25:04.0003 0x1034  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:25:04.0019 0x1034  agp440 - ok
23:25:04.0066 0x1034  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
23:25:04.0097 0x1034  aic78xx - ok
23:25:04.0112 0x1034  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
23:25:04.0253 0x1034  ALG - ok
23:25:04.0284 0x1034  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
23:25:04.0300 0x1034  aliide - ok
23:25:04.0331 0x1034  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:25:04.0362 0x1034  amdagp - ok
23:25:04.0393 0x1034  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
23:25:04.0409 0x1034  amdide - ok
23:25:04.0424 0x1034  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
23:25:04.0487 0x1034  AmdK7 - ok
23:25:04.0518 0x1034  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:25:04.0612 0x1034  AmdK8 - ok
23:25:04.0643 0x1034  [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA, 834B397F365D930DA01D5189DDF06195CFE4C0F9249223C5A9004643F41BA6E4 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
23:25:04.0721 0x1034  androidusb - ok
23:25:04.0752 0x1034  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
23:25:04.0877 0x1034  Appinfo - ok
23:25:04.0924 0x1034  [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:25:05.0064 0x1034  AppMgmt - ok
23:25:05.0095 0x1034  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
23:25:05.0126 0x1034  arc - ok
23:25:05.0173 0x1034  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:25:05.0189 0x1034  arcsas - ok
23:25:05.0282 0x1034  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:25:05.0314 0x1034  aspnet_state - ok
23:25:05.0345 0x1034  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:25:05.0423 0x1034  AsyncMac - ok
23:25:05.0454 0x1034  [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:25:05.0470 0x1034  atapi - ok
23:25:05.0485 0x1034  [ 73742099982CF514512E1941F2862C33, 3B838304AA395C0BD244545C439F131499A76731ACD35AAA8E676F1F3925DDE3 ] ATSWPDRV        C:\Windows\system32\DRIVERS\ATSwpDrv.sys
23:25:05.0516 0x1034  ATSWPDRV - ok
23:25:05.0579 0x1034  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:25:05.0766 0x1034  AudioEndpointBuilder - ok
23:25:05.0782 0x1034  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:25:05.0844 0x1034  Audiosrv - ok
23:25:05.0891 0x1034  [ 08015D34F6FDD0B355805BAD978497C3, AAD5F919215B8630DCCADF2AC8DC82BAA543C52B1682B476093E014532B20EBD ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
23:25:06.0109 0x1034  bcm4sbxp - ok
23:25:06.0140 0x1034  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:25:06.0203 0x1034  Beep - ok
23:25:06.0250 0x1034  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
23:25:06.0468 0x1034  BFE - ok
23:25:06.0515 0x1034  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
23:25:06.0780 0x1034  BITS - ok
23:25:06.0827 0x1034  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
23:25:06.0889 0x1034  blbdrive - ok
23:25:06.0920 0x1034  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:25:06.0983 0x1034  bowser - ok
23:25:06.0998 0x1034  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
23:25:07.0076 0x1034  BrFiltLo - ok
23:25:07.0092 0x1034  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
23:25:07.0186 0x1034  BrFiltUp - ok
23:25:07.0232 0x1034  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
23:25:07.0279 0x1034  Browser - ok
23:25:07.0310 0x1034  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
23:25:07.0404 0x1034  Brserid - ok
23:25:07.0420 0x1034  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
23:25:07.0513 0x1034  BrSerWdm - ok
23:25:07.0560 0x1034  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
23:25:07.0654 0x1034  BrUsbMdm - ok
23:25:07.0669 0x1034  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
23:25:07.0778 0x1034  BrUsbSer - ok
23:25:07.0825 0x1034  [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
23:25:07.0934 0x1034  BthEnum - ok
23:25:07.0966 0x1034  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:25:08.0075 0x1034  BTHMODEM - ok
23:25:08.0106 0x1034  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:25:08.0215 0x1034  BthPan - ok
23:25:08.0262 0x1034  [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
23:25:08.0402 0x1034  BTHPORT - ok
23:25:08.0449 0x1034  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
23:25:08.0527 0x1034  BthServ - ok
23:25:08.0574 0x1034  [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
23:25:08.0621 0x1034  BTHUSB - ok
23:25:08.0668 0x1034  [ 3EA1A20DC0CA1AD23E7AA8C37A91BCD1, 4AF75222BF49EBFA93C98DF206D715DFE2B5EB742BDE06622256F628A756AAD6 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
23:25:08.0683 0x1034  btwaudio - ok
23:25:08.0714 0x1034  [ 195872E48A7FB01F8BC9B800F70F4054, 5F37D7CE44F00791241911BA1E77AD5DAD22C08584F19367BBE27BBFA3484616 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
23:25:08.0730 0x1034  btwavdt - ok
23:25:08.0761 0x1034  [ 0724E7D6C9B6A289EDDDA33FA8176E80, 836BFED3A4A374AB1C699D950D87A0709F529FD65B860890699584640490DBE8 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
23:25:08.0777 0x1034  btwrchid - ok
23:25:08.0792 0x1034  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:25:08.0855 0x1034  cdfs - ok
23:25:08.0902 0x1034  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:25:08.0980 0x1034  cdrom - ok
23:25:09.0011 0x1034  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
23:25:09.0089 0x1034  CertPropSvc - ok
23:25:09.0104 0x1034  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:25:09.0167 0x1034  circlass - ok
23:25:09.0214 0x1034  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
23:25:09.0276 0x1034  CLFS - ok
23:25:09.0338 0x1034  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:25:09.0370 0x1034  clr_optimization_v2.0.50727_32 - ok
23:25:09.0432 0x1034  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:25:09.0463 0x1034  clr_optimization_v4.0.30319_32 - ok
23:25:09.0479 0x1034  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:25:09.0557 0x1034  CmBatt - ok
23:25:09.0572 0x1034  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:25:09.0588 0x1034  cmdide - ok
23:25:09.0619 0x1034  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:25:09.0666 0x1034  Compbatt - ok
23:25:09.0682 0x1034  COMSysApp - ok
23:25:09.0884 0x1034  cpuz135 - ok
23:25:09.0994 0x1034  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:25:10.0040 0x1034  crcdisk - ok
23:25:10.0072 0x1034  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
23:25:10.0196 0x1034  Crusoe - ok
23:25:10.0243 0x1034  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:25:10.0352 0x1034  CryptSvc - ok
23:25:10.0399 0x1034  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] CSC             C:\Windows\system32\drivers\csc.sys
23:25:10.0524 0x1034  CSC - ok
23:25:10.0571 0x1034  [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] CscService      C:\Windows\System32\cscsvc.dll
23:25:10.0727 0x1034  CscService - ok
23:25:10.0774 0x1034  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:25:10.0976 0x1034  DcomLaunch - ok
23:25:11.0008 0x1034  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:25:11.0086 0x1034  DfsC - ok
23:25:11.0195 0x1034  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
23:25:11.0460 0x1034  DFSR - ok
23:25:11.0491 0x1034  [ FF0E8993EEA607B9B184AFB0D5324EE2, DB68501184F50D761DFA2AE6F449728EF39C0B88345072CAFA63C530DCA5FF2D ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
23:25:11.0507 0x1034  dg_ssudbus - ok
23:25:11.0554 0x1034  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
23:25:11.0616 0x1034  Dhcp - ok
23:25:11.0647 0x1034  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
23:25:11.0663 0x1034  disk - ok
23:25:11.0694 0x1034  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:25:11.0788 0x1034  Dnscache - ok
23:25:11.0819 0x1034  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
23:25:11.0881 0x1034  dot3svc - ok
23:25:11.0912 0x1034  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
23:25:11.0975 0x1034  Dot4 - ok
23:25:11.0990 0x1034  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:25:12.0053 0x1034  Dot4Print - ok
23:25:12.0084 0x1034  [ A84D8A9006B1AE515CC7B6B3586C295A, 6B69D1723296FEFC751A415BAA1F8AD070CC19B84599964148A9D834B78CD617 ] Dot4Scan        C:\Windows\system32\DRIVERS\Dot4Scan.sys
23:25:12.0146 0x1034  Dot4Scan - ok
23:25:12.0178 0x1034  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
23:25:12.0240 0x1034  dot4usb - ok
23:25:12.0271 0x1034  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
23:25:12.0318 0x1034  DPS - ok
23:25:12.0349 0x1034  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:25:12.0412 0x1034  drmkaud - ok
23:25:12.0458 0x1034  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:25:12.0552 0x1034  DXGKrnl - ok
23:25:12.0599 0x1034  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
23:25:12.0677 0x1034  E1G60 - ok
23:25:12.0708 0x1034  [ 039C592148FFE479F26C418971FB8022, D9024CC0FD9500AAD812D23834FFDCEC5F9B16F7A99BE7D09DB1F245BFEE85EB ] e1yexpress      C:\Windows\system32\DRIVERS\e1y6032.sys
23:25:12.0739 0x1034  e1yexpress - ok
23:25:12.0770 0x1034  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
23:25:12.0833 0x1034  EapHost - ok
23:25:12.0880 0x1034  [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache          C:\Windows\system32\drivers\ecache.sys
23:25:12.0942 0x1034  Ecache - ok
23:25:13.0004 0x1034  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:25:13.0067 0x1034  elxstor - ok
23:25:13.0129 0x1034  [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
23:25:13.0348 0x1034  EMDMgmt - ok
23:25:13.0379 0x1034  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:25:13.0472 0x1034  ErrDev - ok
23:25:13.0535 0x1034  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
23:25:13.0644 0x1034  EventSystem - ok
23:25:13.0675 0x1034  [ 82E7EB9F12321052CD9A904B13724EE2, 47025BCC20F0C86E4ADD127D25402813CE2DEBB768A99CF54BE08466E4D29206 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
23:25:13.0753 0x1034  ewusbnet - ok
23:25:13.0784 0x1034  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:25:13.0847 0x1034  exfat - ok
23:25:13.0987 0x1034  [ 61687DE5FB1370FA9C006B2C8B859EED, 032DD24D28A141EAC58AE6E1775F775EEE4418A8C55551254ACEDBDD953164F5 ] F-Secure Gatekeeper C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
23:25:14.0018 0x1034  F-Secure Gatekeeper - ok
23:25:14.0018 0x1034  Object required for P2P: [ 61687DE5FB1370FA9C006B2C8B859EED ] F-Secure Gatekeeper
23:25:16.0499 0x1034  Object send P2P result: true
23:25:16.0546 0x1034  [ C8082FF11599E7A8016C4CBB53BAD42E, F38613356752C125A62879A3146ABC30A41FB83FFD8805C6E67F77B5DD25C72A ] F-Secure HIPS   C:\Program Files\Unitymedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys
23:25:16.0577 0x1034  F-Secure HIPS - ok
23:25:16.0624 0x1034  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:25:16.0702 0x1034  fastfat - ok
23:25:16.0733 0x1034  [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax             C:\Windows\system32\fxssvc.exe
23:25:16.0904 0x1034  Fax - ok
23:25:16.0936 0x1034  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:25:16.0998 0x1034  fdc - ok
23:25:17.0029 0x1034  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
23:25:17.0092 0x1034  fdPHost - ok
23:25:17.0092 0x1034  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:25:17.0170 0x1034  FDResPub - ok
23:25:17.0201 0x1034  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:25:17.0216 0x1034  FileInfo - ok
