Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.02.2014, 15:00   #1
the_clown
 
Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Standard

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)



Hallo,

folgendes Problem plagt mich seit 6 Uhr morgens:

Starte ich den PC, Windows Vista 32 bit, erscheint der Desktophintergrund, Taskleiste und drei Symbole in der Tray. Dann kommt "Windows Explorer funktioniert nicht mehr" mit dem Hinweis, dass eine Lösung für das Problem gesucht wird, woraufhin die Meldung erscheint "Windows Explorer wird neu gestartet". Dann stürzt er gleich wieder ab, das geht dann 5 - 10 Mal so, woraufhin er den Explorer nicht mehr neu starten will sondern den Desktop anzeigt, ohne dass etwas anklickbar wäre.
In den Taskmanager kommt man jedoch noch rein, beendet ich dort "explorer.exe" manuell, erscheint die Fehlermeldung:

explorer.exe - Fehler in der Anwendung
Die Ausnahme "unkoown software exception" (0x80000003) ist in der Anwendung an der STelle 0x628f96c0 aufgetreten. Klicken Sie auf "OK", um das Programm zu beenden.

WinExplorer stürzt auch ab, wenn ich mich im Abgesicherten Modus einlogge, jedoch nicht, wenn ich in den Abgesicherten Modus mit Eingabeaufforderung gehe. Interessant finde ich, dass WinExplorer nicht abstürzt, wenn ich mich in ein zweites Benutzerkonto einlogge - dieses hat allerdings keine Admin-Rechte.


Versucht habe ich bereits folgendes vergebens:
- in msconfig alle Autostart-Dateien deaktivieren (außer Betriebssystem) und alle Syst
- mit einer Ubuntu Live CD habe ich versucht, die explorer.exe in C:\Windwors mit einer "altne" (?) explorer.exe aus einem Ordner in C:\Windows\...\explorer.exe zu ersetzen
- Sfc scannow Befehl mehrere Male ausgeführt
- Reparaturoptionen mit der Boot-CD
- Letzte Funktionierende Konfiguration
- Systemwiederherstellung auf Dezember oder so (mittlerweile sehe ich im Wiederherstellungsmenü nur 4 Zeitpunkte, bis maximal 21.02.2014 zurück!


Ich habe versucht, über die Eingabeaufforderung und mit Hilfe eines USB Sticks GMER und FRST zum Laufen zu bringen. Für defogger habe ich noch eine Logfile bekommen, Gmer und FRST bleiben aber hängen, während der Scan läuft.

Noch eine Anmerkung: Habe Malwarebytes Anti-Maleware Quick Check drüber laufen lassen. Die explorer.exe, die ich im Windows-Ordner überschrieben habe, hatte ich auf dem Desktop zur Sicherheit mal gespeichert. Dort findet Malwarebytes etwas namens "Heuristics.Reserved.Word.Exploit". Leider lässt sich die log-file nicht speichern, immer dann hängt sich das Programm wie bei den anderen auf!


Tausend Dank für die Hilfe im Voraus!!!

FRST konnte ich nur im abgesicherten Modus mit Eingabeaufforderung ausführen, das Programm blieb ja im Hauptbenutzerkonto genauso wie Malwarebytes hängen.

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:41 on 24/02/2014 (Florian)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2014 02
Ran by Florian (administrator) on FLORIAN-PC on 24-02-2014 14:07:42
Running from J:\
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\cmd.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-12-28] (Kaspersky Lab ZAO)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1939334895-897515761-2617989973-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1939334895-897515761-2617989973-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Florian\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1939334895-897515761-2617989973-1000\...\MountPoints2: {290950d7-1c36-11e2-ba36-00e04d627320} - I:\SETUP.EXE
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x690419F2E449CE01
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Asz.Citavi.IEPicker.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default
FF SelectedSearchEngine: dict.cc
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @spoon.net/Spoon Plugin 3.32 - C:\Program Files\Spoon\3.32.2.12\npMozillaSpoonPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=1.1.11 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: samsung.com/SamsungLinkPCPlugin - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Extension: Nightly Tester Tools - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} [2014-01-03]
FF Extension: InvisibleHand - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2014-01-02]
FF Extension: Dict.cc Translation - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\searchdictcc@roughael.xpi [2014-01-02]
FF Extension: InstantFox - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\searchy@searchy.xpi [2014-01-02]
FF Extension: Google Translator for Firefox - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\translator@zoli.bod.xpi [2014-01-02]
FF Extension: Google Cache Tool - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\{3869b071-0fae-4c75-948a-60d9c56ea02b}.xpi [2014-01-02]
FF Extension: Adblock Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-02]
FF Extension: Greasemonkey - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-01-02]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2013-12-11]
FF HKLM\...\Firefox\Extensions: [tunebite-firefox-surf-and-catch-extension@audials.com] - C:\Program Files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\
FF Extension: Tunebite Firefox Surf and Catch Plugin - C:\Program Files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\ []
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-31]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-31]
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-12-28]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-12-28]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-12-28]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-12-28]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-12-28]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (NapsterLink) - C:\Program Files\Mozilla Firefox\plugins\npstrlnk.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll No File
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (TVU Web Player for FireFox) - C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
CHR Extension: (YouTube) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google-Suche) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-12-28]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-12-28]
CHR Extension: (Modul für das Blockieren gefährlicher Webseiten) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-12-28]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-12-28]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-10-15]
CHR Extension: (ICE Quick Stream) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapljocpedaolbooelchgnkkaplpadgp [2011-10-23]
CHR Extension: (Google Wallet) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Google Mail) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR Extension: (Anti-Banner) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-12-28]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-31]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]

========================== Services (Whitelisted) =================

S2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-12-28] (Kaspersky Lab ZAO)
S2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528624 2009-11-17] (Cisco Systems, Inc.)
S4 gupdate1ca434fb413d182; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-02] (Google Inc.)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
S2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [574536 2013-11-05] (Copyright 2013 SAMSUNG)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [65024 2009-09-30] (tzuk)

==================== Drivers (Whitelisted) ====================

S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2009-11-17] (Cisco Systems, Inc.)
S3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-10-22] (DT Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-12-28] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [595552 2013-12-28] (Kaspersky Lab ZAO)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-12-28] (Kaspersky Lab ZAO)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-12-28] (Kaspersky Lab ZAO)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-07-03] (RapidSolution Software AG)
S3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-07-03] (RapidSolution Software AG)
S3 RT73; C:\Windows\System32\DRIVERS\Dr71WU.sys [489984 2008-01-16] (Ralink Technology, Corp.)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [116736 2009-09-30] (tzuk)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [37920 2010-11-12] (RapidSolution Software AG)
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
S2 adfs; No ImagePath
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2013-12-28] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 14:23 - 2009-04-11 07:27 - 02926592 _____ (Microsoft Corporation) C:\Users\Florian\Desktop\explorer.exe
2014-02-24 14:23 - 2006-11-02 10:45 - 02923520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-02-24 13:58 - 2014-02-24 13:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-24 13:55 - 2014-02-24 14:07 - 00000000 ____D () C:\FRST
2014-02-24 11:14 - 2014-02-24 11:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 21:02 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 21:02 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 21:02 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 21:02 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 21:02 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 21:02 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 21:02 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 21:02 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 21:02 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 21:02 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 21:02 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 21:02 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 20:00 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-21 20:44 - 2014-02-23 19:42 - 00000000 ____D () C:\Program Files\GUM79B1.tmp
2014-02-20 09:47 - 2014-02-20 09:53 - 00000000 ____D () C:\Users\Florian\Desktop\utmp
2014-02-14 12:25 - 2014-02-14 12:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox(74)

==================== One Month Modified Files and Folders =======

2014-02-24 14:07 - 2014-02-24 13:55 - 00000000 ____D () C:\FRST
2014-02-24 14:03 - 2006-11-02 14:01 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-24 14:03 - 2006-11-02 13:47 - 00004080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 14:03 - 2006-11-02 13:47 - 00004080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 14:02 - 2009-10-20 07:33 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-24 14:02 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 14:02 - 2006-11-02 13:52 - 01228371 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 14:00 - 2006-11-02 11:33 - 01453952 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-24 13:58 - 2014-02-24 13:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-24 13:58 - 2012-10-22 17:55 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Dropbox
2014-02-24 13:56 - 2012-10-22 17:59 - 00000000 ___RD () C:\Users\Monika\Dropbox
2014-02-24 13:54 - 2011-12-28 13:58 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-24 13:54 - 2009-10-02 12:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 13:53 - 2010-08-18 14:21 - 00000000 ____D () C:\Program Files\Common Files\Akamai
2014-02-24 13:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-24 13:31 - 2011-11-01 16:32 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Dropbox
2014-02-24 13:30 - 2011-11-01 17:13 - 00000000 ___RD () C:\Users\Florian\Documents\Dropbox
2014-02-24 13:29 - 2011-11-04 18:58 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2014-02-24 12:21 - 2010-03-21 17:13 - 00000000 ____D () C:\Windows\pss
2014-02-24 11:14 - 2014-02-24 11:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-24 10:50 - 2012-10-22 17:57 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-24 10:50 - 2009-10-02 12:12 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 10:45 - 2012-06-17 18:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 09:23 - 2009-10-01 16:25 - 00001356 _____ () C:\Users\Florian\AppData\Local\d3d9caps.dat
2014-02-23 21:22 - 2009-10-01 20:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-23 21:14 - 2013-08-08 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-23 21:05 - 2006-11-02 11:23 - 00000219 _____ () C:\Windows\win.ini
2014-02-23 20:26 - 2012-03-19 20:15 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001UA.job
2014-02-23 20:26 - 2012-03-19 20:15 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001Core.job
2014-02-23 19:46 - 2012-05-12 00:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-23 19:46 - 2011-05-15 23:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-23 19:42 - 2014-02-21 20:44 - 00000000 ____D () C:\Program Files\GUM79B1.tmp
2014-02-23 19:41 - 2010-03-03 01:35 - 00000000 ____D () C:\Users\Monika
2014-02-23 19:41 - 2009-10-01 16:25 - 00000000 ____D () C:\Users\Florian
2014-02-23 19:41 - 2006-11-02 11:22 - 63176704 _____ () C:\Windows\system32\config\software_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 45088768 _____ () C:\Windows\system32\config\components_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 126615552 _____ () C:\Windows\system32\config\system_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-02-23 19:40 - 2011-11-11 14:01 - 00000000 ____D () C:\Users\Florian\AppData\Local\Akamai
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-02-21 20:31 - 2014-01-02 22:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-21 20:31 - 2013-12-11 14:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-21 20:31 - 2012-07-21 14:58 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2014-02-21 20:31 - 2010-12-03 01:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\vlc
2014-02-21 20:31 - 2009-10-01 19:43 - 00000000 ____D () C:\Users\Florian\AppData\Local\MediaMonkey
2014-02-21 10:24 - 2013-12-16 19:19 - 04323291 _____ () C:\Users\Florian\Desktop\IMG_1508.MOV
2014-02-20 09:53 - 2014-02-20 09:47 - 00000000 ____D () C:\Users\Florian\Desktop\utmp
2014-02-20 09:53 - 2011-12-12 23:07 - 00000600 _____ () C:\Users\Florian\PUTTY.RND
2014-02-14 13:20 - 2013-10-01 18:14 - 00000000 ____D () C:\Users\Florian\Desktop\Uni
2014-02-14 12:26 - 2014-02-14 12:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox(74)
2014-02-13 12:22 - 2012-07-21 14:59 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2014-02-10 17:04 - 2009-10-01 18:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-10 16:39 - 2008-12-24 23:33 - 00000000 ____D () C:\Users\Florian\Documents\Meine Scans
2014-02-10 14:15 - 2011-11-01 16:34 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-10 14:09 - 2009-10-01 16:26 - 00101224 _____ () C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 19:49 - 2008-02-23 05:18 - 00000000 ___HD () C:\Users\Florian\Documents\Turbo Lister
2014-02-05 09:58 - 2014-02-23 21:02 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-23 21:02 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-23 21:02 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-23 21:02 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-23 21:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-23 21:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-23 21:02 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-23 21:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:47 - 2014-02-23 21:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-23 21:02 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-23 21:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-23 21:02 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-04 19:09 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Florian\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\K-Lite_Codec_Pack_Basic.exe
C:\Users\Florian\AppData\Local\Temp\ose00000.exe
C:\Users\Florian\AppData\Local\Temp\SamsungAPInstaller_1382458371839.exe
C:\Users\Florian\AppData\Local\Temp\SamsungAPInstaller_1384803161297.exe
C:\Users\Monika\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2014-02-24 14:23] - [2006-11-02 10:45] - 2923520 ____A (Microsoft Corporation) FD8C53FB002217F6F888BCF6F5D7084D

C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-24 14:01

==================== End Of Log ============================
         

Alt 24.02.2014, 15:26   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Standard

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)



Hi,

bitte in das andere Konto einloggen, einen neuen Benutzer mit Adminrechten anlegen. Dort rein und nochmal testen.
__________________

__________________

Alt 24.02.2014, 17:36   #3
the_clown
 
Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Standard

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)



Vielen Dank für die schnelle Antwort!

Ich konnte keinen neuen Benutzer erstellen im anderen Account. Habe aber dann über cmd das Administratorenkonto aktiviert, ich hoffe, dass das auch reicht.
Hier tritt übrigens der Fehler auch nicht auf, sondern anscheinend nur in meinem persönlichen Benutzerkonto!

