allgemein Laptop braucht extrem lange für Aktionen

WolfsHawk · 19.01.2015, 12:20

Hallo,

mein Laptop arbeitet viel zu langsam zum Beispiel benötigt mein Laptop für das öffnen von Word Dateien bis zu 2 min. Bei Google Chrome öffnet er mir mehrere Tabs und obwohl Google als Startseite festgelegt ist, kommt eine andere Seite.

für die Hilfe danke ich mich schon im voraus.

MfG

schrauber · 19.01.2015, 12:36

Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

WolfsHawk · 19.01.2015, 12:59

Hier die Ergebnisse

von FXT

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Akay (administrator) on AKAY-HP on 19-01-2015 12:48:54
Running from C:\Users\Akay\Downloads
Loaded Profiles: Akay (Available profiles: Akay & Akay_2 & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2010-09-13] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2010-09-22] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2015-01-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1962253291-148107300-3505088333-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-1962253291-148107300-3505088333-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1962253291-148107300-3505088333-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1962253291-148107300-3505088333-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1962253291-148107300-3505088333-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1962253291-148107300-3505088333-1000\...\MountPoints2: {f13fc9a5-9e95-11e0-b9c3-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-30] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1962253291-148107300-3505088333-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bitable.com/
HKU\S-1-5-21-1962253291-148107300-3505088333-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Notebooks
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Notebooks
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=849cd9b6000000000000889ffaa88692
SearchScopes: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=849cd9b6000000000000889ffaa88692
SearchScopes: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> {477CCFAC-A14B-43DE-A883-AAA885E8E910} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=4714119D-02B5-49C3-89D8-31AE0F6DA21A&apn_sauid=9E8DC2EB-2C4F-4665-9FC1-4B7CFD4BC668
SearchScopes: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Notebooks
SearchScopes: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1962253291-148107300-3505088333-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Akay\AppData\Roaming\Mozilla\Firefox\Profiles\RVoZbcOP.default
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1962253291-148107300-3505088333-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: Avira Browser Safety - C:\Users\Akay\AppData\Roaming\Mozilla\Firefox\Profiles\RVoZbcOP.default\Extensions\abs@avira.com [2014-10-03]

Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "https://www.google.de/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Akay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Akay\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-03]
CHR Extension: (Avira Browserschutz) - C:\Users\Akay\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-04]
CHR Extension: (Webseite Blocher (Beta)) - C:\Users\Akay\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-08-01]
CHR Extension: (Schwarz + Silber-Metall-Kohlenstoff) - C:\Users\Akay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2014-10-03]
CHR Extension: (Need for Speed World) - C:\Users\Akay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2014-08-01]
CHR Extension: (Google Wallet) - C:\Users\Akay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2015-01-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2015-01-17] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U0 sr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 12:48 - 2015-01-19 12:51 - 00014831 _____ () C:\Users\Akay\Downloads\FRST.txt
2015-01-19 12:48 - 2015-01-19 12:49 - 00000000 ____D () C:\FRST
2015-01-19 12:42 - 2015-01-19 12:44 - 02126848 _____ (Farbar) C:\Users\Akay\Downloads\FRST64.exe
2015-01-17 20:19 - 2015-01-17 20:19 - 00849056 _____ () C:\Users\Gast\Downloads\Player Setup (2).exe
2015-01-17 20:18 - 2015-01-17 20:18 - 00849056 _____ () C:\Users\Gast\Downloads\Player Setup.exe
2015-01-17 20:18 - 2015-01-17 20:18 - 00849040 _____ () C:\Users\Gast\Downloads\Player Setup (1).exe
2015-01-17 20:12 - 2015-01-17 20:12 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Avira
2015-01-13 22:19 - 2015-01-13 22:19 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\hpqlog
2015-01-13 22:18 - 2015-01-13 22:18 - 00076704 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 22:16 - 2015-01-13 22:16 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2015-01-13 22:15 - 2015-01-13 22:15 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2015-01-13 22:14 - 2015-01-13 22:15 - 00000000 ____D () C:\Users\Gast
2015-01-13 22:14 - 2015-01-13 22:14 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2015-01-13 22:14 - 2015-01-13 22:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2015-01-13 22:14 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-13 22:14 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 12:49 - 2011-04-08 00:37 - 01274158 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 12:46 - 2009-07-14 05:45 - 00025968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-19 12:46 - 2009-07-14 05:45 - 00025968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-19 12:15 - 2013-06-26 20:10 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1962253291-148107300-3505088333-1003UA.job
2015-01-19 11:59 - 2014-10-29 13:20 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-19 11:59 - 2012-10-09 12:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-19 11:30 - 2012-05-26 12:01 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-19 11:29 - 2014-10-06 15:28 - 00000616 _____ () C:\Windows\setupact.log
2015-01-19 11:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-17 19:54 - 2014-10-29 13:20 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-17 19:54 - 2014-10-29 13:19 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-17 19:51 - 2012-05-26 12:01 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-17 19:46 - 2013-06-26 20:09 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1962253291-148107300-3505088333-1003Core.job
2015-01-13 22:20 - 2014-10-03 17:22 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-13 22:20 - 2014-10-03 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-13 22:20 - 2014-10-03 17:21 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-13 22:20 - 2014-10-03 17:20 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-13 21:59 - 2012-05-05 10:12 - 00076704 _____ () C:\Users\Akay_2\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 21:58 - 2012-10-09 12:07 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-13 21:58 - 2012-05-18 17:38 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 21:58 - 2012-05-18 17:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-08 09:55 - 2012-03-17 15:20 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======
2013-11-10 18:36 - 2013-11-10 18:36 - 50053120 _____ () C:\Program Files (x86)\GUT5BD6.tmp
2013-10-20 11:11 - 2013-10-20 11:11 - 50053120 _____ () C:\Program Files (x86)\GUTC532.tmp
2012-04-29 20:13 - 2012-04-29 20:13 - 0000051 _____ () C:\Users\Akay\AppData\Local\Kosong.Bron.Tok.txt
2012-08-11 12:29 - 2012-08-11 12:29 - 0007605 _____ () C:\Users\Akay\AppData\Local\Resmon.ResmonCfg
2012-10-09 12:09 - 2012-10-09 12:09 - 0012393 _____ () C:\Users\Akay\AppData\Local\Update.12.Bron.Tok.bin
2011-04-08 00:45 - 2011-04-08 00:45 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-10-17 18:32 - 2010-10-17 18:32 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-04-08 00:45 - 2011-04-08 00:45 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-10-17 18:25 - 2010-10-17 18:26 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-04-08 00:44 - 2011-04-08 00:44 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2011-04-08 00:45 - 2011-04-08 00:45 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-10-17 18:24 - 2010-10-17 18:24 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-10-17 18:26 - 2010-10-17 18:31 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-10-17 18:32 - 2011-04-08 00:45 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\Akay\AppData\Local\Temp\avgnt.exe
C:\Users\Akay\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpetzmg5.dll
C:\Users\Akay_2\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-04 15:01

==================== End Of Log ============================

--- --- ---

und hier ADD

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Akay at 2015-01-19 12:51:57
Running from C:\Users\Akay\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3320 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1962253291-148107300-3505088333-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Software Framework (HKLM-x32\...\{1C8BEECD-87F4-44A6-B7F4-C738922B0C2E}) (Version: 4.0.70.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}) (Version: 5.1.8.12 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}) (Version: 4.0.10.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.2 Help Pack (German) (HKLM-x32\...\{2EC623B7-3559-4058-B4AC-14DC018FC0B7}) (Version: 4.2.6.3 - The Document Foundation)
LibreOffice 4.2.6.3 (HKLM-x32\...\{14DB1822-00B5-4820-86B5-EF893CA46B53}) (Version: 4.2.6.3 - The Document Foundation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.13 - ProtectDisc Software GmbH)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.1.11.0 - Ralink)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3223 - CyberLink Corp.) Hidden
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
VLC media player 1.1.9 (HKLM-x32\...\VLC media player) (Version: 1.1.9 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962253291-148107300-3505088333-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