23:25:17.0232 0x1034  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:25:17.0294 0x1034  Filetrace - ok
23:25:17.0310 0x1034  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:25:17.0357 0x1034  flpydisk - ok
23:25:17.0388 0x1034  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:25:17.0404 0x1034  FltMgr - ok
23:25:17.0482 0x1034  [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache       C:\Windows\system32\FntCache.dll
23:25:17.0856 0x1034  FontCache - ok
23:25:17.0934 0x1034  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:25:17.0950 0x1034  FontCache3.0.0.0 - ok
23:25:17.0981 0x1034  [ 271939BB83A468A582781BC6FCC05D21, 2B5BEBCD2E3C2FD716BBEE9187BA05AF13B4103C4A3D09C7E05E951646E7025B ] fsbts           C:\Windows\system32\Drivers\fsbts.sys
23:25:18.0028 0x1034  fsbts - ok
23:25:18.0059 0x1034  [ 10881D41226100F44DF3BF66F5EA75C6, A2B3B46A085D10F30A2D82186C51BCBC006390EB66E6ECF4B26293FF6506B2A9 ] fshoster        C:\Program Files\Unitymedia\fshoster32.exe
23:25:18.0090 0x1034  fshoster - ok
23:25:18.0152 0x1034  [ 072395C30DCA25AC644BE9B2D6B78AAF, 06A4D4C0E5DDC8B6FA9E6A1095AD3036C43AEC593F4C8C30C1F99E1356EF726F ] FSMA            C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSMA32.EXE
23:25:18.0184 0x1034  FSMA - ok
23:25:18.0277 0x1034  [ 47F9AFCDF8C4D313D12F719C0FA9DB6E, 3E7037800DBDF24A30A98E3D41BF9F3E7907719977DBB936253A7DFF6B11B4EA ] fsni            C:\Program Files\Unitymedia\apps\CCF_Scanning\bin\fsni32.sys
23:25:18.0293 0x1034  fsni - ok
23:25:18.0355 0x1034  [ 277A41EB7D2DAA7105DF85BFC2F1C9AD, 59141146C7292C4B9ABC4D019B07E6A3EEB759DB97B629046F168B944459208D ] FSORSPClient    C:\Program Files\Unitymedia\apps\CCF_Reputation\fsorsp.exe
23:25:18.0371 0x1034  FSORSPClient - ok
23:25:18.0402 0x1034  [ 35DDEB0B730C5D9165BB19054B891CDA, B653234CD032B0B1FE9CA8C92082C893B099D65E7151783AB020663CBF8D73DF ] fsvista         C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
23:25:18.0433 0x1034  fsvista - ok
23:25:18.0464 0x1034  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:25:18.0527 0x1034  Fs_Rec - ok
23:25:18.0558 0x1034  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:25:18.0574 0x1034  gagp30kx - ok
23:25:18.0636 0x1034  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
23:25:18.0854 0x1034  gpsvc - ok
23:25:18.0886 0x1034  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:25:19.0010 0x1034  HdAudAddService - ok
23:25:19.0088 0x1034  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:25:19.0322 0x1034  HDAudBus - ok
23:25:19.0338 0x1034  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:25:19.0432 0x1034  HidBth - ok
23:25:19.0463 0x1034  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:25:19.0541 0x1034  HidIr - ok
23:25:19.0588 0x1034  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
23:25:19.0650 0x1034  hidserv - ok
23:25:19.0681 0x1034  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:25:19.0759 0x1034  HidUsb - ok
23:25:19.0790 0x1034  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:25:19.0853 0x1034  hkmsvc - ok
23:25:19.0884 0x1034  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
23:25:19.0900 0x1034  HpCISSs - ok
23:25:19.0962 0x1034  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:25:20.0024 0x1034  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
23:25:20.0024 0x1034  Detect skipped due to KSN trusted
23:25:20.0024 0x1034  hpqcxs08 - ok
23:25:20.0040 0x1034  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:25:20.0102 0x1034  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:25:20.0102 0x1034  Detect skipped due to KSN trusted
23:25:20.0102 0x1034  hpqddsvc - ok
23:25:20.0149 0x1034  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:25:20.0305 0x1034  HTTP - ok
23:25:20.0336 0x1034  [ 348C3A9D01E68A0222A246346924AA55, 6F8803BA37760043A78DC1E0D4E20853E5ABEF55B0201676B281EC2685E951DD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:25:20.0430 0x1034  hwdatacard - ok
23:25:20.0461 0x1034  [ 460B1945C3E6B0419A76E1B507B90B71, C78B32ABB98ABAFF647500CD70AFA78C9848A4978E79EEE83D654E69F51D5F93 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
23:25:20.0539 0x1034  hwusbdev - ok
23:25:20.0555 0x1034  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
23:25:20.0570 0x1034  i2omp - ok
23:25:20.0602 0x1034  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:25:20.0648 0x1034  i8042prt - ok
23:25:20.0992 0x1034  [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
23:25:21.0584 0x1034  ialm - ok
23:25:21.0647 0x1034  [ 3E349157986C533E3CBEB8C1E17290BB, 1DEB9C8829D95FCB9DFA26169E64C2F26E09BDDB98416368A031F7D6C5630F5B ] iaNvStor        C:\Windows\system32\DRIVERS\iaNvStor.sys
23:25:21.0694 0x1034  iaNvStor - ok
23:25:21.0740 0x1034  [ ABFEBC5F846C71AFEBD7F8F6BA740C03, 3BD7EA27EC21A7A9BE544A11E5A284DF00FFB3E2554DDBE113802153D62DFDEF ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:25:21.0803 0x1034  iaStor - ok
23:25:21.0834 0x1034  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
23:25:21.0850 0x1034  iaStorV - ok
23:25:21.0928 0x1034  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:25:22.0068 0x1034  idsvc - ok
23:25:22.0411 0x1034  [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
23:25:23.0035 0x1034  igfx - ok
23:25:23.0082 0x1034  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:25:23.0113 0x1034  iirsp - ok
23:25:23.0160 0x1034  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:25:23.0300 0x1034  IKEEXT - ok
23:25:23.0410 0x1034  [ FFD2B3BC042596ABE785D3C15F51AB46, C2CA6E15FE95ADE211325CA907FBC213DB3B5E871DBD22CC485837FAB4E9BCEC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:25:23.0644 0x1034  IntcAzAudAddService - ok
23:25:23.0675 0x1034  [ C7E7E43CBD34D3B0A0156B51B917DFCC, 8F40D053D1AF89E0739D798D41F92801F95AB55CA0109386C426AB57784DD540 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
23:25:23.0753 0x1034  IntcHdmiAddService - ok
23:25:23.0768 0x1034  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
23:25:23.0784 0x1034  intelide - ok
23:25:23.0800 0x1034  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:25:23.0862 0x1034  intelppm - ok
23:25:23.0893 0x1034  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:25:23.0940 0x1034  IPBusEnum - ok
23:25:23.0971 0x1034  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:25:24.0034 0x1034  IpFilterDriver - ok
23:25:24.0065 0x1034  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:25:24.0143 0x1034  iphlpsvc - ok
23:25:24.0143 0x1034  IpInIp - ok
23:25:24.0174 0x1034  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
23:25:24.0236 0x1034  IPMIDRV - ok
23:25:24.0252 0x1034  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
23:25:24.0330 0x1034  IPNAT - ok
23:25:24.0361 0x1034  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:25:24.0408 0x1034  IRENUM - ok
23:25:24.0439 0x1034  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:25:24.0455 0x1034  isapnp - ok
23:25:24.0502 0x1034  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:25:24.0533 0x1034  iScsiPrt - ok
23:25:24.0564 0x1034  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
23:25:24.0580 0x1034  iteatapi - ok
23:25:24.0611 0x1034  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
23:25:24.0626 0x1034  iteraid - ok
23:25:24.0642 0x1034  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:25:24.0689 0x1034  kbdclass - ok
23:25:24.0720 0x1034  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:25:24.0782 0x1034  kbdhid - ok
23:25:24.0829 0x1034  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
23:25:24.0970 0x1034  KeyIso - ok
23:25:25.0001 0x1034  [ EBC507F129DF8F0E0CA270DCFC0CF87F, 232E2C4118A3177019E111E23D02F669338AE251308DE9BEDE3869C1208D7F0B ] KMDFMEMIO       C:\Windows\system32\DRIVERS\kmdfmemio.sys
23:25:25.0063 0x1034  KMDFMEMIO - ok
23:25:25.0126 0x1034  [ C89E473697B67F0E3AE9211ADBD43278, DECC1CA1E0FB0CDE384F29F5FC5D234C2C923999EB98FE1F88CDCA37859116A3 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:25:25.0188 0x1034  KSecDD - ok
23:25:25.0235 0x1034  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:25:25.0328 0x1034  KtmRm - ok
23:25:25.0360 0x1034  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:25:25.0422 0x1034  LanmanServer - ok
23:25:25.0469 0x1034  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:25:25.0562 0x1034  LanmanWorkstation - ok
23:25:25.0625 0x1034  [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:25:25.0656 0x1034  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
23:25:25.0656 0x1034  Detect skipped due to KSN trusted
23:25:25.0656 0x1034  LightScribeService - ok
23:25:25.0687 0x1034  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:25:25.0765 0x1034  lltdio - ok
23:25:25.0781 0x1034  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:25:25.0859 0x1034  lltdsvc - ok
23:25:25.0890 0x1034  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:25:25.0984 0x1034  lmhosts - ok
23:25:26.0030 0x1034  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:25:26.0155 0x1034  LSI_FC - ok
23:25:26.0218 0x1034  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:25:26.0249 0x1034  LSI_SAS - ok
23:25:26.0280 0x1034  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:25:26.0296 0x1034  LSI_SCSI - ok
23:25:26.0327 0x1034  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:25:26.0405 0x1034  luafv - ok
23:25:26.0436 0x1034  [ 6DC377794EA2E7F5C3B15BEA2ECFCA0F, B42F74BFE603734C6F3C2F7CEBE172652C8F7B76CD3A1D2B2793835467FABBD0 ] M9207           C:\Windows\system32\DRIVERS\M9207_543.sys
23:25:26.0561 0x1034  M9207 - ok
23:25:26.0623 0x1034  [ 4CD3EE64736B4D156DAC5C1D6EB60C24, B9405B8C4611B5B4B2F6B85DD2CD62A54D42B31049D5DB4607832A1B7A9C1D8B ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
23:25:26.0639 0x1034  McAfeeFramework - ok
23:25:26.0701 0x1034  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
23:25:26.0795 0x1034  MDM - detected UnsignedFile.Multi.Generic ( 1 )
23:25:26.0795 0x1034  Detect skipped due to KSN trusted
23:25:26.0795 0x1034  MDM - ok
23:25:26.0810 0x1034  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
23:25:26.0842 0x1034  megasas - ok
23:25:26.0888 0x1034  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
23:25:27.0013 0x1034  MegaSR - ok
23:25:27.0091 0x1034  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:25:27.0107 0x1034  Microsoft Office Groove Audit Service - ok
23:25:27.0154 0x1034  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
23:25:27.0216 0x1034  MMCSS - ok
23:25:27.0232 0x1034  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
23:25:27.0278 0x1034  Modem - ok
23:25:27.0310 0x1034  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:25:27.0403 0x1034  monitor - ok
23:25:27.0434 0x1034  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:25:27.0481 0x1034  mouclass - ok
23:25:27.0512 0x1034  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:25:27.0575 0x1034  mouhid - ok
23:25:27.0606 0x1034  [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
23:25:27.0637 0x1034  MountMgr - ok
23:25:27.0700 0x1034  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:25:27.0731 0x1034  MozillaMaintenance - ok
23:25:27.0746 0x1034  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:25:27.0809 0x1034  mpio - ok
23:25:27.0824 0x1034  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:25:27.0902 0x1034  mpsdrv - ok
23:25:27.0965 0x1034  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:25:28.0136 0x1034  MpsSvc - ok