Hier also die Logfiles:

FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2014 02
Ran by Administrator (administrator) on FLORIAN-PC on 24-02-2014 17:24:02
Running from C:\Users\Administrator\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-12-28] (Kaspersky Lab ZAO)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1939334895-897515761-2617989973-1002\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1939334895-897515761-2617989973-500\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (No File)

==================== Internet (Whitelisted) ====================

BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Asz.Citavi.IEPicker.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225 192.168.0.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-24]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-24]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-24]
CHR Extension: (Google-Suche) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-24]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-02-24]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-02-24]
CHR Extension: (Modul für das Blockieren gefährlicher Webseiten) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-02-24]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-02-24]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-24]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-24]
CHR Extension: (Google Mail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-24]
CHR Extension: (Anti-Banner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-02-24]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-31]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-12-28] (Kaspersky Lab ZAO)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528624 2009-11-17] (Cisco Systems, Inc.)
S4 gupdate1ca434fb413d182; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-02] (Google Inc.)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [574536 2013-11-05] (Copyright 2013 SAMSUNG)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [65024 2009-09-30] (tzuk)

==================== Drivers (Whitelisted) ====================

S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2009-11-17] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-10-22] (DT Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-12-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [595552 2013-12-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-12-28] (Kaspersky Lab ZAO)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-12-28] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-02-24] (Malwarebytes Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-07-03] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-07-03] (RapidSolution Software AG)
R3 RT73; C:\Windows\System32\DRIVERS\Dr71WU.sys [489984 2008-01-16] (Ralink Technology, Corp.)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [116736 2009-09-30] (tzuk)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [37920 2010-11-12] (RapidSolution Software AG)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
S2 adfs; No ImagePath
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2013-12-28] (Kaspersky Lab ZAO)
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 17:24 - 2014-02-24 17:25 - 00013545 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-02-24 17:23 - 2014-02-24 17:23 - 00000488 _____ () C:\Users\Administrator\Desktop\defogger_disable.log
2014-02-24 17:23 - 2014-02-24 17:23 - 00000000 _____ () C:\Users\Administrator\defogger_reenable
2014-02-24 17:21 - 2014-02-24 17:22 - 01144320 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2014-02-24 17:21 - 2014-02-24 17:21 - 00380416 _____ () C:\Users\Administrator\Desktop\Gmer-19357.exe
2014-02-24 17:21 - 2014-02-24 17:21 - 00050477 _____ () C:\Users\Administrator\Desktop\Defogger.exe
2014-02-24 17:19 - 2014-02-24 17:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-02-24 17:18 - 2014-02-24 17:18 - 00101224 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-24 17:17 - 2014-02-24 17:19 - 00001963 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk
2014-02-24 17:17 - 2014-02-24 17:17 - 00000949 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-24 17:17 - 2014-02-24 17:17 - 00000944 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-02-24 17:16 - 2014-02-24 17:16 - 00000915 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-02-24 17:16 - 2014-02-24 17:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-02-24 17:15 - 2014-02-24 17:23 - 00000000 ____D () C:\Users\Administrator
2014-02-24 17:15 - 2014-02-24 17:15 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-02-24 17:15 - 2010-08-22 23:41 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-02-24 17:15 - 2009-10-05 03:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-24 17:15 - 2009-10-05 03:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-24 17:15 - 2009-10-01 22:22 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-02-24 15:41 - 2014-02-24 15:41 - 00000000 _____ () C:\Users\Florian\defogger_reenable
2014-02-24 14:33 - 2014-02-24 14:51 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-24 14:25 - 2014-02-24 14:25 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-24 14:25 - 2014-02-24 14:25 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-02-24 14:25 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-24 14:23 - 2009-04-11 07:27 - 02926592 _____ (Microsoft Corporation) C:\Users\Florian\Desktop\explorer.exe
2014-02-24 14:23 - 2006-11-02 10:45 - 02923520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-02-24 13:58 - 2014-02-24 13:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-24 13:55 - 2014-02-24 15:43 - 00000000 ____D () C:\FRST
2014-02-24 11:14 - 2014-02-24 11:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 21:02 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 21:02 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 21:02 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 21:02 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 21:02 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 21:02 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 21:02 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 21:02 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 21:02 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 21:02 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 21:02 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 21:02 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 20:00 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-21 20:44 - 2014-02-23 19:42 - 00000000 ____D () C:\Program Files\GUM79B1.tmp
2014-02-20 09:47 - 2014-02-20 09:53 - 00000000 ____D () C:\Users\Florian\Desktop\utmp
2014-02-14 12:25 - 2014-02-14 12:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox(74)

==================== One Month Modified Files and Folders =======

2014-02-24 17:25 - 2014-02-24 17:24 - 00013545 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-02-24 17:23 - 2014-02-24 17:23 - 00000488 _____ () C:\Users\Administrator\Desktop\defogger_disable.log
2014-02-24 17:23 - 2014-02-24 17:23 - 00000000 _____ () C:\Users\Administrator\defogger_reenable
2014-02-24 17:23 - 2014-02-24 17:15 - 00000000 ____D () C:\Users\Administrator
2014-02-24 17:22 - 2014-02-24 17:21 - 01144320 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2014-02-24 17:21 - 2014-02-24 17:21 - 00380416 _____ () C:\Users\Administrator\Desktop\Gmer-19357.exe
2014-02-24 17:21 - 2014-02-24 17:21 - 00050477 _____ () C:\Users\Administrator\Desktop\Defogger.exe
2014-02-24 17:21 - 2006-11-02 11:33 - 01453952 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-24 17:20 - 2006-11-02 13:52 - 01268142 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 17:19 - 2014-02-24 17:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-02-24 17:19 - 2014-02-24 17:17 - 00001963 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk
2014-02-24 17:18 - 2014-02-24 17:18 - 00101224 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-24 17:18 - 2011-12-28 13:58 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-24 17:17 - 2014-02-24 17:17 - 00000949 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-24 17:17 - 2014-02-24 17:17 - 00000944 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-02-24 17:17 - 2006-11-02 11:23 - 00000240 _____ () C:\Windows\win.ini
2014-02-24 17:16 - 2014-02-24 17:16 - 00000915 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-02-24 17:16 - 2014-02-24 17:16 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-02-24 17:15 - 2014-02-24 17:15 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-24 17:15 - 2014-02-24 17:15 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-02-24 17:15 - 2010-08-18 14:21 - 00000000 ____D () C:\Program Files\Common Files\Akamai
2014-02-24 17:15 - 2009-10-02 12:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 17:15 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 17:15 - 2006-11-02 13:47 - 00004080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 17:15 - 2006-11-02 13:47 - 00004080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 17:08 - 2009-10-20 07:33 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-24 17:08 - 2006-11-02 14:01 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-24 16:57 - 2012-10-22 17:55 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Dropbox
2014-02-24 16:56 - 2012-10-22 17:59 - 00000000 ___RD () C:\Users\Monika\Dropbox
2014-02-24 15:56 - 2011-11-04 18:58 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2014-02-24 15:49 - 2009-10-02 12:12 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 15:45 - 2012-06-17 18:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 15:43 - 2014-02-24 13:55 - 00000000 ____D () C:\FRST
2014-02-24 15:41 - 2014-02-24 15:41 - 00000000 _____ () C:\Users\Florian\defogger_reenable
2014-02-24 15:41 - 2009-10-01 16:25 - 00000000 ____D () C:\Users\Florian
2014-02-24 14:51 - 2014-02-24 14:33 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-24 14:45 - 2011-11-01 16:32 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Dropbox
2014-02-24 14:26 - 2012-03-19 20:15 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001UA.job
2014-02-24 14:25 - 2014-02-24 14:25 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-24 14:25 - 2014-02-24 14:25 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-02-24 14:14 - 2011-11-01 17:13 - 00000000 ___RD () C:\Users\Florian\Documents\Dropbox
2014-02-24 13:58 - 2014-02-24 13:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-24 13:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-24 12:21 - 2010-03-21 17:13 - 00000000 ____D () C:\Windows\pss
2014-02-24 11:14 - 2014-02-24 11:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-24 10:50 - 2012-10-22 17:57 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-24 09:23 - 2009-10-01 16:25 - 00001356 _____ () C:\Users\Florian\AppData\Local\d3d9caps.dat
2014-02-23 21:22 - 2009-10-01 20:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-23 21:14 - 2013-08-08 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-23 20:26 - 2012-03-19 20:15 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001Core.job
2014-02-23 19:46 - 2012-05-12 00:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-23 19:46 - 2011-05-15 23:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-23 19:42 - 2014-02-21 20:44 - 00000000 ____D () C:\Program Files\GUM79B1.tmp
2014-02-23 19:41 - 2010-03-03 01:35 - 00000000 ____D () C:\Users\Monika
2014-02-23 19:41 - 2006-11-02 11:22 - 63176704 _____ () C:\Windows\system32\config\software_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 45088768 _____ () C:\Windows\system32\config\components_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 126615552 _____ () C:\Windows\system32\config\system_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-02-23 19:40 - 2011-11-11 14:01 - 00000000 ____D () C:\Users\Florian\AppData\Local\Akamai
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-02-21 20:31 - 2014-01-02 22:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-21 20:31 - 2013-12-11 14:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-21 20:31 - 2012-07-21 14:58 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2014-02-21 20:31 - 2010-12-03 01:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\vlc
2014-02-21 20:31 - 2009-10-01 19:43 - 00000000 ____D () C:\Users\Florian\AppData\Local\MediaMonkey
2014-02-21 10:24 - 2013-12-16 19:19 - 04323291 _____ () C:\Users\Florian\Desktop\IMG_1508.MOV
2014-02-20 09:53 - 2014-02-20 09:47 - 00000000 ____D () C:\Users\Florian\Desktop\utmp
2014-02-20 09:53 - 2011-12-12 23:07 - 00000600 _____ () C:\Users\Florian\PUTTY.RND
2014-02-14 13:20 - 2013-10-01 18:14 - 00000000 ____D () C:\Users\Florian\Desktop\Uni
2014-02-14 12:26 - 2014-02-14 12:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox(74)
2014-02-13 12:22 - 2012-07-21 14:59 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2014-02-10 17:04 - 2009-10-01 18:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-10 16:39 - 2008-12-24 23:33 - 00000000 ____D () C:\Users\Florian\Documents\Meine Scans
2014-02-10 14:15 - 2011-11-01 16:34 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-10 14:09 - 2009-10-01 16:26 - 00101224 _____ () C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 19:49 - 2008-02-23 05:18 - 00000000 ___HD () C:\Users\Florian\Documents\Turbo Lister
2014-02-05 09:58 - 2014-02-23 21:02 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-23 21:02 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-23 21:02 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-23 21:02 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-23 21:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-23 21:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-23 21:02 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-23 21:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:47 - 2014-02-23 21:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-23 21:02 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-23 21:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-23 21:02 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-04 19:09 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Florian\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\K-Lite_Codec_Pack_Basic.exe
C:\Users\Florian\AppData\Local\Temp\ose00000.exe
C:\Users\Florian\AppData\Local\Temp\SamsungAPInstaller_1382458371839.exe
C:\Users\Florian\AppData\Local\Temp\SamsungAPInstaller_1384803161297.exe
C:\Users\Monika\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2014-02-24 14:23] - [2006-11-02 10:45] - 2923520 ____A (Microsoft Corporation) FD8C53FB002217F6F888BCF6F5D7084D

C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-24 17:21

==================== End Of Log ============================
         
--- --- ---

--- --- ---




FRST - Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-02-2014 02
Ran by Administrator at 2014-02-24 17:26:02
Running from C:\Users\Administrator\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