03-10-2014 18:20:50 OpenOffice 4.1.1 wird installiert
07-10-2014 07:23:54 Windows Update
07-10-2014 09:13:14 OpenOffice 4.1.1 wird entfernt
07-10-2014 09:18:43 Installed LibreOffice 4.2.6.3
07-10-2014 09:24:37 Installed LibreOffice 4.2 Help Pack (German)
29-10-2014 12:54:53 Removed Microsoft Silverlight
29-10-2014 13:07:41 Konfiguriert PhotoNow
29-10-2014 13:11:51 Removed PictureMover.
29-10-2014 13:13:50 Removed LightScribe System Software.
29-10-2014 13:17:50 Microsoft Office Klick-und-Los 2010 wird entfernt
29-10-2014 13:26:04 Microsoft Office 2010 wird entfernt
29-10-2014 14:07:16 Windows Update
04-11-2014 08:59:25 Removed Norton Online Backup
04-11-2014 09:01:10 Windows Update
04-11-2014 12:24:34 Microsoft Office Word Viewer 2003 wird installiert
04-11-2014 12:36:01 Compatibility Pack für 2007 Office System wird installiert
19-01-2015 12:18:48 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {006B0872-FA7A-423A-BB30-291EF1F449BF} - System32\Tasks\{976768B9-3F7B-41F8-BAA1-3023C11DDB69} => C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon\NFSC.exe
Task: {080E88E2-E0F8-43D9-AD5F-2A0592A00B93} - System32\Tasks\{40926D45-3FD2-4712-8001-2510744EE3C8} => C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon\NFSC.exe
Task: {37284E1F-03E1-40EB-9506-6EA1924E5A37} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {3BB7B58B-538F-4688-B7A9-97A865392FD4} - System32\Tasks\{62B660AA-E743-4ED0-9647-A7470D599C6E} => pcalua.exe -a "F:\USB sachen\Sonstiges\Games\Games.exe" -d "F:\USB sachen\Sonstiges\Games"
Task: {7918EAE2-6215-40EE-91CD-6020DB6F9922} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1962253291-148107300-3505088333-1003UA => C:\Users\Akay_2\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-26] (Facebook Inc.)
Task: {7ECE6EBB-3F6A-4826-983F-1DCDACE05A01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-09-17] (Hewlett-Packard Company)
Task: {87DE27B0-6B1B-4538-8750-916657FB2B68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)
Task: {8B2467BA-E856-4DC4-BC40-EC193776698F} - System32\Tasks\{FFED7BA1-082B-46F0-91DC-3655FE142CBE} => C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon\NFSC.exe
Task: {988BA793-A2AE-4D41-B513-D2B50610D485} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1962253291-148107300-3505088333-1003Core => C:\Users\Akay_2\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-26] (Facebook Inc.)
Task: {BFF418D8-B701-40EC-B2DF-FD1D6C5BF295} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D02378A7-247C-41C3-9145-A65D2E587A6D} - System32\Tasks\DST => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe [2010-09-21] (Microsoft)
Task: {DAABD78B-8193-4DFA-918F-86A8F6559E27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)
Task: {DC9A7A1C-D609-4AD4-A9F0-BC4D3BD186A1} - System32\Tasks\{28D462D7-77CA-4496-84DD-71B8D068B234} => pcalua.exe -a E:\INSTALL.EXE -d E:\
Task: {DE564508-24AA-4F0E-A2A7-DD9AD1B79E15} - System32\Tasks\{6EF523B3-3AB6-49DF-8A8C-C69FA96BA52D} => pcalua.exe -a E:\DirectX\DXSETUP.exe -d E:\DirectX
Task: {E5626082-67D4-4CD4-9D95-1EC0D1E4E80D} - System32\Tasks\{E1E31C02-EAAD-4A5F-A639-6C452E7CD1AF} => C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon\NFSC.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1962253291-148107300-3505088333-1003Core.job => C:\Users\Akay_2\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1962253291-148107300-3505088333-1003UA.job => C:\Users\Akay_2\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-07-21 13:33 - 2010-07-21 13:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 13:33 - 2010-07-21 13:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-07-21 13:33 - 2010-07-21 13:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2014-10-29 14:53 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-29 14:53 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-29 14:54 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-29 14:53 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Steam Client Service => 3

========================= Accounts: ==========================

Administrator (S-1-5-21-1962253291-148107300-3505088333-500 - Administrator - Disabled)
Akay (S-1-5-21-1962253291-148107300-3505088333-1000 - Administrator - Enabled) => C:\Users\Akay
Akay_2 (S-1-5-21-1962253291-148107300-3505088333-1003 - Limited - Enabled) => C:\Users\Akay_2
Gast (S-1-5-21-1962253291-148107300-3505088333-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1962253291-148107300-3505088333-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2014 01:00:07 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (10/29/2014 00:49:59 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=FFC}
24604E0A-40000194

Error: (10/29/2014 00:49:59 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=FFC}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6120.5002.sft24604E0A-4000019424604E0A-40000194

Error: (10/07/2014 08:50:12 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (10/07/2014 08:40:31 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=EB4}
2460420A-40002EE2

Error: (10/07/2014 08:40:31 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=EB4}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6120.5002.sft2460420A-40002EE22460420A-40002EE2

Error: (10/07/2014 07:24:18 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (10/07/2014 07:13:53 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=E98}
24604E0A-40000194

Error: (10/07/2014 07:13:53 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=E98}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6120.5002.sft24604E0A-4000019424604E0A-40000194

Error: (10/06/2014 03:38:54 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).


System errors:
=============
Error: (01/17/2015 08:06:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (01/17/2015 07:53:09 PM) (Source: DCOM) (EventID: 10016) (User: Akay-HP)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}Akay-HPGastS-1-5-21-1962253291-148107300-3505088333-501LocalHost (unter Verwendung von LRPC)

Error: (01/17/2015 07:53:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/17/2015 07:53:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update Service (gupdate) erreicht.

Error: (01/17/2015 07:46:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HP Health Check Service erreicht.

Error: (01/14/2015 04:52:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (01/14/2015 04:51:35 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Modules Installer konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (01/13/2015 10:49:35 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (01/13/2015 10:45:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (01/13/2015 10:17:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.


Microsoft Office Sessions:
=========================
Error: (10/29/2014 01:00:07 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (10/29/2014 00:49:59 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=FFC}
24604E0A-40000194

Error: (10/29/2014 00:49:59 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=FFC}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6120.5002.sft24604E0A-4000019424604E0A-40000194

Error: (10/07/2014 08:50:12 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (10/07/2014 08:40:31 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=EB4}
2460420A-40002EE2

Error: (10/07/2014 08:40:31 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=EB4}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6120.5002.sft2460420A-40002EE22460420A-40002EE2

Error: (10/07/2014 07:24:18 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (10/07/2014 07:13:53 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=E98}
24604E0A-40000194

Error: (10/07/2014 07:13:53 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=11:app=OfficeVirt 9014006604070000:tid=E98}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6120.5002.sft24604E0A-4000019424604E0A-40000194

Error: (10/06/2014 03:38:54 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 71%
Total physical RAM: 1978.91 MB
Available physical RAM: 573.72 MB
Total Pagefile: 3957.83 MB
Available Pagefile: 1536.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:279.67 GB) (Free:222.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:18.13 GB) (Free:2.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: B565CE26)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=279.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

MfG

schrauber · 19.01.2015, 15:49

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

WolfsHawk · 19.01.2015, 17:45

mbam

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2015.01.19.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17358
Akay :: AKAY-HP [administrator]

19.01.2015 16:17:01
mbar-log-2015-01-19 (16-17-01).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 412642
Time elapsed: 44 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 38
C:\Users\Akay\AppData\Local\Bron.tok-12-20 (Worm.Brontok) -> Delete on reboot. [f45011e8f79245f19a411b1b24dfaa56]
C:\Users\Akay\AppData\Local\Bron.tok-12-1 (Worm.Brontok) -> Delete on reboot. [c1830bee34553ff701daf0468d76df21]
C:\Users\Akay\AppData\Local\Bron.tok-12-10 (Worm.Brontok) -> Delete on reboot. [d272bb3ed4b549edc516dd5916ed9868]
C:\Users\Akay\AppData\Local\Bron.tok-12-11 (Worm.Brontok) -> Delete on reboot. [57ed2fca0287a393d00b45f1659e07f9]
C:\Users\Akay\AppData\Local\Bron.tok-12-14 (Worm.Brontok) -> Delete on reboot. [c87c8871b2d7c86e2bb096a09370916f]
C:\Users\Akay\AppData\Local\Bron.tok-12-15 (Worm.Brontok) -> Delete on reboot. [a2a210e96326f93d43984de981823ac6]
C:\Users\Akay\AppData\Local\Bron.tok-12-16 (Worm.Brontok) -> Delete on reboot. [6bd9ba3fb4d5a88e1ebd0e28b74c60a0]
C:\Users\Akay\AppData\Local\Bron.tok-12-18 (Worm.Brontok) -> Delete on reboot. [271d3bbeea9fc472a7343006aa59728e]
C:\Users\Akay\AppData\Local\Bron.tok-12-19 (Worm.Brontok) -> Delete on reboot. [301455a4c1c8b581a734a78ffa09768a]
C:\Users\Akay\AppData\Local\Bron.tok-12-2 (Worm.Brontok) -> Delete on reboot. [bf853dbc99f01125defd12244ab908f8]
C:\Users\Akay\AppData\Local\Bron.tok-12-22 (Worm.Brontok) -> Delete on reboot. [c48015e491f8ff370ccfee483bc846ba]
C:\Users\Akay\AppData\Local\Bron.tok-12-24 (Worm.Brontok) -> Delete on reboot. [4afaef0a4049d75fdb00c57122e1f30d]
C:\Users\Akay\AppData\Local\Bron.tok-12-26 (Worm.Brontok) -> Delete on reboot. [5de728d15a2f92a44c8f57df08fbfc04]
C:\Users\Akay\AppData\Local\Bron.tok-12-27 (Worm.Brontok) -> Delete on reboot. [56ee6594eb9ec175d704ed499f64d729]
C:\Users\Akay\AppData\Local\Bron.tok-12-28 (Worm.Brontok) -> Delete on reboot. [e46017e291f8ad8977643ef8976cd52b]
C:\Users\Akay\AppData\Local\Bron.tok-12-29 (Worm.Brontok) -> Delete on reboot. [083cf108e2a77bbbfbe05dd9758eea16]
C:\Users\Akay\AppData\Local\Bron.tok-12-3 (Worm.Brontok) -> Delete on reboot. [e361d425e9a0af8708d3082ed231c43c]
C:\Users\Akay\AppData\Local\Bron.tok-12-30 (Worm.Brontok) -> Delete on reboot. [6ed6f7027b0e2d09e0fba4929d66bb45]
C:\Users\Akay\AppData\Local\Bron.tok-12-4 (Worm.Brontok) -> Delete on reboot. [ab99c1381a6f0c2aac2fce68e51eed13]
C:\Users\Akay\AppData\Local\Bron.tok-12-7 (Worm.Brontok) -> Delete on reboot. [f25268910a7f9b9b0fccad890201827e]
C:\Users\Akay\AppData\Local\Bron.tok-12-8 (Worm.Brontok) -> Delete on reboot. [044027d2b5d41b1b805b3303659e7b85]
C:\Users\Akay\AppData\Local\Bron.tok-12-9 (Worm.Brontok) -> Delete on reboot. [64e0fcfdcabf9f975388fb3b7192817f]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-9 (Worm.Brontok) -> Delete on reboot. [bc886099a2e73cfa56850d29d52e966a]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-10 (Worm.Brontok) -> Delete on reboot. [6ed625d42a5f989e11ca9f972ad9d030]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-11 (Worm.Brontok) -> Delete on reboot. [c97b1cdde9a0181e06d5b581a85bae52]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-12 (Worm.Brontok) -> Delete on reboot. [162ed128fa8fa59125b61521bd46ad53]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-16 (Worm.Brontok) -> Delete on reboot. [dc68c0390d7cd462855674c2778c847c]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-17 (Worm.Brontok) -> Delete on reboot. [97ad699062270a2c64772610eb1838c8]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-19 (Worm.Brontok) -> Delete on reboot. [55ef9f5a197077bf508bea4cdd268878]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-21 (Worm.Brontok) -> Delete on reboot. [f2529d5cbdcc3df95c7fbe78897a18e8]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-27 (Worm.Brontok) -> Delete on reboot. [ee560dec8cfd5dd92daee452f112ff01]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-29 (Worm.Brontok) -> Delete on reboot. [0a3a32c7157442f4c6156ec820e30df3]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-30 (Worm.Brontok) -> Delete on reboot. [ab9902f7b5d4ac8a2ead4bebeb188878]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-31 (Worm.Brontok) -> Delete on reboot. [4103ed0c107989ad508b4fe720e3ae52]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-5 (Worm.Brontok) -> Delete on reboot. [ea5a22d71c6def472cafac8a24df3bc5]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-6 (Worm.Brontok) -> Delete on reboot. [093b7b7ee4a5c571da018da97d8621df]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-7 (Worm.Brontok) -> Delete on reboot. [063ede1b4f3a40f6b92258de61a23bc5]
C:\Users\Akay_2\AppData\Local\Bron.tok-12-8 (Worm.Brontok) -> Delete on reboot. [f25201f81b6e38fe8f4c96a019eaac54]