23:25:28.0168 0x1034  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
23:25:28.0214 0x1034  Mraid35x - ok
23:25:28.0261 0x1034  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:25:28.0339 0x1034  MRxDAV - ok
23:25:28.0370 0x1034  [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:25:28.0433 0x1034  mrxsmb - ok
23:25:28.0464 0x1034  [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:25:28.0542 0x1034  mrxsmb10 - ok
23:25:28.0558 0x1034  [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:25:28.0604 0x1034  mrxsmb20 - ok
23:25:28.0636 0x1034  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:25:28.0682 0x1034  msahci - ok
23:25:28.0729 0x1034  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:25:28.0760 0x1034  msdsm - ok
23:25:28.0792 0x1034  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
23:25:28.0885 0x1034  MSDTC - ok
23:25:28.0901 0x1034  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:25:28.0948 0x1034  Msfs - ok
23:25:28.0948 0x1034  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:25:28.0963 0x1034  msisadrv - ok
23:25:29.0010 0x1034  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:25:29.0072 0x1034  MSiSCSI - ok
23:25:29.0072 0x1034  msiserver - ok
23:25:29.0088 0x1034  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:25:29.0150 0x1034  MSKSSRV - ok
23:25:29.0166 0x1034  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:25:29.0213 0x1034  MSPCLOCK - ok
23:25:29.0228 0x1034  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:25:29.0291 0x1034  MSPQM - ok
23:25:29.0322 0x1034  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:25:29.0353 0x1034  MsRPC - ok
23:25:29.0369 0x1034  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:25:29.0384 0x1034  mssmbios - ok
23:25:29.0416 0x1034  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:25:29.0462 0x1034  MSTEE - ok
23:25:29.0478 0x1034  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:25:29.0494 0x1034  Mup - ok
23:25:29.0540 0x1034  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
23:25:29.0650 0x1034  napagent - ok
23:25:29.0681 0x1034  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:25:29.0759 0x1034  NativeWifiP - ok
23:25:29.0806 0x1034  [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:25:29.0884 0x1034  NDIS - ok
23:25:29.0915 0x1034  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:25:29.0977 0x1034  NdisTapi - ok
23:25:29.0993 0x1034  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:25:30.0055 0x1034  Ndisuio - ok
23:25:30.0086 0x1034  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:25:30.0149 0x1034  NdisWan - ok
23:25:30.0164 0x1034  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:25:30.0242 0x1034  NDProxy - ok
23:25:30.0274 0x1034  [ 80B7A96F908DA13617E7E6832C5C6A64, 08B81AFE120B8064B6E001BDF424168305D55F38AE2071300F57C8EA32BEAE56 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:25:30.0336 0x1034  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:25:30.0336 0x1034  Detect skipped due to KSN trusted
23:25:30.0336 0x1034  Net Driver HPZ12 - ok
23:25:30.0383 0x1034  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:25:30.0492 0x1034  NetBIOS - ok
23:25:30.0523 0x1034  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
23:25:30.0632 0x1034  netbt - ok
23:25:30.0664 0x1034  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
23:25:30.0679 0x1034  Netlogon - ok
23:25:30.0726 0x1034  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
23:25:30.0898 0x1034  Netman - ok
23:25:31.0054 0x1034  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:25:31.0085 0x1034  NetMsmqActivator - ok
23:25:31.0085 0x1034  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:25:31.0116 0x1034  NetPipeActivator - ok
23:25:31.0163 0x1034  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
23:25:31.0241 0x1034  netprofm - ok
23:25:31.0256 0x1034  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:25:31.0288 0x1034  NetTcpActivator - ok
23:25:31.0303 0x1034  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:25:31.0334 0x1034  NetTcpPortSharing - ok
23:25:31.0459 0x1034  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
23:25:31.0709 0x1034  NETw3v32 - ok
23:25:31.0896 0x1034  [ 8DE67BD902095A13329FD82C85A1FA09, 7F0B058D0C306A845F7BF14B24B0BDBCE6F152A054331072549F46284E75A367 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
23:25:32.0177 0x1034  NETw5v32 - ok
23:25:32.0239 0x1034  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:25:32.0255 0x1034  nfrd960 - ok
23:25:32.0317 0x1034  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:25:32.0395 0x1034  NlaSvc - ok
23:25:32.0426 0x1034  [ 4A8A2AA0706B659175169DECF198E9D7, AF43D63652AA0545FD790476E3EFA448D0328575D2443D6F9983FFA9E169657F ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
23:25:32.0536 0x1034  nmwcd - ok
23:25:32.0551 0x1034  [ FD3E61831095AC62E6840D986B5A2016, 6BA836A8CFD62C9EF0EADB057CA58509EC97C353288A30DA3C0CEC4542EA8293 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
23:25:32.0598 0x1034  nmwcdc - ok
23:25:32.0629 0x1034  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:25:32.0692 0x1034  Npfs - ok
23:25:32.0707 0x1034  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
23:25:32.0770 0x1034  nsi - ok
23:25:32.0816 0x1034  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:25:32.0848 0x1034  nsiproxy - ok
23:25:32.0926 0x1034  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:25:33.0206 0x1034  Ntfs - ok
23:25:33.0238 0x1034  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
23:25:33.0331 0x1034  ntrigdigi - ok
23:25:33.0362 0x1034  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
23:25:33.0456 0x1034  Null - ok
23:25:33.0487 0x1034  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:25:33.0518 0x1034  nvraid - ok
23:25:33.0534 0x1034  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:25:33.0565 0x1034  nvstor - ok
23:25:33.0596 0x1034  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:25:33.0628 0x1034  nv_agp - ok
23:25:33.0628 0x1034  NwlnkFlt - ok
23:25:33.0643 0x1034  NwlnkFwd - ok
23:25:33.0721 0x1034  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:25:33.0784 0x1034  odserv - ok
23:25:33.0815 0x1034  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
23:25:33.0877 0x1034  ohci1394 - ok
23:25:33.0908 0x1034  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:25:33.0940 0x1034  ose - ok
23:25:34.0002 0x1034  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
23:25:34.0205 0x1034  p2pimsvc - ok
23:25:34.0252 0x1034  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:25:34.0345 0x1034  p2psvc - ok
23:25:34.0392 0x1034  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
23:25:34.0470 0x1034  Parport - ok
23:25:34.0501 0x1034  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:25:34.0517 0x1034  partmgr - ok
23:25:34.0532 0x1034  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
23:25:34.0610 0x1034  Parvdm - ok
23:25:34.0626 0x1034  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:25:34.0673 0x1034  PcaSvc - ok
23:25:34.0704 0x1034  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
23:25:34.0751 0x1034  pccsmcfd - ok
23:25:34.0798 0x1034  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
23:25:34.0813 0x1034  pci - ok
23:25:34.0860 0x1034  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:25:34.0876 0x1034  pciide - ok
23:25:34.0907 0x1034  [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:25:34.0938 0x1034  pcmcia - ok
23:25:34.0985 0x1034  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:25:35.0188 0x1034  PEAUTH - ok
23:25:35.0281 0x1034  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
23:25:35.0671 0x1034  pla - ok
23:25:35.0718 0x1034  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:25:35.0765 0x1034  PlugPlay - ok
23:25:35.0812 0x1034  [ 0C155C5D8942B3CBCF9506A9D376B9AD, 37F4878548DD7063CA31FB21D6955A45C25F648C332A736DA84DEA5AAE7486AF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:25:35.0858 0x1034  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:25:35.0858 0x1034  Detect skipped due to KSN trusted
23:25:35.0858 0x1034  Pml Driver HPZ12 - ok
23:25:35.0890 0x1034  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
23:25:35.0983 0x1034  PNRPAutoReg - ok
23:25:36.0014 0x1034  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
23:25:36.0092 0x1034  PNRPsvc - ok
23:25:36.0139 0x1034  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:25:36.0311 0x1034  PolicyAgent - ok
23:25:36.0358 0x1034  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:25:36.0420 0x1034  PptpMiniport - ok
23:25:36.0436 0x1034  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
23:25:36.0514 0x1034  Processor - ok
23:25:36.0545 0x1034  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:25:36.0607 0x1034  ProfSvc - ok
23:25:36.0623 0x1034  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
23:25:36.0638 0x1034  ProtectedStorage - ok
23:25:36.0685 0x1034  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
23:25:36.0763 0x1034  PSched - ok
23:25:36.0841 0x1034  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:25:36.0935 0x1034  ql2300 - ok
23:25:36.0982 0x1034  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:25:36.0997 0x1034  ql40xx - ok
23:25:37.0028 0x1034  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
23:25:37.0106 0x1034  QWAVE - ok
23:25:37.0122 0x1034  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:25:37.0169 0x1034  QWAVEdrv - ok
23:25:37.0200 0x1034  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:25:37.0247 0x1034  RasAcd - ok
23:25:37.0278 0x1034  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
23:25:37.0340 0x1034  RasAuto - ok
23:25:37.0372 0x1034  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:25:37.0434 0x1034  Rasl2tp - ok
23:25:37.0481 0x1034  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
23:25:37.0528 0x1034  RasMan - ok
23:25:37.0543 0x1034  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:25:37.0574 0x1034  RasPppoe - ok
23:25:37.0606 0x1034  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:25:37.0652 0x1034  RasSstp - ok
23:25:37.0684 0x1034  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:25:37.0762 0x1034  rdbss - ok
23:25:37.0777 0x1034  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:25:37.0840 0x1034  RDPCDD - ok
23:25:37.0886 0x1034  [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
23:25:37.0949 0x1034  rdpdr - ok
23:25:37.0964 0x1034  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:25:38.0058 0x1034  RDPENCDD - ok
23:25:38.0089 0x1034  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:25:38.0183 0x1034  RDPWD - ok
23:25:38.0245 0x1034  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:25:38.0323 0x1034  RemoteAccess - ok
23:25:38.0370 0x1034  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:25:38.0417 0x1034  RemoteRegistry - ok
23:25:38.0432 0x1034  [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:25:38.0495 0x1034  RFCOMM - ok
23:25:38.0573 0x1034  [ 4D05898896EC49CF663DDA61041AB096, 1218A0AD84946F2555773D529F3D55D7B675780EC1E79A634ED0FECF8D5C9C6D ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:25:38.0635 0x1034  RichVideo - ok
23:25:38.0666 0x1034  [ C2EF513BBE069F0D4EE0938A76F975D3, DDF90CDBCF3422BA9A39C5B372E617CE0047EC8D99148795E12204AC75BA7CE2 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
23:25:38.0760 0x1034  rimmptsk - ok