AC3Filter (remove only) (HKLM\...\AC3Filter) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
AdobeColorCommonSetRGB (Version: 2.0 - Adobe Systems Incorporated) Hidden
Advanced PDF Password Recovery (HKLM\...\{6A2B148A-5D96-40D2-8450-692713BB7457}) (Version: 5.05.97.1109 - Elcomsoft Co. Ltd.)
AirPlus XtremeG DWL-G122 (HKLM\...\{2B7E4354-0492-460A-BDB1-1F59EE141025}) (Version: 1.0.30 - D-Link)
Akamai NetSession Interface Service (HKLM\...\Akamai) (Version:  - )
AllShare Framework DMS (HKLM\...\{FFCA6A43-2111-4DD0-9A26-D81F7DD20960}) (Version: 1.3.21 - Samsung)
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Audials (HKLM\...\{6A419FA3-4550-4F2E-AFEB-6B4AD5E281AA}) (Version: 9.1.28500.0 - RapidSolution Software AG)
Audials (HKLM\...\{E7D93321-D301-46D1-A56A-2AD87A281CD8}) (Version: 8.0.26909.900 - RapidSolution Software AG)
Audials TV (HKLM\...\{24EE4523-711A-4BD1-95EA-F73A8A6950D3}) (Version: 1.3.10803.300 - RapidSolution Software AG)
AudibleManager (HKLM\...\AudibleManager) (Version: 36040267.-2.2003529766.2003528780 - Audible, Inc.)
Audiograbber 1.83 SE  (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{9A50DD86-B02B-4264-8D7A-10F8A25FC043}) (Version: 0.7.37 - Kovid Goyal)
Cisco Systems VPN Client 5.0.06.0160 (HKLM\...\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}) (Version: 5.0.6 - Cisco Systems, Inc.)
Citavi 2.5 (HKLM\...\Citavi) (Version: 2.5.2.0 - Academic Software Zurich)
Corel WinDVD 2010 (HKLM\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.536 - Corel Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.0.0.86 - DivX, Inc. )
DocProc (Version: 9.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM\...\ElsterFormular 13.0.0.8086p) (Version: 13.0.0.8086p - Landesfinanzdirektion Thüringen)
EndNote X4 (HKLM\...\{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}) (Version: 14.0.0.4845 - Thomson Reuters)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
HP Deskjet 460 Series Toolbox (HKLM\...\{80B2BC9F-0AAC-4D25-9B78-B2C92907081E}) (Version: 1.00.0000 - Ihr Firmenname)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP OCR Software 9.0 (HKLM\...\HPOCR) (Version: 9.0 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Product Assistant (Version: 100.000.001.000 - Hewlett-Packard) Hidden
HP Scanjet G2710 9.0 (HKLM\...\{F4158BB4-98FA-4ad5-A0FE-3913A0714A44}) (Version: 9.0 - HP)
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
hpg2710 (Version: 9.0.0.0 - Ihr Firmenname) Hidden
hpg2710QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation)
HydraIRC (HKLM\...\HydraIRC) (Version: 0.3.165 - Hydra Productions)
ICQ Status Checker 1.7 (HKLM\...\{9E012857-0B5E-40A0-A36A-36751966A79B}_is1) (Version:  - murb.com)
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
IZArc 3.81 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 3.81 Build 1550 - Ivan Zahariev)
Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader (HKLM\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))
Kaspersky Internet Security 2013 (HKLM\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190 - Kaspersky Lab) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
LimeWire 5.3.6 (HKLM\...\LimeWire) (Version: 5.3.6 - Lime Wire, LLC)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaMonkey 3.2 (HKLM\...\MediaMonkey_is1) (Version: 3.2 - Ventis Media Inc.)
Medieval CUE Splitter (HKLM\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
mIRC (HKLM\...\mIRC) (Version: 7.19 - mIRC Co. Ltd.)
MKV Player 2.0.1 (HKLM\...\MKV Player_is1) (Version:  - )
Mozilla Firefox 26.0 (x86 de) (HKLM\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
Mp3tag v2.48 (HKLM\...\Mp3tag) (Version: v2.48 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero BackItUp (Version: 12.5.7000 - Nero AG) Hidden
Nero BackItUp 12 Essentials (HKLM\...\{0E3368AC-FB29-4C5E-938E-FA11C12D035E}) (Version: 12.0.01200 - Nero AG)
Nero BackItUp Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 12.0.4000 - Nero AG)
Nero ControlCenter (Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (Version: 11.0.20900 - Nero AG) Hidden
Nero Prerequisite Installer 2.0 (HKLM\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG)
Nero RescueAgent (Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (Version: 12.0.0001 - Nero AG) Hidden
Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}) (Version: 7.1.27.0 - Nokia)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5721 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PanoStandAlone (Version: 90.0.146.000 - Hewlett-Packard) Hidden
PartyCasino (HKLM\...\PartyCasino) (Version: 11 - PartyGaming)
PartyPoker (HKLM\...\PartyPoker) (Version:  - PartyGaming)
PC Connectivity Solution (HKLM\...\{481C9A00-91AC-4065-870C-BD4E28186E5A}) (Version: 10.5.1.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 3.5.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-XChange Viewer (HKLM\...\{5754AB15-F61B-4B9B-91AA-E286F55CFA8B}) (Version: 2.0.57.0 - Tracker Software Products Ltd.)
PixiePack Codec Pack (HKLM\...\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}) (Version: 1.0.100.0 - None)
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recorder (HKLM\...\ST6UNST #1) (Version:  - )
RssBandit (HKLM\...\{3CBE6C15-21D4-4F88-AB52-72446A6C6429}) (Version: 1.9.1003 - rssbandit.org)
Samsung Link 1.7.0.1311052230 (HKLM\...\8474-7877-9059-0204) (Version: 1.7.0.1311052230 - Copyright 2013 SAMSUNG)
Sandboxie 3.40 (HKLM\...\Sandboxie) (Version:  - )
Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 9.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shareaza 2.5.3.0 (HKLM\...\Shareaza_is1) (Version: 2.5.3.0 - Shareaza Development Team)
SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden
SopCast 3.3.2 (HKLM\...\SopCast) (Version: 3.3.2 - www.sopcast.com)
StreamTorrent 1.0 (HKLM\...\StreamTorrent 1.0) (Version:  - )
SugarSync Manager (HKLM\...\SugarSync) (Version: 1.9.83.104095 - SugarSync, Inc.)
SUPER © Version 2010.bld.37 (Jan 2, 2010) (HKLM\...\SUPER ©) (Version: Version 2010.bld.37 (Jan 2, 2010) - eRightSoft)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Tunebite (HKLM\...\{C72C0263-D19D-49DF-A642-EFD14A4E2F45}) (Version: 6.0.26006.600 - RapidSolution Software AG)
Unlocker 1.8.7 (HKLM\...\Unlocker) (Version: 1.8.7 - Cedrick Collomb)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WebReg (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)

==================== Restore Points  =========================

21-02-2014 19:50:00 Windows Update
22-02-2014 02:00:43 Windows Update
23-02-2014 18:02:09 Geplanter Prüfpunkt
23-02-2014 18:59:19 Windows Update
23-02-2014 20:00:41 Windows Update

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {09178A2F-C484-48D2-97E0-2F26A587FD86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-02] (Google Inc.)
Task: {094A59A7-47D7-4008-8DD9-242D01F2E7D6} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1939334895-897515761-2617989973-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {13908982-ABED-405F-BC22-5A8D6A9892E8} - System32\Tasks\Florian Nero LIVEBackup 12 0 => C:\Program Files\Nero\Nero 12\Nero BackItUp\NBCore.exe [2013-04-07] (Nero AG)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1E46FE23-DE2A-4131-983F-9BA632D8FBC5} - System32\Tasks\Florian 12 0 => C:\Program Files\Nero\Nero 12\Nero BackItUp\NBCore.exe [2013-04-07] (Nero AG)
Task: {2716BF70-2FFB-4C31-B169-2A6A9307947B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1939334895-897515761-2617989973-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {2A8047EF-6264-4D33-928B-837CAD025AEB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1939334895-897515761-2617989973-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {47AA9312-F6EC-48FE-8933-CB89E51F6550} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {5181F310-6ABF-4457-87D0-30D5A2AD00EC} - System32\Tasks\RealCreateProcessScheduledTask16854223S-1-5-21-1939334895-897515761-2617989973-1000 => c:\program files\real\realplayer\update\realsched.exe [2012-10-15] (RealNetworks, Inc.)
Task: {76689902-1D35-4BF0-80DE-03CF2DEC8EDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-02] (Google Inc.)
Task: {874082A9-A041-4463-BA29-AAB8F6A81D5C} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A6B7EDAD-00E3-4CC0-BECB-B64C0C3A7195} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-23] (Adobe Systems Incorporated)
Task: {ABB747DA-ACEE-484C-9A77-EF7B12E624B9} - System32\Tasks\Florian Nero LIVEBackup Merge 12 0 => C:\Program Files\Nero\Nero 12\Nero BackItUp\NBCore.exe [2013-04-07] (Nero AG)
Task: {AE8856E2-A1F8-4F7E-ACF4-09FE93B638C7} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {AF7F9F4B-2F6F-4D71-9F6A-22C7B69005F4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001Core => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {B2B4A467-681B-4418-9B43-CEAD03FB861A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D30E404C-B1EC-41B4-B9A1-9782AC78EEBF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001UA => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {DC17186C-0812-466C-87A3-A2AC9ABBA1B2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1939334895-897515761-2617989973-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2009-10-01] ()
Task: {F6A3CC99-C43C-4EF5-8494-56C667BB4EF3} - System32\Tasks\AdobeAAMUpdater-1.0-Florian-PC-Florian => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001Core.job => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001UA.job => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MTR_test1.job => ?

==================== Loaded Modules (whitelisted) =============

2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-11-17 12:08 - 2009-11-17 12:08 - 00197424 _____ () C:\Windows\system32\vpnapi.dll
2012-03-23 13:25 - 2012-03-23 13:25 - 00087040 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-10-17 04:03 - 2013-11-05 22:30 - 00011264 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2013-10-17 04:05 - 2013-10-17 04:05 - 00541696 _____ () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll
2013-10-17 04:03 - 2013-11-05 22:30 - 00987648 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2013-10-17 04:03 - 2013-11-05 22:30 - 01025024 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-10-11 15:23 - 2013-10-11 15:23 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\JNIInterface.dll
2013-10-11 15:24 - 2013-10-11 15:24 - 00119296 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\ASFAPI.dll
2013-10-11 15:26 - 2013-10-11 15:26 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\MediaDB_Manager.dll
2013-10-01 09:46 - 2013-10-01 09:46 - 00025600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\MediaDB.dll
2013-10-01 09:11 - 2013-10-01 09:11 - 00706560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\ContentDirectoryPresenter.dll
2013-10-11 15:26 - 2013-10-11 15:26 - 00589824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\DMS_Manager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2013-10-17 04:03 - 2013-11-05 22:30 - 00035328 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2009-10-01 17:24 - 2007-06-02 20:41 - 00617472 _____ () C:\Program Files\IZArc\IZArcCM.dll
2008-05-02 05:15 - 2008-05-02 05:15 - 00010240 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:661DFA1C
AlternateDataStreams: C:\Users\Florian\Desktop\IMG_1508.MOV:TOC.WMV
AlternateDataStreams: C:\Users\Florian\Desktop\Jackass.3.5.avi:TOC.WMV

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate1ca434fb413d182 => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk => C:\Windows\pss\VPN Client.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk => C:\Windows\pss\LimeWire On Startup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPWRTOOLBOX => C:\Program Files\HP\HP Deskjet 460 Series\Toolbox\HPWRTBX.exe "-i"
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NapsterShell => C:\Program Files\Napster\napster.exe /systray
MSCONFIG\startupreg: NokiaMServer => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaMusic FastStart => "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
MSCONFIG\startupreg: PDFPrint => C:\Program Files\pdf24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung Link => "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: Spotify => "C:\Users\Florian\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SugarSync => "C:\Program Files\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: {85460959-B1A8-367F-3FC2-384166C53E59} => C:\Users\Florian\AppData\Roaming\Mupolo\meci.exe

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2014 05:10:16 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/24/2014 03:56:05 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Gmer-19357.exe, Version 2.1.19357.0, Zeitstempel 0x52e7ea83, fehlerhaftes Modul Gmer-19357.exe, Version 2.1.19357.0, Zeitstempel 0x52e7ea83, Ausnahmecode 0xc0000005, Fehleroffset 0x00012298,
Prozess-ID 0x9808, Anwendungsstartzeit Gmer-19357.exe0.

Error: (02/24/2014 03:46:47 PM) (Source: Application Hang) (User: )
Description: Programm FRST.exe, Version 3.3.10.2 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 8d9c
Anfangszeit: 01cf316ea993a914
Zeitpunkt der Beendigung: 16

Error: (02/24/2014 03:40:33 PM) (Source: Application Hang) (User: )
Description: Programm mbam.exe, Version 1.75.0.1 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 2070
Anfangszeit: 01cf316777c8f904
Zeitpunkt der Beendigung: 16

Error: (02/24/2014 02:51:04 PM) (Source: Application Hang) (User: )
Description: Programm mbam.exe, Version 1.75.0.1 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 2e38
Anfangszeit: 01cf3164f911ae64
Zeitpunkt der Beendigung: 62

Error: (02/24/2014 02:12:18 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16386, Zeitstempel 0x4549b091, fehlerhaftes Modul QuickTime.qts, Version 7.73.80.64, Zeitstempel 0x50890e53, Ausnahmecode 0x80000003, Fehleroffset 0x001c96c0,
Prozess-ID 0x830, Anwendungsstartzeit Explorer.EXE0.

Error: (02/24/2014 02:12:04 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16386, Zeitstempel 0x4549b091, fehlerhaftes Modul QuickTime.qts, Version 7.73.80.64, Zeitstempel 0x50890e53, Ausnahmecode 0x80000003, Fehleroffset 0x001c96c0,
Prozess-ID 0xfe4, Anwendungsstartzeit Explorer.EXE0.

Error: (02/24/2014 02:11:50 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16386, Zeitstempel 0x4549b091, fehlerhaftes Modul QuickTime.qts, Version 7.73.80.64, Zeitstempel 0x50890e53, Ausnahmecode 0x80000003, Fehleroffset 0x001c96c0,
Prozess-ID 0xb28, Anwendungsstartzeit Explorer.EXE0.

Error: (02/24/2014 01:29:06 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16386, Zeitstempel 0x4549b091, fehlerhaftes Modul QuickTime.qts, Version 7.73.80.64, Zeitstempel 0x50890e53, Ausnahmecode 0x80000003, Fehleroffset 0x001c96c0,
Prozess-ID 0x15e4, Anwendungsstartzeit Explorer.EXE0.

Error: (02/24/2014 01:28:29 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16386, Zeitstempel 0x4549b091, fehlerhaftes Modul QuickTime.qts, Version 7.73.80.64, Zeitstempel 0x50890e53, Ausnahmecode 0x80000003, Fehleroffset 0x001c96c0,
Prozess-ID 0x55c, Anwendungsstartzeit Explorer.EXE0.