Files Detected: 5
C:\Users\Akay_2\Documents\Documents.exe (Trojan.Dropper) -> Delete on reboot. [b193ed0c51385dd9a461086c2dd36d93]
C:\Users\Akay_2\AppData\Local\lsass.exe (Trojan.Dropper) -> Delete on reboot. [61e38e6ba7e2989ed431d0a498682dd3]
C:\Users\Akay_2\AppData\Local\services.exe (Trojan.Dropper) -> Delete on reboot. [380c5f9a19702016c243ea8aad53ae52]
C:\Users\Akay_2\AppData\Local\winlogon.exe (Trojan.Dropper) -> Delete on reboot. [1f2554a5a9e01323fa0b185c6c9452ae]
C:\Users\Akay_2\AppData\Local\inetinfo.exe (Trojan.Dropper) -> Delete on reboot. [e2627287a2e78aaccc3996def50b7987]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

ich habe nach dem Starten des Laptops einen Problem gemeldet bekommen und zwar einen "SMART Hard Disk Error". Ich weiß jetzt nicht ob dies mit diesem Fall zusammenhängend ist. Nun werde ich den nächsten Schritt machen.

Code:

ATTFilter

17:38:27.0413 0x11bc  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
17:38:34.0167 0x11bc  ============================================================
17:38:34.0167 0x11bc  Current date / time: 2015/01/19 17:38:34.0167
17:38:34.0167 0x11bc  SystemInfo:
17:38:34.0167 0x11bc  
17:38:34.0167 0x11bc  OS Version: 6.1.7601 ServicePack: 1.0
17:38:34.0167 0x11bc  Product type: Workstation
17:38:34.0167 0x11bc  ComputerName: AKAY-HP
17:38:34.0167 0x11bc  UserName: Akay
17:38:34.0167 0x11bc  Windows directory: C:\Windows
17:38:34.0167 0x11bc  System windows directory: C:\Windows
17:38:34.0167 0x11bc  Running under WOW64
17:38:34.0167 0x11bc  Processor architecture: Intel x64
17:38:34.0167 0x11bc  Number of processors: 2
17:38:34.0167 0x11bc  Page size: 0x1000
17:38:34.0167 0x11bc  Boot type: Normal boot
17:38:34.0167 0x11bc  ============================================================
17:38:43.0666 0x11bc  KLMD registered as C:\Windows\system32\drivers\64002696.sys
17:38:45.0226 0x11bc  System UUID: {BDA0465D-F217-F397-E928-8279418437A2}
17:38:48.0748 0x11bc  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:38:48.0818 0x11bc  ============================================================
17:38:48.0818 0x11bc  \Device\Harddisk0\DR0:
17:38:48.0823 0x11bc  MBR partitions:
17:38:48.0823 0x11bc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:38:48.0823 0x11bc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22F55000
17:38:48.0824 0x11bc  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22FB9000, BlocksNum 0x2441800
17:38:48.0824 0x11bc  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
17:38:48.0824 0x11bc  ============================================================
17:38:48.0992 0x11bc  C: <-> \Device\Harddisk0\DR0\Partition2
17:38:49.0070 0x11bc  D: <-> \Device\Harddisk0\DR0\Partition3
17:38:49.0101 0x11bc  ============================================================
17:38:49.0101 0x11bc  Initialize success
17:38:49.0101 0x11bc  ============================================================
17:39:36.0262 0x105c  ============================================================
17:39:36.0262 0x105c  Scan started
17:39:36.0262 0x105c  Mode: Manual; 
17:39:36.0262 0x105c  ============================================================
17:39:36.0262 0x105c  KSN ping started
17:39:39.0383 0x105c  KSN ping finished: true
17:39:47.0526 0x105c  ================ Scan system memory ========================
17:39:47.0526 0x105c  System memory - ok
17:39:47.0526 0x105c  ================ Scan services =============================
17:39:47.0745 0x105c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:39:47.0776 0x105c  1394ohci - ok
17:39:47.0948 0x105c  [ 894EA27AAADBB8792AB67A767BD5DF62, F3D75F000DA2C9759748B3577A4DD548F6C46FB7FD5C6853B9CC4CAC86930A57 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
17:39:48.0010 0x105c  acedrv11 - ok
17:39:48.0088 0x105c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:39:48.0119 0x105c  ACPI - ok
17:39:48.0182 0x105c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:39:48.0197 0x105c  AcpiPmi - ok
17:39:48.0369 0x105c  [ CB1719E3EA00A0C114A8AD2655F43754, B38D21C4A7A83904CADEBA96A56AA5D1807C412A8E0BEFC889DF20D02941E570 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:39:48.0400 0x105c  AdobeFlashPlayerUpdateSvc - ok
17:39:48.0525 0x105c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:39:48.0665 0x105c  adp94xx - ok
17:39:48.0712 0x105c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:39:48.0852 0x105c  adpahci - ok
17:39:48.0915 0x105c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:39:48.0930 0x105c  adpu320 - ok
17:39:49.0055 0x105c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:39:49.0055 0x105c  AeLookupSvc - ok
17:39:49.0149 0x105c  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
17:39:49.0180 0x105c  AERTFilters - ok
17:39:49.0274 0x105c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:39:49.0352 0x105c  AFD - ok
17:39:49.0430 0x105c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:39:49.0430 0x105c  agp440 - ok
17:39:49.0508 0x105c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:39:49.0523 0x105c  ALG - ok
17:39:49.0632 0x105c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:39:49.0648 0x105c  aliide - ok
17:39:49.0788 0x105c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:39:49.0788 0x105c  amdide - ok
17:39:49.0929 0x105c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:39:49.0944 0x105c  AmdK8 - ok
17:39:49.0991 0x105c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:39:50.0007 0x105c  AmdPPM - ok
17:39:50.0116 0x105c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:39:50.0132 0x105c  amdsata - ok
17:39:50.0210 0x105c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:39:50.0241 0x105c  amdsbs - ok
17:39:50.0241 0x105c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:39:50.0256 0x105c  amdxata - ok
17:39:50.0600 0x105c  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:39:50.0646 0x105c  AntiVirSchedulerService - ok
17:39:50.0756 0x105c  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:39:50.0849 0x105c  AntiVirService - ok
17:39:50.0958 0x105c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
17:39:50.0974 0x105c  AppID - ok
17:39:51.0083 0x105c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:39:51.0146 0x105c  AppIDSvc - ok
17:39:51.0239 0x105c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:39:51.0239 0x105c  Appinfo - ok
17:39:51.0333 0x105c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:39:51.0348 0x105c  arc - ok
17:39:51.0380 0x105c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:39:51.0395 0x105c  arcsas - ok
17:39:51.0567 0x105c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:39:51.0645 0x105c  aspnet_state - ok
17:39:51.0676 0x105c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:39:51.0692 0x105c  AsyncMac - ok
17:39:51.0738 0x105c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:39:51.0738 0x105c  atapi - ok
17:39:51.0879 0x105c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:39:51.0941 0x105c  AudioEndpointBuilder - ok
17:39:51.0972 0x105c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:39:51.0988 0x105c  AudioSrv - ok
17:39:52.0097 0x105c  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:39:52.0113 0x105c  avgntflt - ok
17:39:52.0191 0x105c  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:39:52.0191 0x105c  avipbb - ok
17:39:52.0487 0x105c  [ 6F77BBB8FC69D26132309EB4CE7A4E0E, 39E1E20F7CE6B2A784765BB1BE3AC539EDD2889880F78D14C340129E9DB7A43E ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
17:39:52.0503 0x105c  Avira.OE.ServiceHost - ok
17:39:52.0690 0x105c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:39:52.0706 0x105c  avkmgr - ok
17:39:52.0784 0x105c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:39:52.0799 0x105c  AxInstSV - ok
17:39:52.0893 0x105c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:39:52.0924 0x105c  b06bdrv - ok
17:39:53.0033 0x105c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:39:53.0064 0x105c  b57nd60a - ok
17:39:53.0158 0x105c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:39:53.0189 0x105c  BDESVC - ok
17:39:53.0252 0x105c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:39:53.0283 0x105c  Beep - ok
17:39:53.0564 0x105c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:39:53.0642 0x105c  BFE - ok
17:39:53.0704 0x105c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:39:53.0954 0x105c  BITS - ok
17:39:54.0047 0x105c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:39:54.0047 0x105c  blbdrive - ok
17:39:54.0094 0x105c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:39:54.0110 0x105c  bowser - ok
17:39:54.0219 0x105c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:39:54.0234 0x105c  BrFiltLo - ok
17:39:54.0328 0x105c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:39:54.0328 0x105c  BrFiltUp - ok
17:39:54.0500 0x105c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:39:54.0500 0x105c  Browser - ok
17:39:54.0578 0x105c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:39:54.0593 0x105c  Brserid - ok
17:39:54.0702 0x105c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:39:54.0702 0x105c  BrSerWdm - ok
17:39:54.0780 0x105c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:39:54.0780 0x105c  BrUsbMdm - ok
17:39:54.0874 0x105c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:39:54.0874 0x105c  BrUsbSer - ok
17:39:54.0921 0x105c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:39:54.0952 0x105c  BTHMODEM - ok
17:39:54.0983 0x105c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:39:54.0999 0x105c  bthserv - ok
17:39:55.0061 0x105c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:39:55.0061 0x105c  cdfs - ok
17:39:55.0139 0x105c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:39:55.0155 0x105c  cdrom - ok
17:39:55.0248 0x105c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:39:55.0280 0x105c  CertPropSvc - ok
17:39:55.0358 0x105c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:39:55.0358 0x105c  circlass - ok
17:39:55.0420 0x105c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
17:39:55.0451 0x105c  CLFS - ok
17:39:55.0560 0x105c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:39:55.0576 0x105c  clr_optimization_v2.0.50727_32 - ok
17:39:55.0670 0x105c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:39:55.0685 0x105c  clr_optimization_v2.0.50727_64 - ok
17:39:55.0841 0x105c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:39:56.0028 0x105c  clr_optimization_v4.0.30319_32 - ok