23:25:38.0791 0x1034  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
23:25:38.0963 0x1034  RpcLocator - ok
23:25:39.0010 0x1034  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
23:25:39.0228 0x1034  RpcSs - ok
23:25:39.0259 0x1034  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:25:39.0322 0x1034  rspndr - ok
23:25:39.0353 0x1034  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
23:25:39.0368 0x1034  SamSs - ok
23:25:39.0400 0x1034  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:25:39.0415 0x1034  sbp2port - ok
23:25:39.0446 0x1034  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:25:39.0524 0x1034  SCardSvr - ok
23:25:39.0587 0x1034  [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule        C:\Windows\system32\schedsvc.dll
23:25:39.0743 0x1034  Schedule - ok
23:25:39.0774 0x1034  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:25:39.0805 0x1034  SCPolicySvc - ok
23:25:39.0852 0x1034  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
23:25:39.0899 0x1034  sdbus - ok
23:25:39.0930 0x1034  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:25:40.0055 0x1034  SDRSVC - ok
23:25:40.0086 0x1034  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:25:40.0164 0x1034  secdrv - ok
23:25:40.0211 0x1034  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
23:25:40.0273 0x1034  seclogon - ok
23:25:40.0289 0x1034  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
23:25:40.0336 0x1034  SENS - ok
23:25:40.0367 0x1034  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:25:40.0523 0x1034  Serenum - ok
23:25:40.0554 0x1034  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:25:40.0726 0x1034  Serial - ok
23:25:40.0757 0x1034  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:25:40.0804 0x1034  sermouse - ok
23:25:40.0866 0x1034  [ 77FAA749C34193F003F666D2E368A1F8, FCFBB471754E6FF51CF21C2D72211CD8EAA3685AF56FBE575915492E21DAD517 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23:25:40.0960 0x1034  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
23:25:40.0960 0x1034  Detect skipped due to KSN trusted
23:25:40.0960 0x1034  ServiceLayer - ok
23:25:41.0006 0x1034  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:25:41.0053 0x1034  SessionEnv - ok
23:25:41.0084 0x1034  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
23:25:41.0147 0x1034  sffdisk - ok
23:25:41.0162 0x1034  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:25:41.0225 0x1034  sffp_mmc - ok
23:25:41.0240 0x1034  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
23:25:41.0272 0x1034  sffp_sd - ok
23:25:41.0287 0x1034  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:25:41.0365 0x1034  sfloppy - ok
23:25:41.0412 0x1034  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:25:41.0552 0x1034  SharedAccess - ok
23:25:41.0599 0x1034  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:25:41.0693 0x1034  ShellHWDetection - ok
23:25:41.0708 0x1034  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:25:41.0740 0x1034  sisagp - ok
23:25:41.0771 0x1034  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
23:25:41.0802 0x1034  SiSRaid2 - ok
23:25:41.0833 0x1034  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:25:41.0849 0x1034  SiSRaid4 - ok
23:25:42.0005 0x1034  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
23:25:42.0457 0x1034  slsvc - ok
23:25:42.0504 0x1034  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
23:25:42.0535 0x1034  SLUINotify - ok
23:25:42.0566 0x1034  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:25:42.0629 0x1034  Smb - ok
23:25:42.0676 0x1034  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:25:42.0707 0x1034  SNMPTRAP - ok
23:25:42.0722 0x1034  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:25:42.0754 0x1034  spldr - ok
23:25:42.0769 0x1034  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
23:25:42.0847 0x1034  Spooler - ok
23:25:42.0894 0x1034  [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:25:42.0910 0x1034  SQLWriter - ok
23:25:42.0941 0x1034  [ DC7E6FCD8C51AEF8FF3F2E23C786014A, 02852FC293359BA89155367FA7D3A69922EC2574E5B85C842517272768BE8808 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:25:43.0066 0x1034  srv - ok
23:25:43.0097 0x1034  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:25:43.0175 0x1034  srv2 - ok
23:25:43.0190 0x1034  [ 8AE0783E3EDCED90D4B2961887056A2B, D24168259988576B13EB2A4B2C11622A736174DDF11F6718D9A0DC9837F50EA5 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:25:43.0222 0x1034  srvnet - ok
23:25:43.0268 0x1034  [ 64E44ACD8C238FCBBB78F0BA4BDC4B05, 59D015DD86EA35AC8F667C063AE76FAFA9497F04225D256DF5A37EB1461F15D4 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
23:25:43.0346 0x1034  ssadbus - ok
23:25:43.0362 0x1034  [ BB2C84A15C765DA89FD832B0E73F26CE, BAE3E7726F075340B8CC7BCA18869DFEA304A03B0A0429B4C3D186B1149E9A9A ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
23:25:43.0393 0x1034  ssadmdfl - ok
23:25:43.0424 0x1034  [ 6D0D132DDC6F43EDA00DCED6D8B1CA31, 0A37081D95A56861C3E48592048DFCFAE6FB38510D21AB41C9C73744743E7646 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
23:25:43.0487 0x1034  ssadmdm - ok
23:25:43.0534 0x1034  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:25:43.0627 0x1034  SSDPSRV - ok
23:25:43.0643 0x1034  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:25:43.0705 0x1034  SstpSvc - ok
23:25:43.0736 0x1034  [ E380ED6434563FB690B7A3A4642D171E, E1572DD8A1B6E6DF26970E40A4C80B46B1D0C1F7A8F7CFA3E662D8765E239EB0 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
23:25:43.0768 0x1034  ssudmdm - ok
23:25:43.0814 0x1034  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
23:25:43.0908 0x1034  StillCam - ok
23:25:43.0970 0x1034  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
23:25:44.0173 0x1034  stisvc - ok
23:25:44.0267 0x1034  [ AB80C9DDE1F8D9F9F946365205ED55EB, 47EFCAE1F815CE84105FAEDFA987A039A95AB7C758FB53A8AAA00259B9799D05 ] StkCMini        C:\Windows\system32\Drivers\StkCMini.sys
23:25:44.0423 0x1034  StkCMini - ok
23:25:44.0454 0x1034  [ 45062BF3AEEB2FEBE29A67D0448571DB, D16B93BB3BD32357B5FD3A627266A094747FE63F829FF3A86A0C7C9F54B221A0 ] StkSSrv         C:\Windows\System32\StkCSrv.exe
23:25:44.0470 0x1034  StkSSrv - ok
23:25:44.0485 0x1034  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:25:44.0516 0x1034  swenum - ok
23:25:44.0548 0x1034  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
23:25:44.0657 0x1034  swprv - ok
23:25:44.0657 0x1034  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
23:25:44.0672 0x1034  Symc8xx - ok
23:25:44.0704 0x1034  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
23:25:44.0719 0x1034  Sym_hi - ok
23:25:44.0735 0x1034  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
23:25:44.0750 0x1034  Sym_u3 - ok
23:25:44.0797 0x1034  [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
23:25:44.0813 0x1034  SynTP - ok
23:25:44.0875 0x1034  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
23:25:45.0094 0x1034  SysMain - ok
23:25:45.0109 0x1034  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:25:45.0172 0x1034  TabletInputService - ok
23:25:45.0218 0x1034  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:25:45.0281 0x1034  TapiSrv - ok
23:25:45.0296 0x1034  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
23:25:45.0343 0x1034  TBS - ok
23:25:45.0406 0x1034  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:25:45.0499 0x1034  Tcpip - ok
23:25:45.0530 0x1034  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
23:25:45.0608 0x1034  Tcpip6 - ok
23:25:45.0655 0x1034  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:25:45.0749 0x1034  tcpipreg - ok
23:25:45.0780 0x1034  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:25:45.0842 0x1034  TDPIPE - ok
23:25:45.0874 0x1034  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:25:45.0936 0x1034  TDTCP - ok
23:25:45.0983 0x1034  [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:25:46.0030 0x1034  tdx - ok
23:25:46.0045 0x1034  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:25:46.0076 0x1034  TermDD - ok
23:25:46.0123 0x1034  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
23:25:46.0388 0x1034  TermService - ok
23:25:46.0420 0x1034  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
23:25:46.0451 0x1034  Themes - ok
23:25:46.0466 0x1034  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
23:25:46.0498 0x1034  THREADORDER - ok
23:25:46.0529 0x1034  [ CB258C2F726F1BE73C507022BE33EBB3, 096A6027D3C0D4D09DC4038505FAEA41E5DD9F62782CED648DC14314F138D666 ] TPM             C:\Windows\system32\drivers\tpm.sys
23:25:46.0544 0x1034  TPM - ok
23:25:46.0591 0x1034  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
23:25:46.0638 0x1034  TrkWks - ok
23:25:46.0669 0x1034  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:25:46.0763 0x1034  TrustedInstaller - ok
23:25:46.0888 0x1034  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:25:46.0981 0x1034  tssecsrv - ok
23:25:46.0997 0x1034  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
23:25:47.0044 0x1034  tunmp - ok
23:25:47.0075 0x1034  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:25:47.0122 0x1034  tunnel - ok
23:25:47.0153 0x1034  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:25:47.0168 0x1034  uagp35 - ok
23:25:47.0231 0x1034  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:25:47.0324 0x1034  udfs - ok
23:25:47.0371 0x1034  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:25:47.0434 0x1034  UI0Detect - ok
23:25:47.0465 0x1034  [ 649B7435EC35CBA22AEFE05CB487ED70, C95F9635D7B3BF6C3B73AE81165776F664BDCB47662CDA7692C8B1A42AD27399 ] UimBus          C:\Windows\system32\DRIVERS\UimBus.sys
23:25:47.0496 0x1034  UimBus - ok
23:25:47.0543 0x1034  [ 07139D8740EB7FF9D594BEA2544F61C4, 891A39790F41BE9EDAF11E4888549245E71F66832B331B8F40D3C98046C46A2B ] Uim_IM          C:\Windows\system32\Drivers\Uim_IM.sys
23:25:47.0621 0x1034  Uim_IM - ok
23:25:47.0636 0x1034  [ F6560B3F22662CCE7DBBD1212FEB270B, 4E74C74AD283B7886E1A722B3BD4AE6628CBB19BD881E862EC04D1943397B8DE ] Uim_Vim         C:\Windows\system32\Drivers\Uim_Vim.sys
23:25:47.0699 0x1034  Uim_Vim - ok
23:25:47.0730 0x1034  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:25:47.0761 0x1034  uliagpkx - ok
23:25:47.0777 0x1034  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
23:25:47.0824 0x1034  uliahci - ok
23:25:47.0870 0x1034  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
23:25:47.0886 0x1034  UlSata - ok
23:25:47.0917 0x1034  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
23:25:47.0964 0x1034  ulsata2 - ok
23:25:47.0995 0x1034  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:25:48.0042 0x1034  umbus - ok
23:25:48.0073 0x1034  [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:25:48.0151 0x1034  UmRdpService - ok
23:25:48.0198 0x1034  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
23:25:48.0292 0x1034  upnphost - ok
23:25:48.0338 0x1034  [ 587E643A4E2FFD9A00F114B057CEB773, CEB821A89FAE95D8CFAF468EEDA349B666C3FC13E1D142D5141484D621681197 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
23:25:48.0385 0x1034  upperdev - ok
23:25:48.0416 0x1034  [ 292A25BB75A568AE2C67169BA2C6365A, EE8B50DD446ECDEBC8B27D015FA9DE18F918ABBA8CF277B799D71CC9D79842FC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:25:48.0479 0x1034  usbaudio - ok
23:25:48.0510 0x1034  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:25:48.0572 0x1034  usbccgp - ok
23:25:48.0604 0x1034  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:25:48.0666 0x1034  usbcir - ok