System errors:
=============
Error: (02/24/2014 05:23:53 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLO-VAIO",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{DC7FDB4E-6D32-40F0-AECA-123204F0A-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/24/2014 05:22:43 PM) (Source: Service Control Manager) (User: )
Description: 30000NVIDIA Display Driver Service

Error: (02/24/2014 05:22:43 PM) (Source: DCOM) (User: )
Description: 1053NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (02/24/2014 05:16:50 PM) (Source: Service Control Manager) (User: )
Description: adfs%%2

Error: (02/24/2014 05:16:50 PM) (Source: Service Control Manager) (User: )
Description: 30000NVIDIA Display Driver Service

Error: (02/24/2014 05:11:04 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/24/2014 05:11:04 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/24/2014 05:11:04 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/24/2014 05:11:04 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/24/2014 05:11:04 PM) (Source: Service Control Manager) (User: )
Description: AFD
DfsC
KLIF
KLIM6
kltdi
kneps
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6


Microsoft Office Sessions:
=========================
Error: (02/24/2014 05:10:16 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/24/2014 03:56:05 PM) (Source: Application Error)(User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c000000500012298980801cf316ff3df81f4

Error: (02/24/2014 03:46:47 PM) (Source: Application Hang)(User: )
Description: FRST.exe3.3.10.28d9c01cf316ea993a91416

Error: (02/24/2014 03:40:33 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1207001cf316777c8f90416

Error: (02/24/2014 02:51:04 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.12e3801cf3164f911ae6462

Error: (02/24/2014 02:12:18 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.0.6000.163864549b091QuickTime.qts7.73.80.6450890e5380000003001c96c083001cf316208a672f4

Error: (02/24/2014 02:12:04 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.0.6000.163864549b091QuickTime.qts7.73.80.6450890e5380000003001c96c0fe401cf3161fffe52d4

Error: (02/24/2014 02:11:50 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.0.6000.163864549b091QuickTime.qts7.73.80.6450890e5380000003001c96c0b2801cf3161f22222e4

Error: (02/24/2014 01:29:06 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.0.6000.163864549b091QuickTime.qts7.73.80.6450890e5380000003001c96c015e401cf315c003a03a4

Error: (02/24/2014 01:28:29 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.0.6000.163864549b091QuickTime.qts7.73.80.6450890e5380000003001c96c055c01cf315bdf0eece4


CodeIntegrity Errors:
===================================
  Date: 2014-02-24 17:25:06.881
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:06.367
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:05.836
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:05.306
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:04.744
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:04.229
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:03.699
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:03.169
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:02.607
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klmouflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-24 17:25:02.077
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klmouflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 55%
Total physical RAM: 1917.82 MB
Available physical RAM: 850.56 MB
Total Pagefile: 4085.97 MB
Available Pagefile: 2832.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:153.38 GB) (Free:10.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (BOOT) (Fixed) (Total:125.46 GB) (Free:75.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (BACKUP) (Fixed) (Total:97.65 GB) (Free:12.79 GB) NTFS
Drive g: (RECOVER) (Fixed) (Total:9.76 GB) (Free:2.64 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 153 GB) (Disk ID: 60296029)
Partition 1: (Active) - (Size=153 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 226F226E)
Partition 1: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

GMER:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-24 18:29:36
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-4 ExcelStor_Technology_J8160S rev.P22OAB3A 153,39GB
Running: Gmer-19357.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\pwdiyfob.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwAdjustPrivilegesToken [0x97CBF700]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwAlpcConnectPort [0x97C72C1A]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwAlpcCreatePort [0x97C72F62]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwAlpcSendWaitReceivePort [0x97C733A8]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwClose [0x97C5B29C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwConnectPort [0x97C728F4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreateEvent [0x97C5B814]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreateMutant [0x97C5B6FA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreatePort [0x97C72DC6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreateSection [0x97CC2590]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreateSemaphore [0x97C5B934]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreateThread [0x97CC1A24]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreateWaitablePort [0x97C72E94]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwDebugActiveProcess [0x97CC156E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwDeviceIoControlFile [0x97C5B2E0]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwDuplicateObject [0x97CBF842]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwLoadDriver [0x97CBF4AA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwMapViewOfSection [0x97CC2388]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwNotifyChangeKey [0x97C7105C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwOpenEvent [0x97C5B8AA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwOpenMutant [0x97C5B78A]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwOpenProcess [0x97CC1116]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwOpenSection [0x97CC283C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwOpenSemaphore [0x97C5B9CA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwOpenThread [0x97CC1780]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwQueryDirectoryObject [0x97C5BA54]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwQueryObject [0x97C7126A]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwQueueApcThread [0x97CC223C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwReplyPort [0x97C7318C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwReplyWaitReceivePort [0x97C7301A]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwReplyWaitReceivePortEx [0x97C730D0]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwRequestWaitReplyPort [0x97C731FC]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwResumeThread [0x97CC1F66]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwSecureConnectPort [0x97C72A82]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwSetContextThread [0x97CC20C4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwSetInformationToken [0x97C5BAF6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwSetSystemInformation [0x97CBF5B4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwSuspendProcess [0x97CC12B6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwSuspendThread [0x97CC1E0E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwSystemDebugControl [0x97C5BB08]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwTerminateProcess [0x97CC1416]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwTerminateThread [0x97CC1920]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwUnmapViewOfSection [0x97CC29A4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwWriteVirtualMemory [0x97CC26CE]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreateThreadEx [0x97CC1C64]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys   ZwCreateUserProcess [0x97CC16C8]

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!KeSetEvent + 119           886E1764 4 Bytes  [00, F7, CB, 97] {ADD BH, DH; RETF ; XCHG EDI, EAX}
.text           ntkrnlpa.exe!KeSetEvent + 13D           886E1788 8 Bytes  [1A, 2C, C7, 97, 62, 2F, C7, ...]
.text           ntkrnlpa.exe!KeSetEvent + 181           886E17CC 4 Bytes  [A8, 33, C7, 97]
.text           ntkrnlpa.exe!KeSetEvent + 1A9           886E17F4 4 Bytes  [9C, B2, C5, 97] {PUSHF ; MOV DL, 0xc5; XCHG EDI, EAX}
.text           ntkrnlpa.exe!KeSetEvent + 1C1           886E180C 4 Bytes  [F4, 28, C7, 97] {HLT ; SUB BH, AL; XCHG EDI, EAX}
.text           ...                                     

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\tdx \Device\Tcp                 kltdi.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1  NBVol.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2  NBVol.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3  NBVol.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4  NBVol.sys
AttachedDevice  \Driver\tdx \Device\Udp                 kltdi.sys
AttachedDevice  \Driver\tdx \Device\RawIp               kltdi.sys
AttachedDevice  \FileSystem\fastfat \Fat                fltmgr.sys

---- EOF - GMER 2.1 ----
         
__________________

Alt 25.02.2014, 16:19   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Standard

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)



In diesem neu angelegten Adminkonto dann eben jetzt ein neues Konto für dich anlegen, mit ADminrechten. Aus deinem alten Konto-Ordner persönliche Dinge sichern, dann das alte Konto löschen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.02.2014, 18:41   #5
the_clown
 
Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Standard

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)



Nur eine Frage: sollte man nicht herausfinden, woher dieser Fehler kommt? Bei dem AdminKonto fängt der WinExplorer jetzt auch schon an zu spinnen, wenn ich Ordner mit Bildern aufrufe. So fings ursprünglich nämlich auch an...

Da hieß es gestern: Windows Explorer hat einen benutzerdefinierten Haltepunkt gefunden.

Ich will keine Umstände bereiten, aber ich bin mir halt nur nicht sicher ob das Problem jetzt gelöst ist

Danke Dir für die Hilfe!!


Alt 26.02.2014, 13:35   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Standard

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)



Das ist ja was andres. Ich ging davon aus is läuft im neuen Account fehlerfrei


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)

Alt 28.02.2014, 19:19   #7
the_clown
 
Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Standard

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)



Sorry für die verspätete Antwort, ich war leider nicht am Rechner. Dann sehen wir mal weiter:

Malwarebytes Anti-Rootkid

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.02.28.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: FLORIAN-PC [administrator]

28.02.2014 19:37:38
mbar-log-2014-02-28 (19-37-38).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 320216
Time elapsed: 31 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

TDSS Killer:

Code:
ATTFilter
20:11:53.0164 0x5e68  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
20:12:05.0332 0x5e68  ============================================================
20:12:05.0332 0x5e68  Current date / time: 2014/02/28 20:12:05.0332
20:12:05.0332 0x5e68  SystemInfo:
20:12:05.0332 0x5e68  
20:12:05.0332 0x5e68  OS Version: 6.0.6002 ServicePack: 2.0
20:12:05.0332 0x5e68  Product type: Workstation
20:12:05.0332 0x5e68  ComputerName: FLORIAN-PC
20:12:05.0332 0x5e68  UserName: Administrator
20:12:05.0332 0x5e68  Windows directory: C:\Windows
20:12:05.0332 0x5e68  System windows directory: C:\Windows
20:12:05.0332 0x5e68  Processor architecture: Intel x86
20:12:05.0332 0x5e68  Number of processors: 2
20:12:05.0332 0x5e68  Page size: 0x1000
20:12:05.0332 0x5e68  Boot type: Normal boot
20:12:05.0332 0x5e68  ============================================================
20:12:09.0185 0x5e68  KLMD registered as C:\Windows\system32\drivers\66207670.sys
20:12:10.0028 0x5e68  System UUID: {750E89EC-AECD-E3C0-7F38-BCB302D9ED30}
20:12:11.0401 0x5e68  Drive \Device\Harddisk0\DR0 - Size: 0x2658AE0000 (153.39 Gb), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:12:17.0765 0x5e68  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:12:17.0765 0x5e68  ============================================================
20:12:17.0765 0x5e68  \Device\Harddisk0\DR0:
20:12:17.0781 0x5e68  MBR partitions:
20:12:17.0781 0x5e68  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x132C0A77
20:12:17.0781 0x5e68  \Device\Harddisk1\DR1:
20:12:17.0781 0x5e68  MBR partitions:
20:12:17.0781 0x5e68  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFAEC73B
20:12:17.0797 0x5e68  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xFAEC7B9, BlocksNum 0xC34F28D
20:12:17.0812 0x5e68  \Device\Harddisk1\DR1\Partition3: MBR, Type 0xB, StartLBA 0x1BE3BA85, BlocksNum 0x1388AFC
20:12:17.0812 0x5e68  ============================================================
20:12:17.0953 0x5e68  C: <-> \Device\Harddisk0\DR0\Partition1
20:12:17.0984 0x5e68  E: <-> \Device\Harddisk1\DR1\Partition1
20:12:18.0483 0x5e68  F: <-> \Device\Harddisk1\DR1\Partition2
20:12:18.0483 0x5e68  G: <-> \Device\Harddisk1\DR1\Partition3
20:12:19.0029 0x5e68  ============================================================
20:12:19.0029 0x5e68  Initialize success
20:12:19.0029 0x5e68  ============================================================
20:12:46.0516 0x5ee4  ============================================================
20:12:46.0516 0x5ee4  Scan started
20:12:46.0516 0x5ee4  Mode: Manual; SigCheck; TDLFS; 
20:12:46.0516 0x5ee4  ============================================================
20:12:46.0516 0x5ee4  KSN ping started
20:13:00.0338 0x5ee4  KSN ping finished: true
20:13:02.0132 0x5ee4  ================ Scan system memory ========================
20:13:02.0132 0x5ee4  System memory - ok
20:13:02.0132 0x5ee4  ================ Scan services =============================
20:13:02.0740 0x5ee4  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:13:02.0927 0x5ee4  ACPI - ok
20:13:02.0959 0x5ee4  adfs - ok
20:13:03.0115 0x5ee4  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:13:03.0130 0x5ee4  AdobeARMservice - ok
20:13:03.0302 0x5ee4  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:13:03.0317 0x5ee4  AdobeFlashPlayerUpdateSvc - ok
20:13:03.0411 0x5ee4  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:13:03.0489 0x5ee4  adp94xx - ok
20:13:03.0551 0x5ee4  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:13:03.0614 0x5ee4  adpahci - ok
20:13:03.0645 0x5ee4  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:13:03.0723 0x5ee4  adpu160m - ok
20:13:03.0770 0x5ee4  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:13:03.0801 0x5ee4  adpu320 - ok
20:13:03.0848 0x5ee4  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:13:04.0051 0x5ee4  AeLookupSvc - ok
20:13:04.0082 0x5ee4  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
20:13:04.0160 0x5ee4  AFD - ok
20:13:04.0207 0x5ee4  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:13:04.0300 0x5ee4  agp440 - ok
20:13:04.0347 0x5ee4  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:13:04.0378 0x5ee4  aic78xx - ok
20:13:04.0643 0x5ee4  [ BBE9054FDADC8D49D29C5DA4FB84A803, 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF ] Akamai          c:\program files\common files\akamai/netsession_win_8fa3539.dll
20:13:04.0643 0x5ee4  Suspicious file ( Hidden ): c:\program files\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803, sha256: 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF
20:13:04.0659 0x5ee4  Akamai - detected HiddenFile.Multi.Generic ( 1 )
20:13:04.0753 0x5ee4  Akamai ( HiddenFile.Multi.Generic ) - warning
20:13:04.0753 0x5ee4  Force sending object to P2P due to detect: c:\program files\common files\akamai/netsession_win_8fa3539.dll
20:13:08.0715 0x5ee4  Object send P2P result: true
20:13:11.0227 0x5ee4  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
20:13:11.0336 0x5ee4  ALG - ok
20:13:11.0336 0x5ee4  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:13:11.0351 0x5ee4  aliide - ok
20:13:11.0414 0x5ee4  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:13:11.0429 0x5ee4  amdagp - ok
20:13:11.0445 0x5ee4  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:13:11.0461 0x5ee4  amdide - ok
20:13:11.0539 0x5ee4  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:13:11.0788 0x5ee4  AmdK7 - ok
20:13:11.0835 0x5ee4  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:13:11.0897 0x5ee4  AmdK8 - ok
20:13:11.0929 0x5ee4  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
20:13:12.0038 0x5ee4  Appinfo - ok
20:13:12.0131 0x5ee4  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:13:12.0147 0x5ee4  Apple Mobile Device - ok
20:13:12.0194 0x5ee4  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
20:13:12.0225 0x5ee4  arc - ok
20:13:12.0241 0x5ee4  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:13:12.0256 0x5ee4  arcsas - ok
20:13:12.0287 0x5ee4  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:13:12.0350 0x5ee4  AsyncMac - ok
20:13:12.0365 0x5ee4  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
20:13:12.0397 0x5ee4  atapi - ok
20:13:12.0443 0x5ee4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:13:12.0553 0x5ee4  AudioEndpointBuilder - ok
20:13:12.0631 0x5ee4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:13:12.0662 0x5ee4  Audiosrv - ok
20:13:12.0958 0x5ee4  [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP             C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
20:13:13.0036 0x5ee4  AVP - ok
20:13:13.0099 0x5ee4  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:13:13.0192 0x5ee4  Beep - ok
20:13:13.0301 0x5ee4  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
20:13:13.0535 0x5ee4  BFE - ok
20:13:13.0754 0x5ee4  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
20:13:13.0863 0x5ee4  BITS - ok
20:13:13.0879 0x5ee4  blbdrive - ok
20:13:13.0972 0x5ee4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:13:14.0019 0x5ee4  Bonjour Service - ok
20:13:14.0066 0x5ee4  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:13:14.0191 0x5ee4  bowser - ok
20:13:14.0284 0x5ee4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:13:14.0471 0x5ee4  BrFiltLo - ok
20:13:14.0518 0x5ee4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:13:14.0596 0x5ee4  BrFiltUp - ok
20:13:14.0659 0x5ee4  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
20:13:14.0877 0x5ee4  Browser - ok
20:13:14.0939 0x5ee4  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:13:15.0158 0x5ee4  Brserid - ok
20:13:15.0205 0x5ee4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:13:15.0251 0x5ee4  BrSerWdm - ok
20:13:15.0283 0x5ee4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:13:15.0361 0x5ee4  BrUsbMdm - ok
20:13:15.0376 0x5ee4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:13:15.0454 0x5ee4  BrUsbSer - ok
20:13:15.0517 0x5ee4  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:13:15.0610 0x5ee4  BTHMODEM - ok
20:13:15.0641 0x5ee4  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
20:13:15.0704 0x5ee4  BthServ - ok
20:13:15.0891 0x5ee4  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:13:16.0000 0x5ee4  cdfs - ok
20:13:16.0078 0x5ee4  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:13:16.0141 0x5ee4  cdrom - ok
20:13:16.0219 0x5ee4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
20:13:16.0281 0x5ee4  CertPropSvc - ok
20:13:16.0343 0x5ee4  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:13:16.0421 0x5ee4  circlass - ok
20:13:16.0499 0x5ee4  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
20:13:16.0515 0x5ee4  CLFS - ok
20:13:16.0640 0x5ee4  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:13:16.0655 0x5ee4  clr_optimization_v2.0.50727_32 - ok
20:13:16.0765 0x5ee4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:13:16.0952 0x5ee4  clr_optimization_v4.0.30319_32 - ok
20:13:17.0061 0x5ee4  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:13:17.0123 0x5ee4  cmdide - ok
20:13:17.0201 0x5ee4  [ 82B8C91D327CFECF76CB58716F7D4997, 6F06A4BC44B170BB28BF464E9BB5216D39D11CB8D442570B575A741B032EAEE6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:13:17.0248 0x5ee4  Compbatt - ok
20:13:17.0248 0x5ee4  COMSysApp - ok
20:13:17.0373 0x5ee4  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:13:17.0404 0x5ee4  crcdisk - ok
20:13:17.0435 0x5ee4  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:13:17.0529 0x5ee4  Crusoe - ok
20:13:17.0638 0x5ee4  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:13:17.0716 0x5ee4  CryptSvc - ok
20:13:17.0732 0x5ee4  [ B5ECADF7708960F1818C7FA015F4C239, A58BA71B08A9D46EB79EB3DF0858F553A11DE3461E13B6D926E25D21D4CBB2D8 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
20:13:17.0794 0x5ee4  CVirtA - ok
20:13:18.0247 0x5ee4  [ D4A26B0926171DC4F969955D157D1311, 22E954B0E2F0A0D0CAEFBA8BADA5AA8CE4F7AECB64A2AA75A2E031C3E405A1FF ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
20:13:18.0668 0x5ee4  CVPND - ok
20:13:18.0715 0x5ee4  [ C23025AC5AE45A105D63BD6E2408EDD4, 4457628A9DF3DCF3B160D2804198D8664FD76D93ACC2D23B4161D04FE2D37442 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
20:13:18.0746 0x5ee4  CVPNDRVA - detected UnsignedFile.Multi.Generic ( 1 )
20:13:18.0746 0x5ee4  CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
20:13:21.0335 0x5ee4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:13:21.0460 0x5ee4  DcomLaunch - ok
20:13:21.0538 0x5ee4  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:13:21.0616 0x5ee4  DfsC - ok
20:13:21.0835 0x5ee4  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
20:13:22.0505 0x5ee4  DFSR - ok
20:13:22.0568 0x5ee4  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:13:22.0630 0x5ee4  Dhcp - ok
20:13:22.0677 0x5ee4  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
20:13:22.0693 0x5ee4  disk - ok
20:13:22.0802 0x5ee4  [ B5AA5AA5AC327BD7C1AEC0C58F0C1144, 14C147B79786C5DCEC54AF191E8815D871906E30DE90B00C7929F0E6CC025E6A ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
20:13:22.0817 0x5ee4  DNE - ok
20:13:22.0911 0x5ee4  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:13:22.0973 0x5ee4  Dnscache - ok
20:13:23.0036 0x5ee4  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
20:13:23.0098 0x5ee4  dot3svc - ok
20:13:23.0176 0x5ee4  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
20:13:23.0239 0x5ee4  DPS - ok
20:13:23.0317 0x5ee4  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:13:23.0395 0x5ee4  drmkaud - ok
20:13:23.0457 0x5ee4  [ 687AF6BB383885FF6A64071B189A7F3E, 1C751B8DD27F63E88D0223A8434CED7589AC00EC6275938C59D1B954F0354F78 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:13:23.0551 0x5ee4  dtsoftbus01 - ok
20:13:23.0691 0x5ee4  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:13:23.0738 0x5ee4  DXGKrnl - ok
20:13:23.0785 0x5ee4  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:13:23.0878 0x5ee4  E1G60 - ok
20:13:23.0925 0x5ee4  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
20:13:23.0972 0x5ee4  EapHost - ok
20:13:24.0034 0x5ee4  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:13:24.0050 0x5ee4  Ecache - ok
20:13:24.0237 0x5ee4  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:13:24.0393 0x5ee4  ehRecvr - ok
20:13:24.0455 0x5ee4  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
20:13:24.0518 0x5ee4  ehSched - ok
20:13:24.0533 0x5ee4  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
20:13:24.0565 0x5ee4  ehstart - ok
20:13:24.0643 0x5ee4  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:13:24.0689 0x5ee4  elxstor - ok
20:13:24.0783 0x5ee4  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:13:25.0064 0x5ee4  EMDMgmt - ok
20:13:25.0189 0x5ee4  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
20:13:25.0282 0x5ee4  EventSystem - ok
20:13:25.0423 0x5ee4  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:13:25.0469 0x5ee4  exfat - ok
20:13:25.0532 0x5ee4  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:13:25.0579 0x5ee4  fastfat - ok
20:13:25.0610 0x5ee4  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:13:25.0657 0x5ee4  fdc - ok
20:13:25.0719 0x5ee4  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
20:13:25.0750 0x5ee4  fdPHost - ok
20:13:25.0797 0x5ee4  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:13:25.0859 0x5ee4  FDResPub - ok
20:13:25.0906 0x5ee4  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:13:25.0922 0x5ee4  FileInfo - ok
20:13:25.0969 0x5ee4  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:13:26.0015 0x5ee4  Filetrace - ok
20:13:26.0047 0x5ee4  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:13:26.0093 0x5ee4  flpydisk - ok
20:13:26.0125 0x5ee4  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:13:26.0156 0x5ee4  FltMgr - ok
20:13:26.0281 0x5ee4  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
20:13:26.0421 0x5ee4  FontCache - ok
20:13:26.0515 0x5ee4  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:13:26.0530 0x5ee4  FontCache3.0.0.0 - ok
20:13:26.0608 0x5ee4  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:13:26.0655 0x5ee4  Fs_Rec - ok
20:13:26.0702 0x5ee4  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:13:26.0717 0x5ee4  gagp30kx - ok
20:13:26.0795 0x5ee4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:13:26.0811 0x5ee4  GEARAspiWDM - ok
20:13:26.0873 0x5ee4  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
20:13:26.0936 0x5ee4  gpsvc - ok
20:13:26.0998 0x5ee4  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate1ca434fb413d182 C:\Program Files\Google\Update\GoogleUpdate.exe
20:13:27.0029 0x5ee4  gupdate1ca434fb413d182 - ok
20:13:27.0045 0x5ee4  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:13:27.0061 0x5ee4  gupdatem - ok
20:13:27.0092 0x5ee4  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:13:27.0139 0x5ee4  HdAudAddService - ok
20:13:27.0217 0x5ee4  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:13:27.0279 0x5ee4  HDAudBus - ok
20:13:27.0310 0x5ee4  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:13:27.0388 0x5ee4  HidBth - ok
20:13:27.0419 0x5ee4  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:13:27.0560 0x5ee4  HidIr - ok
20:13:27.0607 0x5ee4  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
20:13:27.0638 0x5ee4  hidserv - ok
20:13:27.0653 0x5ee4  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:13:27.0716 0x5ee4  HidUsb - ok
20:13:27.0763 0x5ee4  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:13:27.0841 0x5ee4  hkmsvc - ok
20:13:27.0872 0x5ee4  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:13:27.0887 0x5ee4  HpCISSs - ok
20:13:28.0028 0x5ee4  [ 58D4765AB87347DB835D5693ADF652C1, C82C844C29AC9041BEE7D02FB846AA9BC17D7DF0D8295AE31A485CC44B0CC7D7 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:13:28.0059 0x5ee4  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
20:13:28.0059 0x5ee4  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:13:28.0059 0x5ee4  Force sending object to P2P due to detect: C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:13:34.0408 0x5ee4  Object send P2P result: true
20:13:36.0967 0x5ee4  [ CBD09ED9CF6822177EE85AEA4D8816A2, 369897B4609B3FE55F9A82F19E38116E2E6527E349D48A956607EDED71F664D2 ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:13:37.0029 0x5ee4  HTCAND32 - ok
20:13:37.0076 0x5ee4  [ 52395A94C127C0266D1C0F3CCE8A4345, A5477CD488291C0F31DBF104E67E5FB41D45ADC85ABFD03059FF27BCCF07CFD8 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
20:13:37.0107 0x5ee4  htcnprot - ok
20:13:37.0169 0x5ee4  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:13:37.0294 0x5ee4  HTTP - ok
20:13:37.0388 0x5ee4  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:13:37.0403 0x5ee4  i2omp - ok
20:13:37.0466 0x5ee4  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:13:37.0559 0x5ee4  i8042prt - ok
20:13:37.0606 0x5ee4  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:13:37.0622 0x5ee4  iaStorV - ok
20:13:37.0949 0x5ee4  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:13:38.0059 0x5ee4  idsvc - ok
20:13:38.0074 0x5ee4  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:13:38.0090 0x5ee4  iirsp - ok
20:13:38.0152 0x5ee4  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:13:38.0215 0x5ee4  IKEEXT - ok
20:13:38.0261 0x5ee4  [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:13:38.0293 0x5ee4  intelide - ok
20:13:38.0324 0x5ee4  [ CE44CC04262F28216DD4341E9E36A16F, 2B316C4124DCFEAD7838B3D8FB8DBEC3F3B1EA8EA612AABB05B1275D0B230CCD ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:13:38.0511 0x5ee4  intelppm - ok
20:13:38.0605 0x5ee4  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:13:38.0636 0x5ee4  IPBusEnum - ok
20:13:38.0698 0x5ee4  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:13:38.0792 0x5ee4  IpFilterDriver - ok
20:13:38.0932 0x5ee4  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:13:38.0995 0x5ee4  iphlpsvc - ok
20:13:39.0010 0x5ee4  IpInIp - ok
20:13:39.0088 0x5ee4  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:13:39.0135 0x5ee4  IPMIDRV - ok
20:13:39.0182 0x5ee4  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:13:39.0244 0x5ee4  IPNAT - ok
20:13:39.0353 0x5ee4  [ BC0EA61246F8D940FBC5F652D337D6BD, BF018317631937EED13136608831F526BE34AF7E59FEF4863E3EDD205C02E1A7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:13:39.0431 0x5ee4  iPod Service - ok
20:13:39.0478 0x5ee4  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:13:39.0541 0x5ee4  IRENUM - ok
20:13:39.0603 0x5ee4  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:13:39.0619 0x5ee4  isapnp - ok
20:13:39.0681 0x5ee4  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:13:39.0712 0x5ee4  iScsiPrt - ok
20:13:39.0759 0x5ee4  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:13:39.0775 0x5ee4  iteatapi - ok
20:13:39.0806 0x5ee4  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:13:39.0821 0x5ee4  iteraid - ok
20:13:39.0868 0x5ee4  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:13:39.0915 0x5ee4  kbdclass - ok
20:13:40.0040 0x5ee4  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:13:40.0087 0x5ee4  kbdhid - ok