17:39:56.0091 0x105c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:39:56.0231 0x105c  clr_optimization_v4.0.30319_64 - ok
17:39:56.0543 0x105c  clwvd - ok
17:39:56.0606 0x105c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:39:56.0621 0x105c  CmBatt - ok
17:39:56.0715 0x105c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:39:56.0730 0x105c  cmdide - ok
17:39:56.0873 0x105c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:39:56.0951 0x105c  CNG - ok
17:39:57.0046 0x105c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:39:57.0062 0x105c  Compbatt - ok
17:39:57.0124 0x105c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:39:57.0140 0x105c  CompositeBus - ok
17:39:57.0218 0x105c  COMSysApp - ok
17:39:57.0249 0x105c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:39:57.0265 0x105c  crcdisk - ok
17:39:57.0312 0x105c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:39:57.0327 0x105c  CryptSvc - ok
17:39:57.0405 0x105c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:39:57.0436 0x105c  DcomLaunch - ok
17:39:57.0577 0x105c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:39:57.0702 0x105c  defragsvc - ok
17:39:57.0795 0x105c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:39:57.0826 0x105c  DfsC - ok
17:39:57.0920 0x105c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:39:57.0936 0x105c  Dhcp - ok
17:39:57.0982 0x105c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:39:57.0982 0x105c  discache - ok
17:39:58.0029 0x105c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:39:58.0045 0x105c  Disk - ok
17:39:58.0154 0x105c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:39:58.0185 0x105c  Dnscache - ok
17:39:58.0357 0x105c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:39:58.0404 0x105c  dot3svc - ok
17:39:58.0497 0x105c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:39:58.0513 0x105c  DPS - ok
17:39:58.0684 0x105c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:39:58.0684 0x105c  drmkaud - ok
17:39:58.0778 0x105c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:39:58.0934 0x105c  DXGKrnl - ok
17:39:58.0996 0x105c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:39:58.0996 0x105c  EapHost - ok
17:39:59.0184 0x105c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:39:59.0402 0x105c  ebdrv - ok
17:39:59.0480 0x105c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
17:39:59.0496 0x105c  EFS - ok
17:39:59.0652 0x105c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:39:59.0808 0x105c  ehRecvr - ok
17:39:59.0870 0x105c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:39:59.0901 0x105c  ehSched - ok
17:40:00.0026 0x105c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:40:00.0166 0x105c  elxstor - ok
17:40:00.0260 0x105c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:40:00.0276 0x105c  ErrDev - ok
17:40:00.0416 0x105c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:40:00.0510 0x105c  EventSystem - ok
17:40:00.0603 0x105c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:40:00.0681 0x105c  exfat - ok
17:40:00.0728 0x105c  ezSharedSvc - ok
17:40:00.0759 0x105c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:40:00.0759 0x105c  fastfat - ok
17:40:00.0900 0x105c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:40:00.0978 0x105c  Fax - ok
17:40:01.0071 0x105c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:40:01.0087 0x105c  fdc - ok
17:40:01.0134 0x105c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:40:01.0149 0x105c  fdPHost - ok
17:40:01.0196 0x105c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:40:01.0227 0x105c  FDResPub - ok
17:40:01.0258 0x105c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:40:01.0274 0x105c  FileInfo - ok
17:40:01.0305 0x105c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:40:01.0305 0x105c  Filetrace - ok
17:40:01.0352 0x105c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:40:01.0368 0x105c  flpydisk - ok
17:40:01.0414 0x105c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:40:01.0446 0x105c  FltMgr - ok
17:40:01.0570 0x105c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
17:40:01.0633 0x105c  FontCache - ok
17:40:01.0680 0x105c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:40:01.0695 0x105c  FontCache3.0.0.0 - ok
17:40:01.0742 0x105c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:40:01.0758 0x105c  FsDepends - ok
17:40:01.0804 0x105c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:40:01.0820 0x105c  Fs_Rec - ok
17:40:01.0976 0x105c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:40:02.0023 0x105c  fvevol - ok
17:40:02.0163 0x105c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:40:02.0179 0x105c  gagp30kx - ok
17:40:02.0553 0x105c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:40:02.0678 0x105c  gpsvc - ok
17:40:02.0865 0x105c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:40:02.0865 0x105c  gupdate - ok
17:40:02.0896 0x105c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:40:02.0896 0x105c  gupdatem - ok
17:40:02.0974 0x105c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:40:02.0990 0x105c  hcw85cir - ok
17:40:03.0130 0x105c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:40:03.0162 0x105c  HdAudAddService - ok
17:40:03.0255 0x105c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:40:03.0271 0x105c  HDAudBus - ok
17:40:03.0411 0x105c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:40:03.0427 0x105c  HidBatt - ok
17:40:03.0598 0x105c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:40:03.0598 0x105c  HidBth - ok
17:40:03.0692 0x105c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:40:03.0692 0x105c  HidIr - ok
17:40:03.0754 0x105c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:40:03.0770 0x105c  hidserv - ok
17:40:03.0926 0x105c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:40:03.0942 0x105c  HidUsb - ok
17:40:04.0020 0x105c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:40:04.0035 0x105c  hkmsvc - ok
17:40:04.0098 0x105c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:40:04.0176 0x105c  HomeGroupListener - ok
17:40:04.0269 0x105c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:40:04.0285 0x105c  HomeGroupProvider - ok
17:40:04.0441 0x105c  [ 37965381364B2E106E1DD7D74CDCAA43, 94C30FA88140E802A549549856145824122F138C2697301CDCAAEEEEA3858E12 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:40:04.0456 0x105c  HP Health Check Service - ok
17:40:04.0737 0x105c  [ C930128C8F8FF03D8F8C42B570920D56, 6D44373F466A580EFB9866FA4FACB4951C522893C2A1877ED0E462460B90E241 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
17:40:04.0768 0x105c  HP Wireless Assistant Service - ok
17:40:04.0924 0x105c  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:40:04.0971 0x105c  HPClientSvc - ok
17:40:05.0112 0x105c  [ F323230C391771611BBE9363B88C3E3E, 28850F30E2A70AE5A3A880302A8307D8B30A7F5E25041A1DD88E9707D74AEC47 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:40:05.0127 0x105c  HPDrvMntSvc.exe - ok
17:40:05.0221 0x105c  [ 5311386F0EC157D155BB07A1D420FB4D, CEBDC022DE0444F30A6C706AA038BECA148A2EA59C2E4FBE6E3A7F7F2A58915D ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:40:05.0299 0x105c  hpqwmiex - ok
17:40:05.0361 0x105c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:40:05.0377 0x105c  HpSAMD - ok
17:40:05.0486 0x105c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:40:05.0580 0x105c  HTTP - ok
17:40:05.0642 0x105c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:40:05.0658 0x105c  hwpolicy - ok
17:40:05.0736 0x105c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:40:05.0751 0x105c  i8042prt - ok
17:40:05.0876 0x105c  [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:40:05.0907 0x105c  iaStor - ok
17:40:05.0970 0x105c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:40:05.0985 0x105c  iaStorV - ok
17:40:06.0110 0x105c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:40:06.0297 0x105c  idsvc - ok
17:40:06.0469 0x105c  IEEtwCollectorService - ok
17:40:06.0968 0x105c  [ 898AB5BFED7040D7AB07AF01885EB944, 72B140D6A62A8AF9439FA7061D8014EE7D1D49EC9EE6524881749A7C85926721 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:40:07.0514 0x105c  igfx - ok
17:40:07.0592 0x105c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:40:07.0592 0x105c  iirsp - ok
17:40:07.0701 0x105c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:40:07.0732 0x105c  IKEEXT - ok
17:40:07.0888 0x105c  [ D311E2DD59A34079D89C249B2A4D9FDB, F2DB1DBD5619A48545434983DDB5260A610F22B37E1D81720B688FEF95C9AD07 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:40:08.0076 0x105c  IntcAzAudAddService - ok
17:40:08.0154 0x105c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:40:08.0169 0x105c  intelide - ok
17:40:08.0247 0x105c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:40:08.0263 0x105c  intelppm - ok
17:40:08.0356 0x105c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:40:08.0388 0x105c  IPBusEnum - ok
17:40:08.0575 0x105c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:40:08.0590 0x105c  IpFilterDriver - ok
17:40:08.0653 0x105c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:40:08.0668 0x105c  iphlpsvc - ok
17:40:08.0762 0x105c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:40:08.0778 0x105c  IPMIDRV - ok
17:40:08.0871 0x105c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:40:08.0887 0x105c  IPNAT - ok
17:40:08.0918 0x105c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:40:08.0918 0x105c  IRENUM - ok
17:40:08.0965 0x105c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:40:08.0965 0x105c  isapnp - ok
17:40:09.0044 0x105c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:40:09.0075 0x105c  iScsiPrt - ok
17:40:09.0122 0x105c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:40:09.0137 0x105c  kbdclass - ok
17:40:09.0278 0x105c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:40:09.0278 0x105c  kbdhid - ok
17:40:09.0340 0x105c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
17:40:09.0340 0x105c  KeyIso - ok
17:40:09.0387 0x105c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:40:09.0403 0x105c  KSecDD - ok
17:40:09.0449 0x105c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:40:09.0465 0x105c  KSecPkg - ok
17:40:09.0527 0x105c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:40:09.0527 0x105c  ksthunk - ok
17:40:09.0574 0x105c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:40:09.0590 0x105c  KtmRm - ok