23:25:48.0713 0x1034  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:25:48.0744 0x1034  usbehci - ok
23:25:48.0760 0x1034  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:25:48.0822 0x1034  usbhub - ok
23:25:48.0838 0x1034  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:25:48.0900 0x1034  usbohci - ok
23:25:48.0931 0x1034  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:25:48.0994 0x1034  usbprint - ok
23:25:49.0040 0x1034  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:25:49.0087 0x1034  usbscan - ok
23:25:49.0103 0x1034  [ FCA6A196D47CB972A0E4ADC0DB9CD17C, 31EF8E3839C3EB9404B72ABE777060B831AFAFAD51E10ADEB72E41DCC4FE8D47 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
23:25:49.0165 0x1034  UsbserFilt - ok
23:25:49.0212 0x1034  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:25:49.0274 0x1034  USBSTOR - ok
23:25:49.0306 0x1034  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:25:49.0352 0x1034  usbuhci - ok
23:25:49.0384 0x1034  [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:25:49.0462 0x1034  usbvideo - ok
23:25:49.0493 0x1034  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
23:25:49.0555 0x1034  UxSms - ok
23:25:49.0586 0x1034  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
23:25:49.0711 0x1034  vds - ok
23:25:49.0727 0x1034  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:25:49.0789 0x1034  vga - ok
23:25:49.0820 0x1034  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:25:49.0867 0x1034  VgaSave - ok
23:25:49.0898 0x1034  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:25:49.0914 0x1034  viaagp - ok
23:25:49.0930 0x1034  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
23:25:49.0976 0x1034  ViaC7 - ok
23:25:49.0992 0x1034  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
23:25:50.0008 0x1034  viaide - ok
23:25:50.0039 0x1034  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:25:50.0054 0x1034  volmgr - ok
23:25:50.0086 0x1034  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:25:50.0148 0x1034  volmgrx - ok
23:25:50.0179 0x1034  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:25:50.0210 0x1034  volsnap - ok
23:25:50.0242 0x1034  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:25:50.0273 0x1034  vsmraid - ok
23:25:50.0335 0x1034  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
23:25:50.0538 0x1034  VSS - ok
23:25:50.0569 0x1034  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
23:25:50.0647 0x1034  W32Time - ok
23:25:50.0663 0x1034  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:25:50.0725 0x1034  WacomPen - ok
23:25:50.0756 0x1034  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
23:25:50.0788 0x1034  Wanarp - ok
23:25:50.0788 0x1034  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:25:50.0819 0x1034  Wanarpv6 - ok
23:25:50.0881 0x1034  [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] wbengine        C:\Windows\system32\wbengine.exe
23:25:51.0053 0x1034  wbengine - ok
23:25:51.0100 0x1034  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:25:51.0271 0x1034  wcncsvc - ok
23:25:51.0302 0x1034  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:25:51.0349 0x1034  WcsPlugInService - ok
23:25:51.0380 0x1034  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
23:25:51.0412 0x1034  Wd - ok
23:25:51.0474 0x1034  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:25:51.0583 0x1034  Wdf01000 - ok
23:25:51.0599 0x1034  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:25:51.0661 0x1034  WdiServiceHost - ok
23:25:51.0677 0x1034  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:25:51.0708 0x1034  WdiSystemHost - ok
23:25:51.0739 0x1034  [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient       C:\Windows\System32\webclnt.dll
23:25:51.0864 0x1034  WebClient - ok
23:25:51.0926 0x1034  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:25:52.0020 0x1034  Wecsvc - ok
23:25:52.0036 0x1034  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:25:52.0098 0x1034  wercplsupport - ok
23:25:52.0129 0x1034  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:25:52.0192 0x1034  WerSvc - ok
23:25:52.0270 0x1034  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
23:25:52.0379 0x1034  WinDefend - ok
23:25:52.0379 0x1034  WinHttpAutoProxySvc - ok
23:25:52.0426 0x1034  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:25:52.0488 0x1034  Winmgmt - ok
23:25:52.0550 0x1034  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:25:52.0706 0x1034  WinRM - ok
23:25:52.0753 0x1034  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
23:25:52.0816 0x1034  WinUSB - ok
23:25:52.0847 0x1034  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:25:53.0034 0x1034  Wlansvc - ok
23:25:53.0174 0x1034  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:25:53.0299 0x1034  wlidsvc - ok
23:25:53.0330 0x1034  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:25:53.0362 0x1034  WmiAcpi - ok
23:25:53.0393 0x1034  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:25:53.0455 0x1034  wmiApSrv - ok
23:25:53.0533 0x1034  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
23:25:53.0689 0x1034  WMPNetworkSvc - ok
23:25:53.0720 0x1034  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:25:53.0798 0x1034  WPDBusEnum - ok
23:25:53.0908 0x1034  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:25:54.0001 0x1034  WPFFontCache_v0400 - ok
23:25:54.0032 0x1034  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:25:54.0110 0x1034  ws2ifsl - ok
23:25:54.0142 0x1034  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:25:54.0173 0x1034  wscsvc - ok
23:25:54.0204 0x1034  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
23:25:54.0235 0x1034  WSDPrintDevice - ok
23:25:54.0251 0x1034  WSearch - ok
23:25:54.0344 0x1034  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:25:54.0485 0x1034  wuauserv - ok
23:25:54.0516 0x1034  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:25:54.0563 0x1034  WudfPf - ok
23:25:54.0578 0x1034  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:25:54.0641 0x1034  WUDFRd - ok
23:25:54.0672 0x1034  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:25:54.0719 0x1034  wudfsvc - ok
23:25:54.0750 0x1034  ================ Scan global ===============================
23:25:54.0766 0x1034  [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
23:25:54.0797 0x1034  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:25:54.0828 0x1034  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:25:54.0875 0x1034  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
23:25:54.0875 0x1034  [ Global ] - ok
23:25:54.0875 0x1034  ================ Scan MBR ==================================
23:25:54.0890 0x1034  [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
23:25:55.0327 0x1034  \Device\Harddisk0\DR0 - ok
23:25:55.0327 0x1034  ================ Scan VBR ==================================
23:25:55.0343 0x1034  [ 5B7BA6FEB6BCB68440A694750EC903F4 ] \Device\Harddisk0\DR0\Partition1
23:25:55.0390 0x1034  \Device\Harddisk0\DR0\Partition1 - ok
23:25:55.0405 0x1034  [ DBF17C27622D54BB73B62840BB298E00 ] \Device\Harddisk0\DR0\Partition2
23:25:55.0452 0x1034  \Device\Harddisk0\DR0\Partition2 - ok
23:25:55.0452 0x1034  ================ Scan generic autorun ======================
23:25:55.0530 0x1034  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
23:25:55.0842 0x1034  Windows Defender - ok
23:25:56.0154 0x1034  [ EB57A9927A39EB86194D664E781633B7, 673F5A8D2ACFE11CAA95FBDDB4962445CCFBBBF3547DDFFB820A335F4F6B1D13 ] C:\Windows\RtHDVCpl.exe
23:25:57.0230 0x1034  RtHDVCpl - ok
23:25:57.0324 0x1034  [ A37B2AB33BFF3C6705DC2C016328DD2F, C6F14E81FD9001048B178576FA01A4F77BF3F0A05DE443EB6AAC4982EE763D69 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
23:25:57.0620 0x1034  SynTPEnh - ok
23:25:57.0652 0x1034  [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
23:25:57.0683 0x1034  LanguageShortcut - detected UnsignedFile.Multi.Generic ( 1 )
23:25:57.0683 0x1034  Detect skipped due to KSN trusted
23:25:57.0683 0x1034  LanguageShortcut - ok
23:25:57.0730 0x1034  [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
23:25:57.0761 0x1034  SSBkgdUpdate - ok
23:25:57.0823 0x1034  [ 3983E99D3A28C7EEFFC728643715989D, BEAD92903A780AFB2977DCE3F3CBFCDC9A41AF013FEDA3A3F98B72709A3A472D ] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
23:25:57.0839 0x1034  IndexSearch - ok
23:25:57.0886 0x1034  [ 82C94CB8DF55112D06E05030A91F1C3F, 774F16512B7791FEF6313B892465A7AABCCB2FF0E0494FF831B4D6FFE06765D9 ] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
23:25:57.0932 0x1034  PPort11reminder - ok
23:25:57.0979 0x1034  [ 8148563E8623EB5AC747297FAED928E0, 6278A17785EA8B2A333B556315012866354017F86D6B600EFFD1B9440EAE6749 ] C:\Program Files\Brother\ControlCenter3\brctrcen.exe
23:25:58.0026 0x1034  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
23:25:58.0026 0x1034  Detect skipped due to KSN trusted
23:25:58.0026 0x1034  ControlCenter3 - ok
23:25:58.0088 0x1034  [ 10881D41226100F44DF3BF66F5EA75C6, A2B3B46A085D10F30A2D82186C51BCBC006390EB66E6ECF4B26293FF6506B2A9 ] C:\Program Files\Unitymedia\fshoster32.exe
23:25:58.0120 0x1034  F-Secure Hoster (47796) - ok
23:25:58.0229 0x1034  [ 43AB323DFBD4B854FC19A0B76439F994, C8A8FBA8E4E573413CE139AAB48A65B4FB0BA24AC6DD736F4F8CDE17CB08B0C2 ] C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSM32.EXE
23:25:58.0291 0x1034  F-Secure Manager - ok
23:25:58.0338 0x1034  [ 2C1B1E9174D94E9F6EE3CF373ABAB7DD, 729D283DF70F727824EBCA223D5E5B27D16E3E2B5312B1B34CAE1E763192D7B5 ] C:\Windows\system32\igfxtray.exe
23:25:58.0354 0x1034  IgfxTray - ok
23:25:58.0385 0x1034  [ 87D78CF6365BDDACBE9D34B60FE0E23B, 4561DE7171FD9035FEDF7EEA059859732996A5E72364D0D9F230563A1A6AE3D4 ] C:\Windows\system32\hkcmd.exe
23:25:58.0416 0x1034  HotKeysCmds - ok
23:25:58.0447 0x1034  [ 89D3DE5E2C77DCD99C56F0E46310AEA0, 02E1B2353E5D5F65D7968698AFE079A4DF11C230F6213C07D128F47147BACA29 ] C:\Windows\system32\igfxpers.exe
23:25:58.0463 0x1034  Persistence - ok
23:25:58.0525 0x1034  [ 7E6EFC5383FEF3EF852F2C7D41DEE83F, 552A0A158CBEFEA6B2FC969F5E9481C6D688A0D3FEE1C2F1F3BD8A5A4F32F6F9 ] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
23:25:58.0681 0x1034  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
23:25:58.0681 0x1034  Detect skipped due to KSN trusted
23:25:58.0681 0x1034  BrMfcWnd - ok
23:25:58.0759 0x1034  [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
23:25:58.0837 0x1034  SunJavaUpdateSched - ok
23:25:58.0837 0x1034  Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
23:26:01.0302 0x1034  Object send P2P result: true
23:26:01.0411 0x1034  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:26:01.0598 0x1034  Sidebar - ok
23:26:01.0614 0x1034  WindowsWelcomeCenter - ok
23:26:01.0676 0x1034  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:26:01.0817 0x1034  Sidebar - ok
23:26:01.0817 0x1034  WindowsWelcomeCenter - ok
23:26:01.0848 0x1034  AV detected via SS2: Computer Schutz, C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fsavwsch.exe ( 9.10.15260.0 ), 0x41000 ( enabled : updated )
23:26:01.0864 0x1034  Win FW state via NFP2: enabled ( trusted )
23:26:04.0500 0x1034  ============================================================
23:26:04.0500 0x1034  Scan finished
23:26:04.0500 0x1034  ============================================================
23:26:04.0500 0x17b8  Detected object count: 0
23:26:04.0500 0x17b8  Actual detected object count: 0