20:13:40.0133 0x5ee4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
20:13:40.0196 0x5ee4  KeyIso - ok
20:13:40.0243 0x5ee4  [ 871C226234A48C24DFE7478F36C0050C, 657CAB49387E0E40311D4DEC93D9860B2DAC2C05F223698CFA2F9BB50B5F3022 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
20:13:40.0274 0x5ee4  kl1 - ok
20:13:40.0383 0x5ee4  [ 8C547EB6709BF41E0625EFCDF13C63CE, ECD36806745748D110964C8D332D5FED235C5423885A6E33C733568AEC15FD80 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
20:13:40.0445 0x5ee4  KLIF - ok
20:13:40.0492 0x5ee4  [ 039FB019C92A16A54FE527D93B0CFB96, 080897B377511FD2439EB651086390CD72B822E8222C79AB0569FAFAA14BA0AE ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
20:13:40.0508 0x5ee4  KLIM6 - ok
20:13:40.0555 0x5ee4  [ 249A266AF74ADE44AE8424E78D145E09, 2D83543DFD9E3C1060E231D776E1755E2041CFD0245139C2041D560956165C0E ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
20:13:40.0555 0x5ee4  klkbdflt - ok
20:13:40.0601 0x5ee4  [ 035724BA6D5676B76FD3AFB66AB4F1E3, 81B30112B96DD3E7250420EEFF2ACECD424A2BE155E83C44434321CEA7DBE117 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
20:13:40.0648 0x5ee4  klmouflt - ok
20:13:40.0679 0x5ee4  [ 8FD802F86D4AB3FB329B8E51517BFF2A, 321750DC0C664FE5580C855D7B70AC74753DDD881F0C4482A2B4505BB2D88345 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
20:13:40.0695 0x5ee4  kltdi - ok
20:13:40.0726 0x5ee4  [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A, 573681387B27FB2C8DC6612474B9BB8631F6CD3CED29AEBF91992606875724D2 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
20:13:40.0757 0x5ee4  KMWDFILTER - ok
20:13:40.0804 0x5ee4  [ 8F932DF10408BCABA2FCF6163C843F8E, 26BB4E2A2562CF6C687EC9F61C7B3C80992C1D57C47BBAEA8ED2AB6643A91C0E ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
20:13:40.0820 0x5ee4  kneps - ok
20:13:40.0960 0x5ee4  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:13:41.0038 0x5ee4  KSecDD - ok
20:13:41.0116 0x5ee4  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:13:41.0163 0x5ee4  KtmRm - ok
20:13:41.0210 0x5ee4  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:13:41.0257 0x5ee4  LanmanServer - ok
20:13:41.0366 0x5ee4  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:13:41.0444 0x5ee4  LanmanWorkstation - ok
20:13:41.0475 0x5ee4  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:13:41.0537 0x5ee4  lltdio - ok
20:13:41.0943 0x5ee4  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:13:42.0083 0x5ee4  lltdsvc - ok
20:13:42.0286 0x5ee4  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:13:42.0427 0x5ee4  lmhosts - ok
20:13:42.0520 0x5ee4  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:13:42.0536 0x5ee4  LSI_FC - ok
20:13:42.0645 0x5ee4  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:13:42.0661 0x5ee4  LSI_SAS - ok
20:13:42.0707 0x5ee4  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:13:42.0723 0x5ee4  LSI_SCSI - ok
20:13:42.0817 0x5ee4  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:13:42.0895 0x5ee4  luafv - ok
20:13:43.0097 0x5ee4  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:13:43.0097 0x5ee4  MBAMProtector - ok
20:13:43.0519 0x5ee4  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
20:13:43.0550 0x5ee4  MBAMScheduler - ok
20:13:43.0706 0x5ee4  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
20:13:43.0815 0x5ee4  MBAMService - ok
20:13:43.0955 0x5ee4  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:13:43.0987 0x5ee4  Mcx2Svc - ok
20:13:44.0111 0x5ee4  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:13:44.0127 0x5ee4  megasas - ok
20:13:44.0345 0x5ee4  Microsoft SharePoint Workspace Audit Service - ok
20:13:44.0470 0x5ee4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
20:13:44.0548 0x5ee4  MMCSS - ok
20:13:44.0673 0x5ee4  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
20:13:44.0813 0x5ee4  Modem - ok
20:13:44.0876 0x5ee4  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:13:44.0923 0x5ee4  monitor - ok
20:13:44.0969 0x5ee4  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:13:44.0974 0x5ee4  mouclass - ok
20:13:45.0010 0x5ee4  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:13:45.0085 0x5ee4  mouhid - ok
20:13:45.0133 0x5ee4  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:13:45.0158 0x5ee4  MountMgr - ok
20:13:45.0286 0x5ee4  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:13:45.0308 0x5ee4  MozillaMaintenance - ok
20:13:45.0382 0x5ee4  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:13:45.0401 0x5ee4  mpio - ok
20:13:45.0658 0x5ee4  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:13:45.0699 0x5ee4  mpsdrv - ok
20:13:45.0774 0x5ee4  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:13:45.0868 0x5ee4  MpsSvc - ok
20:13:45.0991 0x5ee4  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:13:46.0003 0x5ee4  Mraid35x - ok
20:13:46.0082 0x5ee4  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:13:46.0141 0x5ee4  MRxDAV - ok
20:13:46.0192 0x5ee4  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:13:46.0255 0x5ee4  mrxsmb - ok
20:13:46.0316 0x5ee4  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:13:46.0369 0x5ee4  mrxsmb10 - ok
20:13:46.0401 0x5ee4  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:13:46.0423 0x5ee4  mrxsmb20 - ok
20:13:46.0470 0x5ee4  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:13:46.0484 0x5ee4  msahci - ok
20:13:46.0502 0x5ee4  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:13:46.0518 0x5ee4  msdsm - ok
20:13:46.0559 0x5ee4  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
20:13:46.0612 0x5ee4  MSDTC - ok
20:13:46.0672 0x5ee4  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:13:46.0702 0x5ee4  Msfs - ok
20:13:46.0734 0x5ee4  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:13:46.0751 0x5ee4  msisadrv - ok
20:13:46.0814 0x5ee4  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:13:46.0852 0x5ee4  MSiSCSI - ok
20:13:46.0863 0x5ee4  msiserver - ok
20:13:46.0921 0x5ee4  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:13:47.0020 0x5ee4  MSKSSRV - ok
20:13:47.0079 0x5ee4  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:13:47.0130 0x5ee4  MSPCLOCK - ok
20:13:47.0200 0x5ee4  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:13:47.0245 0x5ee4  MSPQM - ok
20:13:47.0353 0x5ee4  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:13:47.0387 0x5ee4  MsRPC - ok
20:13:47.0418 0x5ee4  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:13:47.0431 0x5ee4  mssmbios - ok
20:13:47.0479 0x5ee4  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:13:47.0520 0x5ee4  MSTEE - ok
20:13:47.0585 0x5ee4  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:13:47.0598 0x5ee4  Mup - ok
20:13:47.0767 0x5ee4  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
20:13:47.0841 0x5ee4  napagent - ok
20:13:47.0967 0x5ee4  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:13:48.0007 0x5ee4  NativeWifiP - ok
20:13:48.0335 0x5ee4  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files\Nero\Update\NASvc.exe
20:13:48.0553 0x5ee4  NAUpdate - ok
20:13:48.0739 0x5ee4  [ A178053A100978162F44E2BBD76BD526, 173DCF3268E818501B9C9ED6400125E4945E7C1BF0DA9D9C3071075C92AA2F5F ] NBVol           C:\Windows\system32\DRIVERS\NBVol.sys
20:13:48.0758 0x5ee4  NBVol - ok
20:13:48.0847 0x5ee4  [ DB41D560DCF0879FB6092CFF0DAA3785, FDC4CE2BA5573A18B9A8DB5654BF11600E59866120A277D7CA920F38F27E8302 ] NBVolUp         C:\Windows\system32\DRIVERS\NBVolUp.sys
20:13:48.0858 0x5ee4  NBVolUp - ok
20:13:49.0183 0x5ee4  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:13:49.0323 0x5ee4  NDIS - ok
20:13:49.0457 0x5ee4  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:13:49.0746 0x5ee4  NdisTapi - ok
20:13:49.0903 0x5ee4  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:13:49.0951 0x5ee4  Ndisuio - ok
20:13:49.0988 0x5ee4  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:13:50.0030 0x5ee4  NdisWan - ok
20:13:50.0079 0x5ee4  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:13:50.0134 0x5ee4  NDProxy - ok
20:13:50.0225 0x5ee4  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:13:50.0280 0x5ee4  NetBIOS - ok
20:13:50.0347 0x5ee4  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:13:50.0401 0x5ee4  netbt - ok
20:13:50.0428 0x5ee4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
20:13:50.0452 0x5ee4  Netlogon - ok
20:13:50.0562 0x5ee4  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
20:13:50.0683 0x5ee4  Netman - ok
20:13:50.0782 0x5ee4  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
20:13:50.0849 0x5ee4  netprofm - ok
20:13:50.0881 0x5ee4  [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:13:50.0896 0x5ee4  NetTcpPortSharing - ok
20:13:50.0944 0x5ee4  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:13:50.0957 0x5ee4  nfrd960 - ok
20:13:51.0025 0x5ee4  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:13:51.0087 0x5ee4  NlaSvc - ok
20:13:51.0128 0x5ee4  [ 28E36E677849174C910FAAEAD3E60E9E, 615BD1DC07A657F388965555C62471E3F687001F2252E0326D684807991EC307 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
20:13:51.0322 0x5ee4  nmwcd - ok
20:13:51.0357 0x5ee4  [ 3823DEB17F9F6775DE0187A98FA0536D, 58E65D1F1ACBCF78AC513B55C545ECFB796BD19C2B04372331F1DA6000EDC8DF ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
20:13:51.0408 0x5ee4  nmwcdc - ok
20:13:51.0457 0x5ee4  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:13:51.0514 0x5ee4  Npfs - ok
20:13:51.0544 0x5ee4  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
20:13:51.0647 0x5ee4  nsi - ok
20:13:51.0712 0x5ee4  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:13:51.0756 0x5ee4  nsiproxy - ok
20:13:52.0009 0x5ee4  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:13:52.0297 0x5ee4  Ntfs - ok
20:13:52.0367 0x5ee4  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:13:52.0421 0x5ee4  ntrigdigi - ok
20:13:52.0493 0x5ee4  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
20:13:52.0542 0x5ee4  Null - ok
20:13:52.0868 0x5ee4  [ D668632606D1CEBF0B6EC64C1DF7ED6F, 3409D6D7318902CAAED5AEEEA4C293BA809017BCCADC538938942380C52B923F ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:13:53.0044 0x5ee4  NVENETFD - ok
20:13:55.0983 0x5ee4  [ 9A77B1C13BCCEDDF78DFD7AFC25B4F5E, 88FA632754A20025F03FE0970C93F572055919F53C8A50E5DB6CF1EF7B00B7FD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:14:03.0428 0x5ee4  nvlddmkm - ok
20:14:03.0471 0x5ee4  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:14:03.0490 0x5ee4  nvraid - ok
20:14:03.0526 0x5ee4  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:14:03.0542 0x5ee4  nvstor - ok
20:14:03.0611 0x5ee4  [ C612FBECB3E1585E21C6EECF09680B54, E68AF033E8F4E4AB0FA8B69C58107C6D38680FAFAACDA6D88DBEE0C2909316A5 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:14:03.0742 0x5ee4  nvsvc - detected UnsignedFile.Multi.Generic ( 1 )
20:14:03.0742 0x5ee4  nvsvc ( UnsignedFile.Multi.Generic ) - warning
20:14:17.0582 0x5ee4  [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:14:17.0767 0x5ee4  nvUpdatusService - ok
20:14:17.0855 0x5ee4  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:14:17.0870 0x5ee4  nv_agp - ok
20:14:17.0878 0x5ee4  NwlnkFlt - ok
20:14:17.0887 0x5ee4  NwlnkFwd - ok
20:14:17.0967 0x5ee4  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:14:18.0017 0x5ee4  ohci1394 - ok
20:14:18.0149 0x5ee4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:14:18.0164 0x5ee4  ose - ok
20:14:18.0581 0x5ee4  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:14:18.0816 0x5ee4  osppsvc - ok
20:14:18.0935 0x5ee4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:14:19.0047 0x5ee4  p2pimsvc - ok
20:14:19.0126 0x5ee4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:14:19.0467 0x5ee4  p2psvc - ok
20:14:19.0573 0x5ee4  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:14:19.0752 0x5ee4  Parport - ok
20:14:19.0829 0x5ee4  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:14:19.0843 0x5ee4  partmgr - ok
20:14:19.0915 0x5ee4  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
20:14:19.0963 0x5ee4  Parvdm - ok
20:14:20.0154 0x5ee4  [ AFADA8B97BE3C9398DC6C770409C3544, 670451D08AD1534D424D7D6B9BD7D2C71F526313FE2DD34B1F277D7CD403F39B ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
20:14:20.0242 0x5ee4  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
20:14:20.0242 0x5ee4  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:14:20.0242 0x5ee4  Force sending object to P2P due to detect: C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
20:14:28.0935 0x5ee4  Object send P2P result: true
20:14:31.0392 0x5ee4  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:14:31.0448 0x5ee4  PcaSvc - ok
20:14:31.0495 0x5ee4  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:14:31.0576 0x5ee4  pccsmcfd - ok
20:14:31.0619 0x5ee4  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
20:14:31.0640 0x5ee4  pci - ok
20:14:31.0675 0x5ee4  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
20:14:31.0688 0x5ee4  pciide - ok
20:14:31.0863 0x5ee4  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:14:31.0882 0x5ee4  pcmcia - ok
20:14:31.0952 0x5ee4  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:14:32.0057 0x5ee4  PEAUTH - ok
20:14:32.0286 0x5ee4  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
20:14:32.0567 0x5ee4  pla - ok
20:14:32.0645 0x5ee4  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:14:32.0687 0x5ee4  PlugPlay - ok
20:14:32.0859 0x5ee4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:14:32.0905 0x5ee4  PNRPAutoReg - ok
20:14:32.0933 0x5ee4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:14:32.0995 0x5ee4  PNRPsvc - ok
20:14:33.0127 0x5ee4  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:14:33.0228 0x5ee4  PolicyAgent - ok
20:14:33.0303 0x5ee4  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:14:33.0339 0x5ee4  PptpMiniport - ok
20:14:33.0384 0x5ee4  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
20:14:33.0456 0x5ee4  Processor - ok
20:14:33.0503 0x5ee4  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
20:14:33.0548 0x5ee4  ProfSvc - ok
20:14:33.0578 0x5ee4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
20:14:33.0599 0x5ee4  ProtectedStorage - ok
20:14:33.0629 0x5ee4  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:14:33.0654 0x5ee4  PSched - ok
20:14:33.0715 0x5ee4  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:14:33.0733 0x5ee4  PSI_SVC_2 - ok
20:14:33.0917 0x5ee4  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:14:33.0930 0x5ee4  PxHelp20 - ok
20:14:33.0991 0x5ee4  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:14:34.0056 0x5ee4  ql2300 - ok
20:14:34.0094 0x5ee4  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:14:34.0119 0x5ee4  ql40xx - ok
20:14:34.0190 0x5ee4  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
20:14:34.0238 0x5ee4  QWAVE - ok
20:14:34.0278 0x5ee4  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:14:34.0299 0x5ee4  QWAVEdrv - ok
20:14:34.0385 0x5ee4  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
20:14:34.0420 0x5ee4  RapiMgr - ok
20:14:34.0461 0x5ee4  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:14:34.0538 0x5ee4  RasAcd - ok
20:14:34.0581 0x5ee4  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
20:14:34.0633 0x5ee4  RasAuto - ok
20:14:34.0684 0x5ee4  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:14:34.0732 0x5ee4  Rasl2tp - ok
20:14:34.0773 0x5ee4  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
20:14:34.0838 0x5ee4  RasMan - ok
20:14:34.0901 0x5ee4  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:14:34.0954 0x5ee4  RasPppoe - ok
20:14:34.0978 0x5ee4  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:14:35.0010 0x5ee4  RasSstp - ok
20:14:35.0061 0x5ee4  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:14:35.0108 0x5ee4  rdbss - ok
20:14:35.0156 0x5ee4  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:14:35.0204 0x5ee4  RDPCDD - ok
20:14:35.0298 0x5ee4  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:14:35.0404 0x5ee4  rdpdr - ok
20:14:35.0439 0x5ee4  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:14:35.0497 0x5ee4  RDPENCDD - ok
20:14:35.0549 0x5ee4  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:14:35.0602 0x5ee4  RDPWD - ok
20:14:35.0642 0x5ee4  [ 001B4278407F4303EFC902A2B16F2453, 92A95B0EFAAE7ADC6380D5207C86CB45BEEAE6974417A13669484A9D179E69AC ] regi            C:\Windows\system32\drivers\regi.sys
20:14:35.0674 0x5ee4  regi - ok
20:14:35.0707 0x5ee4  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:14:35.0758 0x5ee4  RemoteAccess - ok
20:14:35.0801 0x5ee4  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:14:35.0831 0x5ee4  RemoteRegistry - ok
20:14:35.0892 0x5ee4  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
20:14:36.0078 0x5ee4  RpcLocator - ok
20:14:36.0120 0x5ee4  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
20:14:36.0187 0x5ee4  RpcSs - ok
20:14:36.0247 0x5ee4  [ 43110C2A2C5ED32EAD96C440718E4452, BAF6E770620AA5B7C80273BB062D6F8FBCD8761FC681C425CC888DD11315AFEC ] RRNetCap        C:\Windows\system32\DRIVERS\rrnetcap.sys
20:14:36.0260 0x5ee4  RRNetCap - ok
20:14:36.0318 0x5ee4  [ 43110C2A2C5ED32EAD96C440718E4452, BAF6E770620AA5B7C80273BB062D6F8FBCD8761FC681C425CC888DD11315AFEC ] RRNetCapMP      C:\Windows\system32\DRIVERS\rrnetcap.sys
20:14:36.0329 0x5ee4  RRNetCapMP - ok
20:14:36.0362 0x5ee4  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:14:36.0395 0x5ee4  rspndr - ok
20:14:36.0605 0x5ee4  [ 0AB8D9D7C5AC81FC736D7C208F737570, FA54821C2241F86DE90075B90FBDF7CF5340933754076112DCE6B9720E60CDA6 ] RT73            C:\Windows\system32\DRIVERS\Dr71WU.sys
20:14:36.0843 0x5ee4  RT73 - ok
20:14:36.0886 0x5ee4  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
20:14:36.0909 0x5ee4  SamSs - ok
20:14:37.0237 0x5ee4  [ 0D5AE23121FD128B39CBBCAEDA498207, A2299D58812B8593CD782CA3185C7EC24FA60D90565E1415591118A40B31C408 ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
20:14:37.0302 0x5ee4  Samsung Link Service - ok
20:14:37.0431 0x5ee4  [ D5223BB45782B35407148A47255497C7, 3E4E4D1C5497697A58D43600DEAF555A11D8442E1D466AA2293F737C41541938 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
20:14:37.0454 0x5ee4  SbieDrv - detected UnsignedFile.Multi.Generic ( 1 )
20:14:37.0454 0x5ee4  SbieDrv ( UnsignedFile.Multi.Generic ) - warning
20:14:39.0911 0x5ee4  [ DE88A8D417BB530003D84FCE6774C0F6, 7C8BBA901EAFFCE2A3E1914F5C8B57908D184DE086B743B22C10BB83C61AEA39 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
20:14:39.0920 0x5ee4  SbieSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:14:39.0920 0x5ee4  SbieSvc ( UnsignedFile.Multi.Generic ) - warning
20:14:42.0363 0x5ee4  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:14:42.0379 0x5ee4  sbp2port - ok
20:14:42.0405 0x5ee4  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:14:42.0450 0x5ee4  SCardSvr - ok
20:14:42.0497 0x5ee4  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
20:14:42.0683 0x5ee4  Schedule - ok
20:14:42.0724 0x5ee4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:14:42.0756 0x5ee4  SCPolicySvc - ok