17:40:09.0683 0x105c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:40:09.0699 0x105c  LanmanServer - ok
17:40:09.0730 0x105c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:40:09.0761 0x105c  LanmanWorkstation - ok
17:40:09.0824 0x105c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:40:09.0839 0x105c  lltdio - ok
17:40:09.0902 0x105c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:40:09.0949 0x105c  lltdsvc - ok
17:40:09.0995 0x105c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:40:09.0995 0x105c  lmhosts - ok
17:40:10.0027 0x105c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:40:10.0042 0x105c  LSI_FC - ok
17:40:10.0073 0x105c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:40:10.0089 0x105c  LSI_SAS - ok
17:40:10.0120 0x105c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:40:10.0136 0x105c  LSI_SAS2 - ok
17:40:10.0151 0x105c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:40:10.0151 0x105c  LSI_SCSI - ok
17:40:10.0214 0x105c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:40:10.0214 0x105c  luafv - ok
17:40:10.0276 0x105c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:40:10.0292 0x105c  Mcx2Svc - ok
17:40:10.0339 0x105c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:40:10.0339 0x105c  megasas - ok
17:40:10.0432 0x105c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:40:10.0479 0x105c  MegaSR - ok
17:40:10.0510 0x105c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:40:10.0526 0x105c  MMCSS - ok
17:40:10.0604 0x105c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:40:10.0619 0x105c  Modem - ok
17:40:10.0682 0x105c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:40:10.0697 0x105c  monitor - ok
17:40:10.0729 0x105c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:40:10.0729 0x105c  mouclass - ok
17:40:10.0775 0x105c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:40:10.0791 0x105c  mouhid - ok
17:40:10.0838 0x105c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:40:10.0853 0x105c  mountmgr - ok
17:40:10.0978 0x105c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:40:10.0994 0x105c  mpio - ok
17:40:11.0103 0x105c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:40:11.0103 0x105c  mpsdrv - ok
17:40:11.0165 0x105c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:40:11.0212 0x105c  MpsSvc - ok
17:40:11.0368 0x105c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:40:11.0384 0x105c  MRxDAV - ok
17:40:11.0446 0x105c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:40:11.0462 0x105c  mrxsmb - ok
17:40:11.0493 0x105c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:40:11.0618 0x105c  mrxsmb10 - ok
17:40:11.0727 0x105c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:40:11.0743 0x105c  mrxsmb20 - ok
17:40:11.0805 0x105c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:40:11.0821 0x105c  msahci - ok
17:40:11.0914 0x105c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:40:11.0930 0x105c  msdsm - ok
17:40:11.0977 0x105c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:40:11.0992 0x105c  MSDTC - ok
17:40:12.0039 0x105c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:40:12.0055 0x105c  Msfs - ok
17:40:12.0070 0x105c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:40:12.0070 0x105c  mshidkmdf - ok
17:40:12.0101 0x105c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:40:12.0117 0x105c  msisadrv - ok
17:40:12.0148 0x105c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:40:12.0179 0x105c  MSiSCSI - ok
17:40:12.0179 0x105c  msiserver - ok
17:40:12.0211 0x105c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:40:12.0211 0x105c  MSKSSRV - ok
17:40:12.0226 0x105c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:40:12.0226 0x105c  MSPCLOCK - ok
17:40:12.0289 0x105c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:40:12.0460 0x105c  MSPQM - ok
17:40:12.0507 0x105c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:40:12.0538 0x105c  MsRPC - ok
17:40:12.0569 0x105c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:40:12.0585 0x105c  mssmbios - ok
17:40:12.0601 0x105c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:40:12.0616 0x105c  MSTEE - ok
17:40:12.0647 0x105c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:40:12.0647 0x105c  MTConfig - ok
17:40:12.0679 0x105c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:40:12.0694 0x105c  Mup - ok
17:40:12.0741 0x105c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:40:12.0772 0x105c  napagent - ok
17:40:12.0803 0x105c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:40:12.0835 0x105c  NativeWifiP - ok
17:40:12.0913 0x105c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:40:12.0944 0x105c  NDIS - ok
17:40:13.0053 0x105c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:40:13.0069 0x105c  NdisCap - ok
17:40:13.0084 0x105c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:40:13.0100 0x105c  NdisTapi - ok
17:40:13.0225 0x105c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:40:13.0240 0x105c  Ndisuio - ok
17:40:13.0303 0x105c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:40:13.0334 0x105c  NdisWan - ok
17:40:13.0381 0x105c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:40:13.0396 0x105c  NDProxy - ok
17:40:13.0443 0x105c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:40:13.0459 0x105c  NetBIOS - ok
17:40:13.0521 0x105c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:40:13.0552 0x105c  NetBT - ok
17:40:13.0615 0x105c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
17:40:13.0615 0x105c  Netlogon - ok
17:40:13.0677 0x105c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:40:13.0693 0x105c  Netman - ok
17:40:13.0786 0x105c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:40:13.0864 0x105c  NetMsmqActivator - ok
17:40:13.0880 0x105c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:40:13.0880 0x105c  NetPipeActivator - ok
17:40:13.0989 0x105c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:40:14.0036 0x105c  netprofm - ok
17:40:14.0114 0x105c  [ AA1D8F9DE032BE4E8303AF33368FDFC8, D5D24EDA2D572A8A078C23BA19FEDCB648674A91D3DEDA2B6023B0C720B7397B ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
17:40:14.0192 0x105c  netr28x - ok
17:40:14.0285 0x105c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:40:14.0363 0x105c  NetTcpActivator - ok
17:40:14.0410 0x105c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:40:14.0410 0x105c  NetTcpPortSharing - ok
17:40:14.0660 0x105c  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
17:40:15.0065 0x105c  netw5v64 - ok
17:40:15.0471 0x105c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:40:15.0487 0x105c  nfrd960 - ok
17:40:15.0580 0x105c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:40:15.0611 0x105c  NlaSvc - ok
17:40:15.0721 0x105c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:40:15.0736 0x105c  Npfs - ok
17:40:15.0799 0x105c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:40:15.0799 0x105c  nsi - ok
17:40:15.0830 0x105c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:40:15.0830 0x105c  nsiproxy - ok
17:40:15.0986 0x105c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:40:16.0282 0x105c  Ntfs - ok
17:40:16.0407 0x105c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:40:16.0423 0x105c  Null - ok
17:40:16.0469 0x105c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:40:16.0485 0x105c  nvraid - ok
17:40:16.0594 0x105c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:40:16.0610 0x105c  nvstor - ok
17:40:16.0735 0x105c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:40:16.0750 0x105c  nv_agp - ok
17:40:16.0828 0x105c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:40:16.0828 0x105c  ohci1394 - ok
17:40:16.0984 0x105c  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:40:17.0000 0x105c  ose - ok
17:40:17.0093 0x105c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:40:17.0140 0x105c  p2pimsvc - ok
17:40:17.0187 0x105c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:40:17.0218 0x105c  p2psvc - ok
17:40:17.0249 0x105c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:40:17.0265 0x105c  Parport - ok
17:40:17.0327 0x105c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:40:17.0343 0x105c  partmgr - ok
17:40:17.0405 0x105c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:40:17.0421 0x105c  PcaSvc - ok
17:40:17.0483 0x105c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:40:17.0515 0x105c  pci - ok
17:40:17.0561 0x105c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:40:17.0561 0x105c  pciide - ok
17:40:17.0608 0x105c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:40:17.0624 0x105c  pcmcia - ok
17:40:17.0671 0x105c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:40:17.0686 0x105c  pcw - ok
17:40:17.0717 0x105c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:40:17.0764 0x105c  PEAUTH - ok
17:40:17.0858 0x105c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:40:17.0873 0x105c  PerfHost - ok
17:40:18.0029 0x105c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:40:18.0263 0x105c  pla - ok
17:40:18.0341 0x105c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:40:18.0373 0x105c  PlugPlay - ok
17:40:18.0419 0x105c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:40:18.0435 0x105c  PNRPAutoReg - ok
17:40:18.0482 0x105c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:40:18.0497 0x105c  PNRPsvc - ok
17:40:18.0591 0x105c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:40:18.0669 0x105c  PolicyAgent - ok
17:40:18.0747 0x105c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:40:18.0778 0x105c  Power - ok
17:40:18.0841 0x105c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:40:18.0856 0x105c  PptpMiniport - ok
17:40:18.0903 0x105c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:40:18.0903 0x105c  Processor - ok
17:40:18.0981 0x105c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:40:18.0981 0x105c  ProfSvc - ok
17:40:19.0028 0x105c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:40:19.0028 0x105c  ProtectedStorage - ok
17:40:19.0059 0x105c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:40:19.0075 0x105c  Psched - ok
17:40:19.0184 0x105c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:40:19.0355 0x105c  ql2300 - ok
17:40:19.0449 0x105c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:40:19.0465 0x105c  ql40xx - ok
17:40:19.0589 0x105c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:40:19.0605 0x105c  QWAVE - ok