Viele Grüße REC

deeprybka · 10.12.2015, 14:14

Hi,

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

REC · 11.12.2015, 07:07

Hallo deeprybka,

zu Schritt 1: ich musste AdwCleaner mehrfach laufen lassen, hier die erste Logdatei AdwCleaner[C1].txt:

Code:

ATTFilter

# AdwCleaner v5.024 - Bericht erstellt am 10/12/2015 um 22:03:25
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Server]
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (x86)
# Benutzername : user - LAPTOP-RE
# Gestartet von : C:\Users\user\Desktop\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\users\user\AppData\LocalLow\HPAppData

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sesmy4vo.default-1442087199076\searchplugins\bing-lavasoft.xml

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt

und hier die zweite Logdatei AdwCleaner[C2].txt:

Code:

ATTFilter

# AdwCleaner v5.024 - Bericht erstellt am 10/12/2015 um 22:33:28
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Lokal]
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (x86)
# Benutzername : user - LAPTOP-RE
# Gestartet von : C:\Users\user\Desktop\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [822 Bytes] ##########

zu Schritt 2: hier die Logdatei zu Malwarebytes Anti-Malware:

Code:

ATTFilter

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/12/10 22:58:16 +0100</date>
<logfile>mbam-log-2015-12-10 (22-58-16).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.0.1024</version>
<malware-database>v2015.09.22.05</malware-database>
<rootkit-database>v2015.09.18.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>LAPTOP-RE</hostname>
<ip></ip>
<osversion>Windows Vista Service Pack 2</osversion>
<arch>x86</arch>
<username>user</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>322806</objects>
<time>1444</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>1</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<file><path>C:\Users\user\Downloads\SoftonicDownloader_fuer_vlc-media-player.exe</path><vendor>PUP.Optional.SofTonic</vendor><action>success</action><hash>08e55dd53d4e1d19b3b764550ff2cd33</hash></file>
</items>
</mbam-log>

zu Schritt 3: hier die Logdatei zu ESET Online Scanner:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3c79759a37d3844cab6ecc2ecabf8189
# end=init
# utc_time=2015-12-10 11:12:17
# local_time=2015-12-11 12:12:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 27143
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3c79759a37d3844cab6ecc2ecabf8189
# end=updated
# utc_time=2015-12-10 11:16:05
# local_time=2015-12-11 12:16:05 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3c79759a37d3844cab6ecc2ecabf8189
# engine=27143
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-11 01:24:21
# local_time=2015-12-11 02:24:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Computer Security'
# compatibility_mode=2308 16777213 100 91 11996 78559793 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 12668227 287329763 0 0
# scanned=195277
# found=6
# cleaned=0
# scan_time=7695
sh=0885FDAAB78F9E3B0330396E09D5C62687E77E46 ft=1 fh=1aee2f2bb04d775a vn="Variante von Win32/Toolbar.MyWebSearch.AI evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\user\Desktop\Alte Firefox-Daten\2lsjs4he.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com\plugins\EXEManager.dll"
sh=7E476CBC20B540F11239EC2A5C617FF221BF52CC ft=1 fh=80c7b6f3be1d69d2 vn="Variante von Win32/Toolbar.MyWebSearch.AI evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\user\Desktop\Alte Firefox-Daten\2lsjs4he.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com\plugins\FF-NativeMessagingDispatcher.dll"
sh=50011C0296AD3EAA8E01F40FAC69764C7D4B9754 ft=1 fh=8353d9c34311742e vn="Variante von Win32/Toolbar.MyWebSearch.AU evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\user\Desktop\Alte Firefox-Daten\2lsjs4he.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com\plugins\Verify.dll"
sh=FFC7CD9DCBEF957BCDCC1981914D87D7375FC20D ft=1 fh=ebd767af7f286e61 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\user\Downloads\Magical Jelly Bean Keyfinder - CHIP-Installer.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\user\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=6CF8A9F031B45F70BE3E66E7ACC7449CDA15FA34 ft=1 fh=2de4b6f517306153 vn="Win32/Toolbar.Widgi evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\user\Downloads\PDFCreator-1_2_3_setup.exe"

Viele Grüße
REC

deeprybka · 11.12.2015, 07:11

Hi,

bitte Malwarebytes-Log posten.

Malwarebytes Anti-Malware Logfile finden - Anleitungen

REC · 11.12.2015, 13:01

Hallo deeprybka,

danke für die schnelle Antwort.
Jetzt müsste es die richtige Datei sein (Malwarebytes-Log als txt):

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 10.12.2015
Suchlaufzeit: 22:58:16
Protokolldatei: Malwarebytes Log.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.09.22.05
Rootkit-Datenbank: v2015.09.18.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: user

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 322806
Abgelaufene Zeit: 24 Min., 4 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.SofTonic, C:\Users\user\Downloads\SoftonicDownloader_fuer_vlc-media-player.exe, In Quarantäne, [08e55dd53d4e1d19b3b764550ff2cd33], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Viele Grüße
REC

deeprybka · 11.12.2015, 17:11

Das sieht schonmal sehr gut aus. Bitte zum Abschluss nochmal frische FRST-Logs:

Schritt 1

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

REC · 11.12.2015, 23:39

Hallo deeprybka,

hier die Logdatei FRST.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:09-12-2015
durchgeführt von user (Administrator) auf LAPTOP-RE (11-12-2015 23:22:15)
Gestartet von C:\Users\user\Desktop
Geladene Profile: user (Verfügbare Profile: user)
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\fshoster32.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSM32.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\FastStone Capture\FSCapture.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy ALS Manager\EasyALSManager.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\fshoster32.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [255528 2007-02-01] (Nuance Communications, Inc.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
HKLM\...\Run: [hpqSRMon] => [X]
HKLM\...\Run: [F-Secure Hoster (47796)] => C:\Program Files\Unitymedia\fshoster32.exe [183864 2012-11-26] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] => C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSM32.EXE [310312 2015-10-13] (F-Secure Corporation)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-12] (Brother Industries, Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: {2ecf8c99-a51a-11e1-bd18-001e101f9843} - F:\AutoRun.exe
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: {7a0846ea-1204-11e2-a85f-001e101fb681} - F:\AutoRun.exe
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: {a9ac5fe6-17f6-11df-98d6-00234eeb401b} - F:\AutoRun.exe
HKU\S-1-5-21-696081317-418671648-604485187-1003\...\MountPoints2: {a9ac5ff8-17f6-11df-98d6-001e101f82a7} - F:\AutoRun.exe
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2010-05-23]
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files\FastStone Capture\FSCapture.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 80.69.100.212 80.69.100.108
Tcpip\..\Interfaces\{7615E728-A4BB-4802-91DD-24EAC9F6B390}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7E810B4B-C31F-4EA9-8E64-6B7882AB9EC6}: [DhcpNameServer] 80.69.100.212 80.69.100.108
Tcpip\..\Interfaces\{B08AD617-97EB-4779-94CB-104957170114}: [DhcpNameServer] 139.7.30.125 139.7.30.126

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp:\\www.samsungcomputer.com
HKU\S-1-5-21-696081317-418671648-604485187-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
HKU\S-1-5-21-696081317-418671648-604485187-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp:\\www.samsungcomputer.com
SearchScopes: HKU\S-1-5-21-696081317-418671648-604485187-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06] (Hewlett-Packard Co.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sesmy4vo.default-1442087199076
FF NewTab: about:home
FF SelectedSearchEngine: Bing®
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sesmy4vo.default-1442087199076\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sesmy4vo.default-1442087199076\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [ist nicht signiert]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 fshoster; C:\Program Files\Unitymedia\fshoster32.exe [183864 2012-11-26] (F-Secure Corporation)
R3 FSMA; C:\Program Files\Unitymedia\apps\ComputerSecurity\Common\FSMA32.EXE [207912 2015-10-13] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files\Unitymedia\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-10] (F-Secure Corporation)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [103744 2008-03-14] (McAfee, Inc.)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [Datei ist nicht signiert]
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [31248 2008-01-16] (Syntek America Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146944 2008-05-30] (AuthenTec, Inc.)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-21] (Microsoft Corporation)
S3 eapihdrv; C:\Users\user\AppData\Local\Temp\ehdrv.sys [135760 2015-12-11] (ESET)
R3 F-Secure Gatekeeper; C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [152104 2015-11-17] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files\Unitymedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys [86600 2015-11-17] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [54968 2015-09-16] ()
R3 fsni; C:\Program Files\Unitymedia\apps\CCF_Scanning\bin\fsni32.sys [77864 2015-11-16] (F-Secure Corporation)
R1 fsvista; C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [12840 2015-10-13] ()
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-10-29] (SAMSUNG ELECTRONICS CO., LTD.)
S1 M9207; C:\Windows\System32\DRIVERS\M9207_543.sys [51072 2006-08-16] (Animation Technologies Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1363088 2008-03-28] (Syntek)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [81232 2012-06-09] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [452432 2012-06-09] (Paragon)
R1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [283344 2012-06-09] (Paragon)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X]
U3 DfSdkS; kein ImagePath
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-11 23:22 - 2015-12-11 23:23 - 00016047 _____ C:\Users\user\Desktop\FRST.txt
2015-12-11 12:54 - 2015-12-11 12:54 - 00001334 _____ C:\Users\user\Desktop\Malwarebytes Log.txt
2015-12-11 00:08 - 2015-12-11 00:08 - 02870984 _____ (ESET) C:\Users\user\Desktop\esetsmartinstaller_deu.exe
2015-12-10 23:27 - 2015-12-10 23:27 - 00001339 _____ C:\Ergebnis Malwarebytes Anti-Malware.txt
2015-12-10 22:54 - 2015-12-10 22:54 - 00000899 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-10 22:54 - 2015-12-10 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-10 22:53 - 2015-12-10 22:54 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-12-10 22:53 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-10 22:53 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-10 22:45 - 2015-12-10 22:45 - 22908888 _____ (Malwarebytes ) C:\Users\user\Desktop\mbam-setup-2.2.0.1024.exe
2015-12-10 22:28 - 2015-12-10 22:28 - 00000000 ____D C:\Users\user\AppData\Local\F-Secure
2015-12-10 21:58 - 2015-12-10 22:33 - 00000000 ____D C:\AdwCleaner
2015-12-10 21:49 - 2015-12-10 21:49 - 01738240 _____ C:\Users\user\Desktop\AdwCleaner_5.024.exe
2015-12-09 23:22 - 2015-12-10 00:44 - 00403490 _____ C:\TDSSKiller.3.1.0.7_09.12.2015_23.22.01_log.txt
2015-12-09 23:15 - 2015-12-09 23:15 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\user\Desktop\tdsskiller.exe
2015-12-09 22:40 - 2015-12-11 12:46 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 22:40 - 2015-12-10 22:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-09 22:40 - 2015-12-09 23:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-09 22:37 - 2015-12-09 23:07 - 00000000 ____D C:\Users\user\Desktop\mbar
2015-12-09 22:37 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 16:06 - 2015-12-11 23:22 - 00000000 ____D C:\FRST
2015-12-09 15:44 - 2015-12-09 15:44 - 01720320 _____ (Farbar) C:\Users\user\Desktop\FRST.exe
2015-12-09 15:16 - 2015-11-06 18:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 15:16 - 2015-11-06 17:32 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-09 15:16 - 2015-11-06 17:32 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-09 15:16 - 2015-11-06 17:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-09 15:16 - 2015-11-06 17:32 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-09 15:16 - 2015-11-06 16:27 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-09 15:16 - 2015-11-06 16:26 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-09 15:16 - 2015-11-06 16:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 15:16 - 2015-11-06 16:20 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 15:16 - 2015-11-06 16:20 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-09 15:16 - 2015-11-06 16:19 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 15:14 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 15:12 - 2015-11-05 08:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 15:11 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 15:11 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 15:09 - 2015-11-05 08:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 14:50 - 2015-11-12 21:39 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 14:50 - 2015-11-12 21:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 14:50 - 2015-11-12 21:34 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 14:50 - 2015-11-12 21:34 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 14:50 - 2015-11-12 21:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 14:50 - 2015-11-12 21:32 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 14:50 - 2015-11-12 21:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 14:50 - 2015-11-12 21:32 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 14:50 - 2015-11-12 21:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 14:50 - 2015-11-12 21:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 14:50 - 2015-11-12 21:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-09 14:50 - 2015-11-12 21:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 14:50 - 2015-11-12 21:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 14:50 - 2015-11-12 21:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-09 14:50 - 2015-11-12 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-09 14:50 - 2015-11-12 21:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 14:50 - 2015-11-12 21:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 14:50 - 2015-11-12 21:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 14:50 - 2015-11-12 21:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 14:50 - 2015-11-12 21:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 14:50 - 2015-11-12 21:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-09 14:49 - 2015-11-12 21:37 - 12389376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-06 20:37 - 2015-12-06 20:37 - 00000000 ____D C:\Users\user\Documents\Cadenzo
2015-12-06 19:24 - 2015-12-06 19:24 - 00000000 ____D C:\Windows\pss
2015-12-01 17:15 - 2015-12-01 17:15 - 00002086 _____ C:\Users\Public\Desktop\SteuerSparErklärung 2016.lnk
2015-12-01 17:15 - 2015-12-01 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016
2015-11-29 19:08 - 2015-11-29 19:08 - 00000000 ____D C:\Program Files\Canon
2015-11-29 19:06 - 2015-11-29 19:06 - 00000000 ____D C:\Users\user\Documents\CanoScan 4400f
2015-11-25 16:14 - 2015-11-25 16:14 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2015-11-25 16:14 - 2015-11-25 16:14 - 00002896 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-11-23 14:45 - 2015-11-23 14:45 - 00000000 ____D C:\Program Files\Common Files\Java
2015-11-23 14:42 - 2015-11-23 14:42 - 00584288 _____ (Oracle Corporation) C:\Users\user\Downloads\jre-8u66-windows-i586-iftw.exe
2015-11-18 18:32 - 2009-04-08 14:29 - 00001886 _____ C:\Users\user\Desktop\PaperPort.lnk
2015-11-11 23:13 - 2015-10-13 15:31 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 23:13 - 2015-10-13 15:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 23:12 - 2015-10-17 17:01 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 23:10 - 2015-10-14 21:22 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 23:10 - 2015-10-14 17:01 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-11 23:10 - 2015-10-14 17:01 - 03554752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 23:05 - 2015-10-10 17:02 - 00526272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 23:01 - 2015-09-26 17:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 23:01 - 2015-09-26 17:04 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 23:01 - 2015-09-26 14:21 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-11-11 23:01 - 2015-09-22 14:11 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-11 22:41 - 2013-02-09 11:43 - 00000312 _____ C:\Windows\Tasks\GlaryInitialize.job
2015-12-11 22:41 - 2009-03-10 10:11 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-12-11 22:41 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-11 22:41 - 2006-11-02 13:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-11 22:41 - 2006-11-02 13:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-11 14:53 - 2008-10-29 17:37 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-12-11 14:53 - 2006-11-02 14:01 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-11 12:18 - 2013-06-14 20:11 - 00000618 _____ C:\Windows\Tasks\Scheduled scanning task.job
2015-12-10 23:47 - 2006-11-02 12:18 - 00000000 ____D C:\Windows
2015-12-10 23:46 - 2008-10-29 01:44 - 00000000 ____D C:\Windows\Options
2015-12-10 22:33 - 2014-06-13 14:32 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-09 22:25 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-12-09 22:03 - 2006-11-02 13:47 - 00400960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 22:00 - 2009-03-16 18:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 18:13 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-12-09 18:13 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2015-12-09 15:22 - 2008-10-29 02:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 15:21 - 2010-06-05 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 15:07 - 2013-07-15 18:27 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 15:02 - 2006-11-02 11:24 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-12-09 11:57 - 2009-03-16 16:58 - 00002735 _____ C:\Users\user\Desktop\Microsoft Office Outlook 2007.lnk
2015-12-08 15:12 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2015-12-01 17:14 - 2011-04-09 13:57 - 00000000 ____D C:\Program Files\Akademische Arbeitsgemeinschaft
2015-12-01 14:33 - 2013-02-05 23:45 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2015-11-29 21:55 - 2008-10-28 12:19 - 00718230 _____ C:\Windows\system32\perfh007.dat
2015-11-29 21:55 - 2008-10-28 12:19 - 00165860 _____ C:\Windows\system32\perfc007.dat
2015-11-29 21:55 - 2006-11-02 11:33 - 01687090 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-25 16:21 - 2013-02-12 17:47 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2015-11-23 14:56 - 2014-01-17 13:56 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 14:45 - 2015-08-28 21:55 - 00000000 ____D C:\Users\user\.oracle_jre_usage
2015-11-23 14:44 - 2015-02-07 16:32 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-11-23 14:44 - 2014-10-21 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-23 14:43 - 2014-01-17 13:50 - 00000000 ____D C:\Program Files\Java
2015-11-13 10:05 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-13 10:05 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-11-11 23:15 - 2009-03-16 16:04 - 00000039 _____ C:\Windows\vbaddin.ini
2015-11-11 18:41 - 2014-08-25 10:58 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2015-11-11 18:39 - 2015-02-07 16:25 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-11 18:39 - 2015-02-07 16:25 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2009-03-19 18:43 - 2009-03-19 18:43 - 0024206 _____ () C:\Users\user\AppData\Roaming\UserTile.png
2009-03-21 22:51 - 2015-11-09 15:43 - 0006656 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-30 23:31 - 2011-11-30 23:31 - 0000092 _____ () C:\Users\user\AppData\Local\fusioncache.dat
2010-05-13 11:23 - 2011-10-24 10:14 - 0023552 _____ () C:\Users\user\AppData\Local\WebpageIcons.db
2010-05-13 09:19 - 2010-06-15 11:04 - 0002497 _____ () C:\ProgramData\hpzinstall.log
2013-02-06 23:26 - 2013-02-06 23:52 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\user\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-11 23:09