20:14:42.0857 0x5ee4  [ 5C56F715F11DFB160BBF4CB747564866, 7D0EA8190EE0295F38735D3A7EDBDC5DF13BB00C3F466AA33DB5FA80C18DC314 ] scramby         C:\Windows\system32\drivers\scramby.sys
20:14:42.0883 0x5ee4  scramby - ok
20:14:42.0921 0x5ee4  [ CCB29ACF557F7172367647B30FD21DBE, AF06D24A6908F9933597F436B743BBCCCE63618E2C715A4DF4C054039F1C0341 ] scramby_out     C:\Windows\system32\drivers\scramby_out.sys
20:14:42.0931 0x5ee4  scramby_out - ok
20:14:42.0984 0x5ee4  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:14:43.0039 0x5ee4  SDRSVC - ok
20:14:43.0087 0x5ee4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:14:43.0144 0x5ee4  secdrv - ok
20:14:43.0194 0x5ee4  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
20:14:43.0243 0x5ee4  seclogon - ok
20:14:43.0281 0x5ee4  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
20:14:43.0333 0x5ee4  SENS - ok
20:14:43.0381 0x5ee4  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:14:43.0424 0x5ee4  Serenum - ok
20:14:43.0454 0x5ee4  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:14:43.0524 0x5ee4  Serial - ok
20:14:43.0560 0x5ee4  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:14:43.0608 0x5ee4  sermouse - ok
20:14:43.0941 0x5ee4  [ 5BF59C6BC737BAAF541168E5CB2EC1D9, D792C95C54B9B7A5386EA75318DEF064000F3EDC48845D8EC152A4A6DB931734 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:14:44.0021 0x5ee4  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
20:14:44.0021 0x5ee4  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
20:14:46.0514 0x5ee4  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:14:46.0573 0x5ee4  SessionEnv - ok
20:14:46.0640 0x5ee4  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:14:46.0725 0x5ee4  sffdisk - ok
20:14:46.0747 0x5ee4  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:14:46.0824 0x5ee4  sffp_mmc - ok
20:14:46.0847 0x5ee4  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:14:46.0913 0x5ee4  sffp_sd - ok
20:14:46.0937 0x5ee4  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:14:46.0996 0x5ee4  sfloppy - ok
20:14:47.0044 0x5ee4  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:14:47.0096 0x5ee4  SharedAccess - ok
20:14:47.0153 0x5ee4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:14:47.0194 0x5ee4  ShellHWDetection - ok
20:14:47.0228 0x5ee4  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:14:47.0244 0x5ee4  sisagp - ok
20:14:47.0259 0x5ee4  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:14:47.0274 0x5ee4  SiSRaid2 - ok
20:14:47.0287 0x5ee4  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:14:47.0304 0x5ee4  SiSRaid4 - ok
20:14:47.0624 0x5ee4  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
20:14:48.0639 0x5ee4  slsvc - ok
20:14:48.0874 0x5ee4  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:14:48.0930 0x5ee4  SLUINotify - ok
20:14:48.0991 0x5ee4  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:14:49.0047 0x5ee4  Smb - ok
20:14:49.0103 0x5ee4  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:14:49.0145 0x5ee4  SNMPTRAP - ok
20:14:49.0183 0x5ee4  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:14:49.0198 0x5ee4  spldr - ok
20:14:49.0257 0x5ee4  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
20:14:49.0328 0x5ee4  Spooler - ok
20:14:49.0425 0x5ee4  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:14:49.0479 0x5ee4  srv - ok
20:14:49.0523 0x5ee4  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:14:49.0576 0x5ee4  srv2 - ok
20:14:49.0613 0x5ee4  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:14:49.0647 0x5ee4  srvnet - ok
20:14:49.0681 0x5ee4  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:14:49.0742 0x5ee4  SSDPSRV - ok
20:14:49.0786 0x5ee4  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:14:49.0852 0x5ee4  SstpSvc - ok
20:14:50.0020 0x5ee4  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
20:14:50.0238 0x5ee4  stisvc - ok
20:14:50.0266 0x5ee4  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:14:50.0281 0x5ee4  swenum - ok
20:14:50.0468 0x5ee4  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:14:50.0575 0x5ee4  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:14:50.0575 0x5ee4  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
20:14:53.0058 0x5ee4  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
20:14:53.0103 0x5ee4  swprv - ok
20:14:53.0158 0x5ee4  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:14:53.0184 0x5ee4  Symc8xx - ok
20:14:53.0218 0x5ee4  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:14:53.0232 0x5ee4  Sym_hi - ok
20:14:53.0268 0x5ee4  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:14:53.0281 0x5ee4  Sym_u3 - ok
20:14:53.0385 0x5ee4  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
20:14:53.0457 0x5ee4  SysMain - ok
20:14:53.0499 0x5ee4  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:14:53.0531 0x5ee4  TabletInputService - ok
20:14:53.0597 0x5ee4  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:14:53.0639 0x5ee4  TapiSrv - ok
20:14:53.0687 0x5ee4  [ 77BD6143C6DCE0A1BF7B5571BED860DC, B628CBA8FF127506C26B2E599A1588255CFD733721B7425D944306E2059C71BA ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
20:14:53.0703 0x5ee4  tbhsd - ok
20:14:53.0760 0x5ee4  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
20:14:53.0807 0x5ee4  TBS - ok
20:14:53.0885 0x5ee4  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:14:53.0989 0x5ee4  Tcpip - ok
20:14:54.0030 0x5ee4  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:14:54.0100 0x5ee4  Tcpip6 - ok
20:14:54.0163 0x5ee4  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:14:54.0251 0x5ee4  tcpipreg - ok
20:14:54.0311 0x5ee4  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:14:54.0344 0x5ee4  TDPIPE - ok
20:14:54.0390 0x5ee4  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:14:54.0474 0x5ee4  TDTCP - ok
20:14:54.0563 0x5ee4  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:14:54.0604 0x5ee4  tdx - ok
20:14:55.0569 0x5ee4  [ 775A7C4B689C0F112A12AD62064E57D1, C9E9B0F89AEA660CA80F8CC1C9E7116E199B267700265BB47640B0A9341C52FF ] TeamViewer8     C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
20:14:55.0829 0x5ee4  TeamViewer8 - ok
20:14:55.0866 0x5ee4  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:14:55.0883 0x5ee4  TermDD - ok
20:14:55.0940 0x5ee4  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
20:14:56.0048 0x5ee4  TermService - ok
20:14:56.0087 0x5ee4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
20:14:56.0117 0x5ee4  Themes - ok
20:14:56.0158 0x5ee4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:14:56.0201 0x5ee4  THREADORDER - ok
20:14:56.0252 0x5ee4  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
20:14:56.0305 0x5ee4  TrkWks - ok
20:14:56.0397 0x5ee4  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:14:56.0439 0x5ee4  TrustedInstaller - ok
20:14:56.0607 0x5ee4  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:14:56.0683 0x5ee4  tssecsrv - ok
20:14:56.0753 0x5ee4  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:14:56.0795 0x5ee4  tunmp - ok
20:14:56.0821 0x5ee4  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:14:56.0850 0x5ee4  tunnel - ok
20:14:56.0881 0x5ee4  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:14:56.0897 0x5ee4  uagp35 - ok
20:14:56.0946 0x5ee4  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:14:56.0980 0x5ee4  udfs - ok
20:14:57.0043 0x5ee4  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:14:57.0078 0x5ee4  UI0Detect - ok
20:14:57.0128 0x5ee4  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:14:57.0143 0x5ee4  uliagpkx - ok
20:14:57.0186 0x5ee4  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:14:57.0208 0x5ee4  uliahci - ok
20:14:57.0273 0x5ee4  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:14:57.0324 0x5ee4  UlSata - ok
20:14:57.0346 0x5ee4  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:14:57.0364 0x5ee4  ulsata2 - ok
20:14:57.0413 0x5ee4  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:14:57.0469 0x5ee4  umbus - ok
20:14:57.0502 0x5ee4  [ 4847639D852763EE39415C929470F672, 75CF9471BA3EA54E5BE66CD7612DA134B3370D7C3FBA8B2682093C03A0AD87B5 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
20:14:57.0529 0x5ee4  UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
20:14:57.0529 0x5ee4  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
20:14:59.0995 0x5ee4  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
20:15:00.0054 0x5ee4  upnphost - ok
20:15:00.0079 0x5ee4  [ B1B8BEE26227DAD9835019201552CB05, 992DBB8C81CCAB16B864F4FAC012558BE52ABD38D3F54F587F1B1001EC0F6C07 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
20:15:00.0138 0x5ee4  upperdev - ok
20:15:00.0170 0x5ee4  [ 73B41F4EAD65F355962168D766AF0F2E, AA33CAE55D4766C9F1E9F1B50EEAE1CA4BE968380C89892A46D2D25EAEEDC64D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:15:00.0231 0x5ee4  USBAAPL - ok
20:15:00.0282 0x5ee4  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:00.0330 0x5ee4  usbccgp - ok
20:15:00.0377 0x5ee4  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:15:00.0464 0x5ee4  usbcir - ok
20:15:00.0495 0x5ee4  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:15:00.0514 0x5ee4  usbehci - ok
20:15:00.0559 0x5ee4  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:15:00.0609 0x5ee4  usbhub - ok
20:15:00.0638 0x5ee4  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
20:15:00.0655 0x5ee4  usbohci - ok
20:15:00.0694 0x5ee4  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:15:00.0750 0x5ee4  usbprint - ok
20:15:00.0795 0x5ee4  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:15:00.0820 0x5ee4  usbscan - ok
20:15:00.0880 0x5ee4  [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser          C:\Windows\system32\drivers\usbser.sys
20:15:00.0965 0x5ee4  usbser - ok
20:15:01.0025 0x5ee4  [ 98E1FF1D732C6C7200B6C59D4FF8C1C3, 3DD0532C9C9BABD355718E3D1B9B1A024F00B9F2C2BD584BD2AF167783D9B8AC ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
20:15:01.0071 0x5ee4  UsbserFilt - ok
20:15:01.0109 0x5ee4  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:01.0145 0x5ee4  USBSTOR - ok
20:15:01.0213 0x5ee4  [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:15:01.0289 0x5ee4  usbuhci - ok
20:15:01.0323 0x5ee4  [ 35C9095FA7076466AFBFC5B9EC4B779E, 6E4F8241020DC3353A802849AB7930C8E4271BD19CFA66EDF2F60038CC53D836 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
20:15:01.0345 0x5ee4  usb_rndisx - ok
20:15:01.0373 0x5ee4  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
20:15:01.0399 0x5ee4  UxSms - ok
20:15:01.0421 0x5ee4  [ B2ABAB4CA46BAD182E27763DC19C780F, D581C2EAD3CEE2FEE8A1B6B0A4088518E78DC63FF38CB3CABA3F9CDC1367D9A9 ] VCSVADHWSer     C:\Windows\system32\DRIVERS\vcsvad.sys
20:15:01.0467 0x5ee4  VCSVADHWSer - ok
20:15:01.0508 0x5ee4  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
20:15:01.0560 0x5ee4  vds - ok
20:15:01.0595 0x5ee4  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:01.0655 0x5ee4  vga - ok
20:15:01.0698 0x5ee4  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:15:01.0743 0x5ee4  VgaSave - ok
20:15:01.0763 0x5ee4  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:15:01.0779 0x5ee4  viaagp - ok
20:15:01.0800 0x5ee4  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:15:01.0874 0x5ee4  ViaC7 - ok
20:15:01.0894 0x5ee4  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:15:01.0908 0x5ee4  viaide - ok
20:15:01.0942 0x5ee4  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:15:01.0972 0x5ee4  volmgr - ok
20:15:02.0051 0x5ee4  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:15:02.0078 0x5ee4  volmgrx - ok
20:15:02.0112 0x5ee4  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:15:02.0147 0x5ee4  volsnap - ok
20:15:02.0211 0x5ee4  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:15:02.0227 0x5ee4  vsmraid - ok
20:15:02.0385 0x5ee4  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
20:15:02.0493 0x5ee4  VSS - ok
20:15:02.0539 0x5ee4  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
20:15:02.0638 0x5ee4  W32Time - ok
20:15:02.0662 0x5ee4  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:15:02.0731 0x5ee4  WacomPen - ok
20:15:02.0770 0x5ee4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:15:02.0818 0x5ee4  Wanarp - ok
20:15:02.0826 0x5ee4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:15:02.0854 0x5ee4  Wanarpv6 - ok
20:15:02.0936 0x5ee4  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
20:15:02.0993 0x5ee4  WcesComm - ok
20:15:03.0080 0x5ee4  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:15:03.0181 0x5ee4  wcncsvc - ok
20:15:03.0248 0x5ee4  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:15:03.0298 0x5ee4  WcsPlugInService - ok
20:15:03.0337 0x5ee4  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
20:15:03.0356 0x5ee4  Wd - ok
20:15:03.0413 0x5ee4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:15:03.0462 0x5ee4  Wdf01000 - ok
20:15:03.0498 0x5ee4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:15:03.0561 0x5ee4  WdiServiceHost - ok
20:15:03.0570 0x5ee4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:15:03.0608 0x5ee4  WdiSystemHost - ok
20:15:03.0658 0x5ee4  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
20:15:03.0689 0x5ee4  WebClient - ok
20:15:03.0749 0x5ee4  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:15:03.0815 0x5ee4  Wecsvc - ok
20:15:03.0855 0x5ee4  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:15:03.0897 0x5ee4  wercplsupport - ok
20:15:03.0913 0x5ee4  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:15:03.0972 0x5ee4  WerSvc - ok
20:15:04.0114 0x5ee4  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:15:04.0139 0x5ee4  WinDefend - ok
20:15:04.0148 0x5ee4  WinHttpAutoProxySvc - ok
20:15:04.0251 0x5ee4  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:15:04.0290 0x5ee4  Winmgmt - ok
20:15:04.0386 0x5ee4  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:15:04.0545 0x5ee4  WinRM - ok
20:15:04.0647 0x5ee4  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
20:15:04.0673 0x5ee4  WinUSB - ok
20:15:04.0737 0x5ee4  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:15:04.0812 0x5ee4  Wlansvc - ok
20:15:05.0003 0x5ee4  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:15:05.0230 0x5ee4  wlidsvc - ok
20:15:05.0292 0x5ee4  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:15:05.0351 0x5ee4  WmiAcpi - ok
20:15:05.0410 0x5ee4  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:15:05.0439 0x5ee4  wmiApSrv - ok
20:15:05.0634 0x5ee4  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:15:05.0824 0x5ee4  WMPNetworkSvc - ok
20:15:05.0953 0x5ee4  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:15:06.0010 0x5ee4  WPCSvc - ok
20:15:06.0036 0x5ee4  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:15:06.0077 0x5ee4  WPDBusEnum - ok
20:15:06.0152 0x5ee4  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:15:06.0168 0x5ee4  WpdUsb - ok
20:15:06.0355 0x5ee4  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:15:06.0455 0x5ee4  WPFFontCache_v0400 - ok
20:15:06.0555 0x5ee4  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:15:06.0662 0x5ee4  ws2ifsl - ok
20:15:06.0713 0x5ee4  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:15:06.0755 0x5ee4  wscsvc - ok
20:15:06.0764 0x5ee4  WSearch - ok
20:15:06.0959 0x5ee4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:15:07.0689 0x5ee4  wuauserv - ok
20:15:07.0791 0x5ee4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:15:07.0874 0x5ee4  WudfPf - ok
20:15:07.0915 0x5ee4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:15:07.0959 0x5ee4  WUDFRd - ok
20:15:07.0998 0x5ee4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:15:08.0030 0x5ee4  wudfsvc - ok
20:15:08.0087 0x5ee4  ================ Scan global ===============================
20:15:08.0163 0x5ee4  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:15:08.0275 0x5ee4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:15:08.0328 0x5ee4  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:15:08.0442 0x5ee4  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
20:15:08.0457 0x5ee4  [ Global ] - ok
20:15:08.0458 0x5ee4  ================ Scan MBR ==================================
20:15:08.0488 0x5ee4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:15:09.0176 0x5ee4  \Device\Harddisk0\DR0 - ok
20:15:09.0197 0x5ee4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
20:15:10.0030 0x5ee4  \Device\Harddisk1\DR1 - ok
20:15:10.0049 0x5ee4  ================ Scan VBR ==================================
20:15:10.0069 0x5ee4  [ 0DECE963E3EF1F68656E5CEE9D73FBD6 ] \Device\Harddisk0\DR0\Partition1
20:15:10.0094 0x5ee4  \Device\Harddisk0\DR0\Partition1 - ok
20:15:10.0104 0x5ee4  [ 1186471E2679E0FB38DC3966D4EAEF84 ] \Device\Harddisk1\DR1\Partition1
20:15:10.0150 0x5ee4  \Device\Harddisk1\DR1\Partition1 - ok
20:15:10.0158 0x5ee4  [ E783026680AB0DFAE0646315B2705D31 ] \Device\Harddisk1\DR1\Partition2
20:15:10.0160 0x5ee4  \Device\Harddisk1\DR1\Partition2 - ok
20:15:10.0184 0x5ee4  [ 1943AD90E5B0B94391EFD0254A0F293B ] \Device\Harddisk1\DR1\Partition3
20:15:10.0185 0x5ee4  \Device\Harddisk1\DR1\Partition3 - ok
20:15:10.0396 0x5ee4  AV detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x40000 ( disabled : updated )
20:15:10.0421 0x5ee4  FW detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x40010 ( disabled )
20:15:10.0439 0x5ee4  Win FW state via NFP2: disabled
20:15:12.0875 0x5ee4  ============================================================
20:15:12.0875 0x5ee4  Scan finished
20:15:12.0875 0x5ee4  ============================================================
20:15:12.0899 0x5e64  Detected object count: 10
20:15:12.0899 0x5e64  Actual detected object count: 10
20:16:40.0600 0x5e64  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
20:16:40.0600 0x5e64  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
20:16:40.0604 0x5e64  CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0604 0x5e64  CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:40.0607 0x5e64  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0607 0x5e64  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:40.0616 0x5e64  nvsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0616 0x5e64  nvsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:40.0617 0x5e64  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0617 0x5e64  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:40.0623 0x5e64  SbieDrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0623 0x5e64  SbieDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:40.0630 0x5e64  SbieSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0631 0x5e64  SbieSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:40.0633 0x5e64  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0633 0x5e64  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:40.0636 0x5e64  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0637 0x5e64  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:40.0641 0x5e64  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:40.0645 0x5e64  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 01.03.2014, 13:33   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Standard

Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)



Auch sauber. Vista Scheibe zur Hand? Dann machen wir ne Rep-Installation.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)
akamai, avp, bonjour, downloader, ebanking, explorer funktioniert nicht, flash player, funktioniert nicht mehr, helper, home, homepage, hängen, hängt, kaspersky, live cd, logfile, maximal, mozilla, problem, programm, registry, scan, security, software, starten, svchost.exe, taskmanager, tastatur, tracker, vista, windows



Ähnliche Themen: Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)


  1. Windows Explorer stürzt ab
    Alles rund um Windows - 30.11.2014 (9)
  2. Windows Explorer stürzt bereits beim Start ständig ab
    Log-Analyse und Auswertung - 12.11.2014 (22)
  3. Computer stürzt in Dauerschleife ab. Virus oder Hardware?
    Plagegeister aller Art und deren Bekämpfung - 28.10.2014 (16)
  4. Windows 7: Firefox stürzt nach Start sofort ab
    Log-Analyse und Auswertung - 19.09.2014 (15)
  5. Computer stürzt kurz nach Windows Start ab - abgesicherter Modus funktioniert
    Log-Analyse und Auswertung - 11.08.2014 (11)
  6. Windows 7 nach Zurücksetzen auf Werkseinstellungen extrem langsam, Windows Explorer stürzt dauernd ab
    Log-Analyse und Auswertung - 22.06.2014 (13)
  7. Windows Vista stürzt ab und ist unendlich langsam
    Plagegeister aller Art und deren Bekämpfung - 24.03.2014 (16)
  8. Windows Vista weißer Bildschirm nach Windows Start
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (17)
  9. Vista Windows Explorer stürzt als ab...nur beim Ordner Bilder
    Plagegeister aller Art und deren Bekämpfung - 28.01.2013 (7)
  10. "Explorer.exe" stürzt nach start von Windows 7 ab
    Log-Analyse und Auswertung - 15.10.2012 (1)
  11. W7 Windows Explorer stürzt ab
    Log-Analyse und Auswertung - 03.07.2012 (6)
  12. Windows Explorer stürzt bei pc start immer wieder ab und lädt sich neu
    Plagegeister aller Art und deren Bekämpfung - 12.04.2012 (1)
  13. RunDLL: Fehler bei Start, Explorer.exe: stürzt regelmäßig ab, IE: Pop-Ups, Chrome unverwendbar,Viren
    Plagegeister aller Art und deren Bekämpfung - 09.10.2010 (1)
  14. IE Fenster öffnet sich bei Windows Start / Windows stürzt ab
    Log-Analyse und Auswertung - 28.09.2009 (9)
  15. Windows stürzt nach dem Start sofort ab
    Log-Analyse und Auswertung - 01.07.2009 (0)
  16. Explorer startet nicht beim Start von Vista Ultimate.
    Mülltonne - 05.10.2008 (0)
  17. Windows Explorer stürzt ab
    Log-Analyse und Auswertung - 06.05.2005 (2)

Zum Thema Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) - Hallo, folgendes Problem plagt mich seit 6 Uhr morgens: Starte ich den PC, Windows Vista 32 bit, erscheint der Desktophintergrund, Taskleiste und drei Symbole in der Tray. Dann kommt "Windows - Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)...
Archiv
Du betrachtest: Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.