17:40:19.0652 0x105c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:40:19.0652 0x105c  QWAVEdrv - ok
17:40:19.0667 0x105c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:40:19.0667 0x105c  RasAcd - ok
17:40:19.0730 0x105c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:40:19.0745 0x105c  RasAgileVpn - ok
17:40:19.0808 0x105c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:40:19.0823 0x105c  RasAuto - ok
17:40:19.0933 0x105c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:40:19.0948 0x105c  Rasl2tp - ok
17:40:20.0042 0x105c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:40:20.0151 0x105c  RasMan - ok
17:40:20.0213 0x105c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:40:20.0229 0x105c  RasPppoe - ok
17:40:20.0245 0x105c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:40:20.0260 0x105c  RasSstp - ok
17:40:20.0354 0x105c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:40:20.0385 0x105c  rdbss - ok
17:40:20.0447 0x105c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:40:20.0447 0x105c  rdpbus - ok
17:40:20.0510 0x105c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:40:20.0510 0x105c  RDPCDD - ok
17:40:20.0572 0x105c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:40:20.0572 0x105c  RDPENCDD - ok
17:40:20.0603 0x105c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:40:20.0603 0x105c  RDPREFMP - ok
17:40:20.0650 0x105c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:40:20.0666 0x105c  RDPWD - ok
17:40:20.0791 0x105c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:40:20.0822 0x105c  rdyboost - ok
17:40:20.0900 0x105c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:40:20.0915 0x105c  RemoteAccess - ok
17:40:20.0962 0x105c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:40:20.0978 0x105c  RemoteRegistry - ok
17:40:21.0009 0x105c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:40:21.0009 0x105c  RpcEptMapper - ok
17:40:21.0149 0x105c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:40:21.0149 0x105c  RpcLocator - ok
17:40:21.0227 0x105c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:40:21.0243 0x105c  RpcSs - ok
17:40:21.0305 0x105c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:40:21.0305 0x105c  rspndr - ok
17:40:21.0368 0x105c  [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:40:21.0383 0x105c  RTL8167 - ok
17:40:21.0493 0x105c  [ 4EA7E5DF0CB237156176FA0349E6E87F, 542C5291369009FD9B52B5939E3B55E4CC37056E03815986CA1C1EFCFB52F5D6 ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
17:40:21.0571 0x105c  RtVOsdService - ok
17:40:21.0633 0x105c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
17:40:21.0633 0x105c  SamSs - ok
17:40:21.0758 0x105c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:40:21.0773 0x105c  sbp2port - ok
17:40:21.0820 0x105c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:40:21.0851 0x105c  SCardSvr - ok
17:40:21.0914 0x105c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:40:21.0929 0x105c  scfilter - ok
17:40:22.0101 0x105c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:40:22.0179 0x105c  Schedule - ok
17:40:22.0288 0x105c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:40:22.0288 0x105c  SCPolicySvc - ok
17:40:22.0366 0x105c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
17:40:22.0382 0x105c  sdbus - ok
17:40:22.0569 0x105c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:40:22.0616 0x105c  SDRSVC - ok
17:40:22.0709 0x105c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:40:22.0709 0x105c  secdrv - ok
17:40:22.0741 0x105c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:40:22.0756 0x105c  seclogon - ok
17:40:22.0787 0x105c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:40:22.0787 0x105c  SENS - ok
17:40:22.0850 0x105c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:40:22.0865 0x105c  SensrSvc - ok
17:40:22.0928 0x105c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:40:22.0928 0x105c  Serenum - ok
17:40:23.0053 0x105c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:40:23.0068 0x105c  Serial - ok
17:40:23.0115 0x105c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:40:23.0115 0x105c  sermouse - ok
17:40:23.0209 0x105c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:40:23.0224 0x105c  SessionEnv - ok
17:40:23.0271 0x105c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:40:23.0302 0x105c  sffdisk - ok
17:40:23.0365 0x105c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:40:23.0365 0x105c  sffp_mmc - ok
17:40:23.0411 0x105c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:40:23.0427 0x105c  sffp_sd - ok
17:40:23.0505 0x105c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:40:23.0521 0x105c  sfloppy - ok
17:40:23.0599 0x105c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:40:23.0630 0x105c  SharedAccess - ok
17:40:23.0755 0x105c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:40:23.0770 0x105c  ShellHWDetection - ok
17:40:23.0817 0x105c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:40:23.0833 0x105c  SiSRaid2 - ok
17:40:23.0942 0x105c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:40:23.0957 0x105c  SiSRaid4 - ok
17:40:24.0113 0x105c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:40:24.0129 0x105c  Smb - ok
17:40:24.0285 0x105c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:40:24.0628 0x105c  SNMPTRAP - ok
17:40:24.0675 0x105c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:40:24.0691 0x105c  spldr - ok
17:40:24.0800 0x105c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:40:24.0878 0x105c  Spooler - ok
17:40:25.0112 0x105c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:40:25.0689 0x105c  sppsvc - ok
17:40:25.0736 0x105c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:40:25.0767 0x105c  sppuinotify - ok
17:40:25.0892 0x105c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:40:26.0079 0x105c  srv - ok
17:40:26.0126 0x105c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:40:26.0157 0x105c  srv2 - ok
17:40:26.0235 0x105c  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:40:26.0266 0x105c  SrvHsfHDA - ok
17:40:26.0344 0x105c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:40:26.0547 0x105c  SrvHsfV92 - ok
17:40:26.0609 0x105c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:40:26.0656 0x105c  SrvHsfWinac - ok
17:40:26.0765 0x105c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:40:26.0797 0x105c  srvnet - ok
17:40:26.0859 0x105c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:40:26.0906 0x105c  SSDPSRV - ok
17:40:26.0906 0x105c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:40:26.0921 0x105c  SstpSvc - ok
17:40:27.0046 0x105c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:40:27.0062 0x105c  stexstor - ok
17:40:27.0253 0x105c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:40:27.0315 0x105c  stisvc - ok
17:40:27.0347 0x105c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:40:27.0347 0x105c  swenum - ok
17:40:27.0518 0x105c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:40:27.0596 0x105c  swprv - ok
17:40:27.0690 0x105c  [ 961CFAC2A5318E212F459D651F28E0A4, 4FA1C9E3BD527E3B5AE9268955C48FDE8E75F33C333DC0AE768DAFE1F49D0B1B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:40:27.0768 0x105c  SynTP - ok
17:40:27.0924 0x105c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:40:28.0002 0x105c  SysMain - ok
17:40:28.0095 0x105c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:40:28.0111 0x105c  TabletInputService - ok
17:40:28.0236 0x105c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:40:28.0283 0x105c  TapiSrv - ok
17:40:28.0345 0x105c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:40:28.0376 0x105c  TBS - ok
17:40:28.0517 0x105c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:40:28.0829 0x105c  Tcpip - ok
17:40:28.0922 0x105c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:40:28.0953 0x105c  TCPIP6 - ok
17:40:29.0000 0x105c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:40:29.0016 0x105c  tcpipreg - ok
17:40:29.0078 0x105c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:40:29.0078 0x105c  TDPIPE - ok
17:40:29.0125 0x105c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:40:29.0141 0x105c  TDTCP - ok
17:40:29.0203 0x105c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:40:29.0219 0x105c  tdx - ok
17:40:29.0265 0x105c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:40:29.0281 0x105c  TermDD - ok
17:40:29.0375 0x105c  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
17:40:29.0421 0x105c  TermService - ok
17:40:29.0468 0x105c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:40:29.0468 0x105c  Themes - ok
17:40:29.0562 0x105c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:40:29.0562 0x105c  THREADORDER - ok
17:40:29.0609 0x105c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:40:29.0624 0x105c  TrkWks - ok
17:40:29.0749 0x105c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:40:29.0765 0x105c  TrustedInstaller - ok
17:40:29.0827 0x105c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:40:29.0827 0x105c  tssecsrv - ok
17:40:29.0921 0x105c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:40:29.0936 0x105c  TsUsbFlt - ok
17:40:30.0092 0x105c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:40:30.0108 0x105c  tunnel - ok
17:40:30.0170 0x105c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:40:30.0170 0x105c  uagp35 - ok
17:40:30.0248 0x105c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:40:30.0264 0x105c  udfs - ok
17:40:30.0311 0x105c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:40:30.0326 0x105c  UI0Detect - ok
17:40:30.0404 0x105c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:40:30.0420 0x105c  uliagpkx - ok
17:40:30.0545 0x105c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
17:40:30.0560 0x105c  umbus - ok
17:40:30.0607 0x105c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:40:30.0623 0x105c  UmPass - ok
17:40:30.0701 0x105c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:40:30.0779 0x105c  upnphost - ok
17:40:30.0888 0x105c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:40:30.0888 0x105c  usbccgp - ok
17:40:31.0028 0x105c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:40:31.0044 0x105c  usbcir - ok
17:40:31.0075 0x105c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:40:31.0075 0x105c  usbehci - ok
17:40:31.0169 0x105c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:40:31.0200 0x105c  usbhub - ok