==================== Ende vom FRST.txt ============================

und hier die Logdatei Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:09-12-2015
durchgeführt von user (2015-12-11 23:24:35)
Gestartet von C:\Users\user\Desktop
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) (2009-02-18 09:54:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-696081317-418671648-604485187-500 - Administrator - Disabled)
ASPNET (S-1-5-21-696081317-418671648-604485187-1006 - Limited - Enabled)
Gast (S-1-5-21-696081317-418671648-604485187-501 - Limited - Enabled)
user (S-1-5-21-696081317-418671648-604485187-1003 - Administrator - Enabled) => C:\Users\user

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Computer Schutz (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Schutz (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden
7-PDF Maker Version 1.4.0 (Build 128) (HKLM\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.4.0 (Build 128) - 7-PDF, Germany - Thorsten Hodes)
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
AuthenTec Fingerprint Sensor Minimum Install (HKLM\...\{31A5ED9F-E07B-4F6E-8179-27325BAAC502}) (Version: 7.10.0.1129 - AuthenTec)
BILDmobil (HKLM\...\BILDmobil) (Version: 11.301.08.01.35 - Huawei Technologies Co.,Ltd)
Brother MFL-Pro Suite (HKLM\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.00 - Brother Industries, Ltd.)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-2447-0000-800000000003}) (Version: 8.0.0 - Adobe Systems)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Computer Security 12.71.109.0 (release) (Version: 12.71.109.0 - F-Secure Corporation) Hidden
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CVE-2014-6352 (HKLM\...\{3a9498f9-243d-424b-893a-8da0b0cfad53}.sdb) (Version:  - )
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.2403 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.0.3825 - CyberLink Corp.)
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocMgr (Version: 100.0.201.000 - Hewlett-Packard) Hidden
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DTV (Version: 1.4.37.645 build 1247 - ) Hidden
Easy ALS Manager (HKLM\...\{9615709B-777E-4EF7-ADF6-45131FA64C1E}) (Version: 2.0.0.0 - Samsung)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.7 - Samsung)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Easy Network Manager 4.0 (HKLM\...\InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}) (Version: 4.0.0.13 - Samsung)
Easy Network Manager 4.0 (Version: 4.0.0.13 - Samsung) Hidden
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.1.3 - )
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
FastStone Capture 5.3 (HKLM\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Foto-Mosaik-Edda Standard V5.6.0 (HKLM\...\{BF962E1B-D17A-4713-A100-6531A132D83D}_is1) (Version:  - Steffen Schirmer)
Free Video Editor version 1.4.3.716 (HKLM\...\Free Video Editor_is1) (Version: 1.4.3.716 - DVDVideoSoft Ltd.)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
Fresh Minder 2 (HKLM\...\{8DBBABF7-15C7-4B1A-AE40-E95D3DB8EBCC}) (Version: 2.0.0 - Fresh Minder - Vertrieb)
Fresh Minder 3 (HKLM\...\{F6052C1E-FC7C-4626-B728-C9DAF8DF7F9D}) (Version: 3.0.0 - Fresh Minder - Vertrieb)
F-Secure CCF Reputation (Version: 1.0.25.1877 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.126 (Version: 1.02.126 - F-Secure Corporation) Hidden
Glary Utilities 2.52.0.1698 (HKLM\...\Glary Utilities_is1) (Version: 2.52.0.1698 - Glarysoft Ltd)
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version:  - EFD Software)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP LaserJet Professional CM1410 Series (HKLM\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version:  - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
imagine digital freedom - Samsung (HKLM\...\{8E106A57-A17E-431D-B48F-175E42EB9F74}) (Version: 1.0.2.2 - Samsung Electronics Co. Ltd.,)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: .2406 - CyberLink Corp.)
LightScribe System Software  1.12.37.1 (HKLM\...\{004C5DA2-2051-4D25-94BA-51CF810C91EB}) (Version: 1.12.37.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
McAfee Agent (HKLM\...\{A638557B-1F13-40A0-9627-C892FBCA6960}) (Version: 4.0.0.1180 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-003B-0000-0000-0000000FF1CE}_PRJPROR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project Professional 2007 (HKLM\...\PRJPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM\...\VISPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Web Apps Browser Plugin (HKLM\...\{95140000-1148-0407-0000-0000000FF1CE}) (Version: 14.0.5568.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nokia Connectivity Cable Driver (HKLM\...\{82427977-8776-4087-90CA-9F65174D3C4D}) (Version: 7.1.16.0 - Nokia)
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
Online Safety 2.71.966.47 (Version: 2.71.966.47 - F-Secure Corporation) Hidden
PaperPort Image Printer (HKLM\...\{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Paragon Festplatten Manager™ 2012 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}) (Version: 9.13.1.0 - Nokia)
Play Camera (HKLM\...\InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}) (Version: 2.0.0.13 - Ihr Firmenname)
Play Camera (Version: 2.0.0.13 - Ihr Firmenname) Hidden
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 5.0.3927 - CyberLink Corp.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corp.)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 085120(3.7)_Vista_SSPC - CyberLink Corp.)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5605 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.06 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.54.06 - RICOH)
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.0 - Samsung Electronics Co., LTD)
Samsung Recovery Solution III (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 3.0.0.6 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM\...\{B6C89654-A6A2-477C-873B-724EC1C56407}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 100.0.272.000 - Hewlett-Packard) Hidden
Steuer-Spar-Erklärung 2012 (HKLM\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.02 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung 2013 (HKLM\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.02 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.02.10 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2015 (HKLM\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.20.70 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.20.38 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.2.0 - Synaptics)
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Unitymedia Programme (HKLM\...\F-Secure ServiceEnabler 47796) (Version: 1.71.340.0 - F-Secure Corporation)
Unitymedia Programme (Version: 1.71.340.0 - F-Secure Corporation) Hidden
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-003B-0000-0000-0000000FF1CE}_PRJPROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ULTIMATER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ULTIMATER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ULTIMATER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB2.0 UVC 1.3M WebCam (HKLM\...\USB2.0 UVC 1.3M WebCam) (Version:  - )
USB2.0 UVC WebCam (HKLM\...\{090962E2-4BE8-4A8A-86B0-7A5ED31C1273}) (Version: 6.11.706.012 - D-MAX)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - WIDCOMM, Inc.)
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