17:40:31.0231 0x105c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:40:31.0247 0x105c  usbohci - ok
17:40:31.0278 0x105c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:40:31.0278 0x105c  usbprint - ok
17:40:31.0387 0x105c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:40:31.0403 0x105c  USBSTOR - ok
17:40:31.0605 0x105c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:40:31.0621 0x105c  usbuhci - ok
17:40:31.0746 0x105c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:40:31.0871 0x105c  usbvideo - ok
17:40:31.0949 0x105c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:40:31.0949 0x105c  UxSms - ok
17:40:31.0980 0x105c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
17:40:31.0995 0x105c  VaultSvc - ok
17:40:32.0136 0x105c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:40:32.0151 0x105c  vdrvroot - ok
17:40:32.0292 0x105c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:40:32.0323 0x105c  vds - ok
17:40:32.0370 0x105c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:40:32.0385 0x105c  vga - ok
17:40:32.0448 0x105c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:40:32.0448 0x105c  VgaSave - ok
17:40:32.0541 0x105c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:40:32.0557 0x105c  vhdmp - ok
17:40:32.0666 0x105c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:40:32.0666 0x105c  viaide - ok
17:40:32.0729 0x105c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:40:32.0744 0x105c  volmgr - ok
17:40:32.0885 0x105c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:40:33.0072 0x105c  volmgrx - ok
17:40:33.0119 0x105c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:40:33.0134 0x105c  volsnap - ok
17:40:33.0197 0x105c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:40:33.0228 0x105c  vsmraid - ok
17:40:33.0353 0x105c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:40:33.0509 0x105c  VSS - ok
17:40:33.0555 0x105c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:40:33.0555 0x105c  vwifibus - ok
17:40:33.0758 0x105c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:40:33.0774 0x105c  vwififlt - ok
17:40:33.0852 0x105c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:40:33.0883 0x105c  W32Time - ok
17:40:33.0914 0x105c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:40:33.0930 0x105c  WacomPen - ok
17:40:34.0086 0x105c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:40:34.0101 0x105c  WANARP - ok
17:40:34.0148 0x105c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:40:34.0148 0x105c  Wanarpv6 - ok
17:40:34.0398 0x105c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:40:34.0554 0x105c  wbengine - ok
17:40:34.0585 0x105c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:40:34.0663 0x105c  WbioSrvc - ok
17:40:34.0741 0x105c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:40:34.0788 0x105c  wcncsvc - ok
17:40:34.0835 0x105c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:40:34.0850 0x105c  WcsPlugInService - ok
17:40:34.0897 0x105c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:40:34.0897 0x105c  Wd - ok
17:40:35.0162 0x105c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:40:35.0334 0x105c  Wdf01000 - ok
17:40:35.0412 0x105c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:40:35.0427 0x105c  WdiServiceHost - ok
17:40:35.0427 0x105c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:40:35.0443 0x105c  WdiSystemHost - ok
17:40:35.0490 0x105c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:40:35.0552 0x105c  WebClient - ok
17:40:35.0583 0x105c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:40:35.0708 0x105c  Wecsvc - ok
17:40:35.0755 0x105c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:40:35.0771 0x105c  wercplsupport - ok
17:40:35.0802 0x105c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:40:35.0817 0x105c  WerSvc - ok
17:40:35.0880 0x105c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:40:35.0880 0x105c  WfpLwf - ok
17:40:35.0911 0x105c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:40:35.0927 0x105c  WIMMount - ok
17:40:35.0973 0x105c  WinDefend - ok
17:40:35.0989 0x105c  WinHttpAutoProxySvc - ok
17:40:36.0098 0x105c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:40:36.0098 0x105c  Winmgmt - ok
17:40:36.0332 0x105c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:40:36.0769 0x105c  WinRM - ok
17:40:36.0956 0x105c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:40:36.0956 0x105c  WinUsb - ok
17:40:37.0159 0x105c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:40:37.0206 0x105c  Wlansvc - ok
17:40:37.0377 0x105c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:40:37.0565 0x105c  wlidsvc - ok
17:40:37.0721 0x105c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:40:37.0721 0x105c  WmiAcpi - ok
17:40:37.0830 0x105c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:40:37.0877 0x105c  wmiApSrv - ok
17:40:37.0939 0x105c  WMPNetworkSvc - ok
17:40:37.0970 0x105c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:40:37.0986 0x105c  WPCSvc - ok
17:40:38.0064 0x105c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:40:38.0095 0x105c  WPDBusEnum - ok
17:40:38.0157 0x105c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:40:38.0157 0x105c  ws2ifsl - ok
17:40:38.0204 0x105c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:40:38.0220 0x105c  wscsvc - ok
17:40:38.0220 0x105c  WSearch - ok
17:40:38.0376 0x105c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:40:38.0579 0x105c  wuauserv - ok
17:40:38.0625 0x105c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:40:38.0641 0x105c  WudfPf - ok
17:40:38.0735 0x105c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:40:38.0735 0x105c  WUDFRd - ok
17:40:38.0844 0x105c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:40:38.0859 0x105c  wudfsvc - ok
17:40:38.0937 0x105c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:40:39.0015 0x105c  WwanSvc - ok
17:40:39.0140 0x105c  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
17:40:39.0234 0x105c  yukonw7 - ok
17:40:39.0249 0x105c  ================ Scan global ===============================
17:40:39.0281 0x105c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:40:39.0390 0x105c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:40:39.0421 0x105c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:40:39.0468 0x105c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:40:39.0546 0x105c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:40:39.0577 0x105c  [ Global ] - ok
17:40:39.0577 0x105c  ================ Scan MBR ==================================
17:40:39.0624 0x105c  [ 4A5110417114F8E1FA2D7698FACD45D7 ] \Device\Harddisk0\DR0
17:40:40.0092 0x105c  \Device\Harddisk0\DR0 - ok
17:40:40.0092 0x105c  ================ Scan VBR ==================================
17:40:40.0092 0x105c  [ 469B92F995ACE72408071C1356C00D69 ] \Device\Harddisk0\DR0\Partition1
17:40:40.0092 0x105c  \Device\Harddisk0\DR0\Partition1 - ok
17:40:40.0107 0x105c  [ 341F89950FB6AFDC924FF301A7D2A975 ] \Device\Harddisk0\DR0\Partition2
17:40:40.0107 0x105c  \Device\Harddisk0\DR0\Partition2 - ok
17:40:40.0123 0x105c  [ 4FDA671AD6EA8798AF8D220124DBDE4C ] \Device\Harddisk0\DR0\Partition3
17:40:40.0123 0x105c  \Device\Harddisk0\DR0\Partition3 - ok
17:40:40.0123 0x105c  [ 194FEB56BC1D191075BC683AC1A8C6BF ] \Device\Harddisk0\DR0\Partition4
17:40:40.0123 0x105c  \Device\Harddisk0\DR0\Partition4 - ok
17:40:40.0123 0x105c  ================ Scan generic autorun ======================
17:40:40.0123 0x105c  SynTPEnh - ok
17:40:40.0201 0x105c  [ A8BE544E3E2A8D85B18CA6CF306EACC6, BC1C0E556B59353BB1A6C75ECC6F3591DB0367878A3EAC8C53297EA53D925647 ] C:\Windows\system32\igfxtray.exe
17:40:40.0232 0x105c  IgfxTray - ok
17:40:40.0248 0x105c  [ 8E70D7F6B132567F855267812E4F4624, FD0B104B936A9F4F78F2252557E44604B20E3D6940A17683988F92FEA3A350A5 ] C:\Windows\system32\hkcmd.exe
17:40:40.0279 0x105c  HotKeysCmds - ok
17:40:40.0747 0x105c  [ 8CE511C2655C85DDAAD4243259C62903, 5909F5A364F23323E89EBD6E31B035AF5CE7A2D6472BF752362FD47C5EE61C75 ] C:\Windows\system32\igfxpers.exe
17:40:41.0121 0x105c  Persistence - ok
17:40:41.0418 0x105c  [ CB16979C9BB4E10E17A2B67349B40E5A, A309A13028E1C98E170105665F205D33538B6E7342A44D3CE574BCAD8EC78969 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:40:41.0917 0x105c  RTHDVCPL - ok
17:40:42.0026 0x105c  [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
17:40:42.0057 0x105c  HPWirelessAssistant - ok
17:40:42.0198 0x105c  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:40:42.0401 0x105c  Adobe ARM - ok
17:40:42.0479 0x105c  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
17:40:42.0541 0x105c  Adobe Reader Speed Launcher - ok
17:40:42.0759 0x105c  [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:40:42.0993 0x105c  avgnt - ok
17:40:43.0243 0x105c  [ BA18CFAB98426BFA6D6EC7E5B1961ED0, 540BF2CFDB099296F2AA24D192EFC5B013C88C0152763454521355ACBB50337D ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
17:40:43.0290 0x105c  Avira Systray - ok
17:40:43.0415 0x105c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:40:43.0539 0x105c  Sidebar - ok
17:40:43.0633 0x105c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:40:43.0649 0x105c  mctadmin - ok
17:40:43.0695 0x105c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:40:43.0711 0x105c  Sidebar - ok
17:40:43.0727 0x105c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:40:43.0727 0x105c  mctadmin - ok
17:40:43.0727 0x105c  LightScribe Control Panel - ok
17:40:43.0727 0x105c  LightScribe Control Panel - ok
17:40:43.0898 0x105c  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Akay_2\AppData\Local\Facebook\Update\FacebookUpdate.exe
17:40:43.0945 0x105c  Facebook Update - ok
17:40:43.0945 0x105c  Waiting for KSN requests completion. In queue: 73
17:40:44.0959 0x105c  Waiting for KSN requests completion. In queue: 73
17:40:45.0973 0x105c  Waiting for KSN requests completion. In queue: 73
17:40:46.0987 0x105c  Waiting for KSN requests completion. In queue: 73
17:40:48.0672 0x105c  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
17:40:48.0765 0x105c  Win FW state via NFP2: enabled
17:40:51.0745 0x105c  ============================================================
17:40:51.0745 0x105c  Scan finished
17:40:51.0745 0x105c  ============================================================
17:40:51.0761 0x11c8  Detected object count: 0
17:40:51.0761 0x11c8  Actual detected object count: 0
17:42:09.0656 0x0e0c  Deinitialize success