20-11-2015 17:00:48 Geplanter Prüfpunkt
27-11-2015 20:50:49 Geplanter Prüfpunkt
29-11-2015 21:05:56 Geplanter Prüfpunkt
01-12-2015 16:34:18 Geplanter Prüfpunkt
01-12-2015 17:12:28 SteuerSparErklärung 2016 wurde installiert.
05-12-2015 19:17:24 Geplanter Prüfpunkt
06-12-2015 20:33:54 Cadenzo-Tutor wird installiert
08-12-2015 18:56:53 Geplanter Prüfpunkt
08-12-2015 22:25:54 Cadenzo-Tutor wird entfernt
09-12-2015 15:01:15 Windows Update
11-12-2015 02:58:25 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09EB5E70-6458-48B8-B899-64967C7985A6} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-08-07] (SAMSUNG Electronics co., LTD.)
Task: {102490C4-169A-49BB-AFA3-F2C72360DBE7} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-10-06] (SAMSUNG Electronics)
Task: {32F03D23-678C-4FB8-A883-7D6AB8DD3EE1} - System32\Tasks\GlaryInitialize => C:\Program Files\Glary Utilities\initialize.exe [2013-01-05] (Glarysoft Ltd)
Task: {4B4638DB-2635-472A-AE34-4DBF9CB0020E} - System32\Tasks\{75087878-6665-4982-8C23-A6EF7C941D49} => pcalua.exe -a "C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver2.exe" -c /M{D1BA1F1C-D88B-405D-953F-D7074B65453D}
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {4DE5753C-568E-4C0D-A3CB-C292BC9FEB80} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-10-08] (Samsung Electronics Co., Ltd.)
Task: {58FDB591-D595-4B76-AB26-246C3C3E4E01} - System32\Tasks\Scheduled scanning task => C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fsav.exe [2015-10-13] (F-Secure Corporation)
Task: {5F6844FF-733F-4FF1-ACFD-BD4DCE8DD6E2} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2008-08-26] (Samsung Electronics Co., Ltd.)
Task: {662ED23E-F45E-4B3E-AF1A-AE0A651D7F85} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {9C311485-CD4B-40E8-8591-F59DC1E35D34} - System32\Tasks\Easy ALS Manager => C:\Program Files\Samsung\Easy ALS Manager\EasyALSManager.exe [2008-05-29] (SAMSUNG Electronics)
Task: {C0503236-2DDD-4553-B59D-2865BEF5FEA3} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~1\UNITYM~1\apps\COMPUT~1\ANTI-V~1\fsav.exeX /HARD /POLICY /SCHED /REPORT C:\PROGRA~1\UNITYM~1\apps\COMPUT~1\ANTI-V~1\report.txt ,C:\PROGRA~1\UNITYM~1\apps\COMPUT~1\ANTI-V~1SYSTEM.Von

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-06-14 19:52 - 2013-06-14 19:52 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
2013-06-14 20:09 - 2015-10-13 09:12 - 00056360 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\FSGUI\fsavures.eng
2013-06-14 20:09 - 2015-10-13 09:12 - 00093224 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\FSGUI\strres.eng
2013-06-14 20:09 - 2015-10-13 09:12 - 00154664 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\FSGUI\flyerres.eng
2007-02-12 20:51 - 2007-02-12 20:51 - 01111552 _____ () C:\Program Files\FastStone Capture\FSCapture.exe
2008-10-29 02:18 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-10-29 02:17 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2008-10-29 02:17 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2013-06-14 20:09 - 2015-10-13 09:12 - 00045608 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2012-11-26 12:49 - 2012-11-26 12:49 - 00216632 _____ () C:\Program Files\Unitymedia\daas2.dll
2005-08-22 15:38 - 2005-08-22 15:38 - 03264512 _____ () C:\Program Files\McAfee\Common Framework\cryptocme2.dll
2008-03-14 04:00 - 2008-03-14 04:00 - 00057344 _____ () C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll
2008-10-29 02:12 - 2006-12-19 14:23 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2013-06-14 20:16 - 2013-06-14 20:16 - 00030888 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2013-06-14 20:10 - 2015-06-09 14:26 - 00175144 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Gemini\fsgem.dll
2013-06-14 20:09 - 2015-11-17 21:28 - 00945192 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2013-06-14 20:10 - 2015-10-14 17:43 - 00212008 _____ () C:\Program Files\Unitymedia\apps\ComputerSecurity\Spam Control\fsas.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-696081317-418671648-604485187-1003\...\ciwi.eu -> hxxp://portal.ciwi.eu
IE trusted site: HKU\S-1-5-21-696081317-418671648-604485187-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-696081317-418671648-604485187-1003\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-696081317-418671648-604485187-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img30.jpg
DNS Servers: 80.69.100.212 - 80.69.100.108
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: DTVRemote => "C:\Program Files\DTV\RemoteControl.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: OmniPass => C:\Program Files\Softex\OmniPass\scureapp.exe
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [{ED395783-3044-423B-B248-8FFE2568DEAF}] => (Allow) C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{D6D79297-277C-470F-BA09-9CE0EAA23963}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{B7543088-B9A5-46E3-A06C-854E9A3E70AF}] => (Allow) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{20321F45-DF90-46F6-8A6A-2D6904AE0050}] => (Allow) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [TCP Query User{94508D2F-FA92-48CB-A5BE-859054103B25}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{9885B74F-CC89-432D-AB01-EC575E90BAEF}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{E8EDA576-B454-4675-A2FD-C5EE1FDA5287}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{6566C1D4-662D-498C-BF29-D463DB818AD1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{64D389F0-FD2E-40A1-93DA-B8F7FFC67A9A}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{84F7A784-7646-4A35-949E-656A675D1814}C:\program files\microsoft office\office12\groove.exe] => (Block) C:\program files\microsoft office\office12\groove.exe
FirewallRules: [UDP Query User{E5146CF5-BA15-4419-9606-7DEDA62494FD}C:\program files\microsoft office\office12\groove.exe] => (Block) C:\program files\microsoft office\office12\groove.exe
FirewallRules: [{EB8D856F-E5D2-4F08-810C-518D939BF8EC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{D5199C6E-ADEE-4B34-9166-2939E64F38EB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C67B4863-43E1-4B7D-978D-97FCDBBA0346}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3FDEC60B-F927-46ED-BF0D-D9CD05AEF3A6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{76E000AB-EAA0-4E36-8905-564FDD127D58}] => (Allow) E:\setup\HPZNUI01.EXE
FirewallRules: [{D5417D88-0C45-4694-8FF4-718B9425181A}] => (Allow) E:\setup\HPZNUI01.EXE
FirewallRules: [{A6A2DC79-EFC7-41B5-BDD9-E5D24D26E006}] => (Allow) LPort=80
FirewallRules: [{944869EE-D166-4C46-90A5-9C566702C8CA}] => (Allow) LPort=80
FirewallRules: [{BA92DCEA-B11C-4C64-9F11-ED33FDE236F4}] => (Allow) LPort=80
FirewallRules: [{F93E874D-AC88-40F7-99A1-9766ADAEC696}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{8CC190BA-9F70-43BB-90DA-835A799D71B1}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{04D470AA-C9AA-4429-8D6A-05BF2C5C0CB7}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{F448507B-FE65-4C66-B25A-7A51D037B3E1}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{2CF57BB6-EC82-4EB7-ACCE-683E1BDDC8E6}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{ABABD3DE-33C9-43BC-9B81-A8FC2F2E7DBF}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{3A5CA28C-786C-4627-998D-BC61DFA97056}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{5413B472-0959-4A20-A5A8-E5A2F84A289D}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{53B6B7DB-64E4-4745-BC40-5B9866CA8276}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{CB04DB18-5F13-4A26-A44B-3A014B5CC8FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8272CC71-6416-4060-8CEF-B7FAE10F35CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8A24CD7D-D1D3-4532-B401-44D3934A5E79}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BC39C3F0-BF27-4021-9D1C-05BAF5032292}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{E37580AD-FF3F-40BB-950C-D8609BD266D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{40326EEE-7C8F-43D2-BA16-77202E9CAFE1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #5
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-6zu4-Adapter #8
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/11/2015 10:42:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 12:20:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 12:00:34 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1  2015-12-11  00:00:33+02:00  LAPTOP-RE  Laptop-RE\user  F-Secure Anti-Virus
 Scanning of \DEVICE\HARDDISKVOLUME2\PROGRAM FILES\MOZILLA FIREFOX\XUL.DLL was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

Error: (12/10/2015 11:48:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2015 10:40:32 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\USER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SESMY4VO.DEFAULT-1442087199076\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2015 10:36:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2015 10:34:10 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\USER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SESMY4VO.DEFAULT-1442087199076\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2015 10:34:10 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\USER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\SESMY4VO.DEFAULT-1442087199076\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/10/2015 10:30:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AdwCleaner_5.024.exe, Version 5.0.2.4 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: f04
Anfangszeit: 01d13391da6e20e0
Zeitpunkt der Beendigung: 31

Error: (12/10/2015 10:25:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AdwCleaner_5.024.exe, Version 5.0.2.4 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 156c
Anfangszeit: 01d1338dfb9d14a0
Zeitpunkt der Beendigung: 16


Systemfehler:
=============
Error: (12/11/2015 10:47:41 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (12/11/2015 10:43:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: HP CUE DeviceDiscovery Service%%2147500037

Error: (12/11/2015 10:43:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (12/11/2015 10:42:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/11/2015 10:42:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (12/11/2015 12:25:22 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (12/11/2015 12:20:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: HP CUE DeviceDiscovery Service%%2147500037

Error: (12/11/2015 12:20:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (12/11/2015 12:20:19 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.100.10 für die Netzwerkkarte mit der Netzwerkadresse 001377B421F4 wurde durch den DHCP-Server 10.131.196.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (12/11/2015 12:20:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058


CodeIntegrity:
===================================
  Date: 2015-12-11 23:24:20.194
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:24:19.242
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:24:18.259
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:24:17.292
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:24:15.919
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:24:14.952
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:24:13.969
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:24:12.955
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:23:19.822
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-12-11 23:23:18.808
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 2007.79 MB
Verfügbarer physikalischer RAM: 715.2 MB
Summe virtueller Speicher: 4252.63 MB
Verfügbarer virtueller Speicher: 2615.97 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:80.1 GB) (Free:11.75 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:55.55 GB) (Free:55.34 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: B16B91D5)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=80.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=55.6 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================

Viele Grüße
REC

deeprybka · 12.12.2015, 13:59

Hi,
keine aktive Malware zu sehen.

Bitte die alten Java-Versionen deinstallieren: alles < Update 66

Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

ESET Smart Security

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

REC · 13.12.2015, 00:04

Hallo deeprybka,

ich komme erst morgen dazu, mich in Ruhe mit Deinem heutigen Beitrag zu beschäftigen.

Aber ich möchte mich schon jetzt von Herzen für deine schnelle und kompetente Hilfe bedanken http://www.trojaner-board.de/images/...nkeschoen.gif.
Danke. Danke. Danke.

Bis morgen und viele Grüße
REC

deeprybka · 13.12.2015, 09:18

Gerne. Machs gut.

REC · 13.12.2015, 17:49

Hallo deeprybka und schrauber,

meinen Dank habe ich gerade im Lob-Bereich http://www.trojaner-board.de/174124-...ml#post1544895 plaziert und übe hier noch eben das Verlinken.

Viele Grüße
REC

deeprybka · 13.12.2015, 17:54

Danke. Alles Gute!

11.12.2015, 07:11	#7
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Verdacht Schadsoftware wegen Öffnen von ZIP-Datei in Spam-Mail (Vista) Hi, bitte Malwarebytes-Log posten. Malwarebytes Anti-Malware Logfile finden - Anleitungen __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

13.12.2015, 09:18	#13
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Verdacht Schadsoftware wegen Öffnen von ZIP-Datei in Spam-Mail (Vista) Gerne. Machs gut. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

13.12.2015, 17:54	#15
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Verdacht Schadsoftware wegen Öffnen von ZIP-Datei in Spam-Mail (Vista) Danke. Alles Gute! __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Verdacht Schadsoftware wegen Öffnen von ZIP-Datei in Spam-Mail (Vista)

Plagegeister aller Art und deren Bekämpfung: Verdacht Schadsoftware wegen Öffnen von ZIP-Datei in Spam-Mail (Vista)