schrauber · 19.01.2015, 20:25

Nett......

Bitte nochmal rebooten, dann nochmal MBAR.

WolfsHawk · 19.01.2015, 21:38

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2015.01.19.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17358
Akay :: AKAY-HP [administrator]

19.01.2015 20:44:47
mbar-log-2015-01-19 (20-44-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 413108
Time elapsed: 51 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

schrauber · 20.01.2015, 12:06

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

WolfsHawk · 20.01.2015, 12:54

[CODECombofix Logfile:

Code:

ATTFilter

ComboFix 15-01-18.01 - Akay 20.01.2015  12:30:25.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.1979.776 [GMT 1:00]
ausgeführt von:: c:\users\Akay\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Akay\AppData\Local\Kosong.Bron.Tok.txt
c:\users\Akay\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Akay\AppData\Local\Update.12.Bron.Tok.bin
c:\users\Akay_2\AppData\Local\Bron.tok.A12.em.bin
c:\users\Akay_2\AppData\Local\Kosong.Bron.Tok.txt
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-12-20 bis 2015-01-20  ))))))))))))))))))))))))))))))
.
.
2015-01-20 11:15 . 2014-12-15 03:13	11870360	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{41C41EEB-F0C8-46B9-A43E-34CC8FA4EAAF}\mpengine.dll
2015-01-20 10:39 . 2015-01-20 10:39	--------	d-----w-	c:\windows\system32\appraiser
2015-01-20 10:20 . 2014-07-07 02:06	206848	----a-w-	c:\windows\system32\mfps.dll
2015-01-20 10:20 . 2014-07-07 02:06	55808	----a-w-	c:\windows\system32\rrinstaller.exe
2015-01-20 10:20 . 2014-07-07 02:06	24576	----a-w-	c:\windows\system32\mfpmp.exe
2015-01-20 10:20 . 2014-07-07 02:02	2048	----a-w-	c:\windows\system32\mferror.dll
2015-01-20 10:20 . 2014-07-07 01:40	103424	----a-w-	c:\windows\SysWow64\mfps.dll
2015-01-20 10:20 . 2014-07-07 01:39	50176	----a-w-	c:\windows\SysWow64\rrinstaller.exe
2015-01-20 10:20 . 2014-07-07 01:39	23040	----a-w-	c:\windows\SysWow64\mfpmp.exe
2015-01-20 10:20 . 2014-07-07 01:37	2048	----a-w-	c:\windows\SysWow64\mferror.dll
2015-01-20 10:20 . 2014-10-18 02:05	4121600	----a-w-	c:\windows\system32\mf.dll
2015-01-20 10:20 . 2014-10-18 01:33	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2015-01-19 19:43 . 2015-01-19 20:37	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-19 15:17 . 2015-01-19 15:17	--------	d-----w-	c:\programdata\Malwarebytes
2015-01-19 15:16 . 2015-01-19 19:43	135384	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-19 15:12 . 2015-01-19 19:43	96472	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-01-19 11:48 . 2015-01-19 12:01	--------	d-----w-	C:\FRST
2015-01-19 11:42 . 2014-12-06 04:17	303616	----a-w-	c:\windows\system32\nlasvc.dll
2015-01-19 11:42 . 2014-12-06 03:50	52224	----a-w-	c:\windows\SysWow64\nlaapi.dll
2015-01-19 11:42 . 2014-12-06 03:50	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2015-01-19 11:42 . 2014-12-19 01:46	141312	----a-w-	c:\windows\system32\drivers\mrxdav.sys
2015-01-19 11:42 . 2014-11-11 03:09	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-01-19 11:42 . 2014-11-11 02:44	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2015-01-19 11:42 . 2014-08-21 06:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-01-19 11:42 . 2014-08-21 06:40	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-01-19 11:42 . 2014-08-21 06:26	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-01-19 11:42 . 2014-08-21 06:23	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2015-01-19 11:42 . 2014-11-11 01:46	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2015-01-19 11:40 . 2014-08-12 02:02	878080	----a-w-	c:\windows\system32\IMJP10K.DLL
2015-01-19 11:40 . 2014-08-12 01:36	701440	----a-w-	c:\windows\SysWow64\IMJP10K.DLL
2015-01-19 11:40 . 2014-11-11 03:08	728064	----a-w-	c:\windows\system32\kerberos.dll
2015-01-19 11:40 . 2014-11-11 02:44	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2015-01-19 11:40 . 2014-10-14 02:12	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2015-01-19 11:40 . 2014-11-11 03:08	241152	----a-w-	c:\windows\system32\pku2u.dll
2015-01-19 11:40 . 2014-11-11 02:44	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2015-01-19 11:40 . 2014-10-14 02:16	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2015-01-19 11:38 . 2014-12-12 05:31	50176	----a-w-	c:\windows\system32\srclient.dll
2015-01-19 11:38 . 2014-12-12 05:07	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-01-19 11:38 . 2014-11-08 03:16	2048	----a-w-	c:\windows\system32\tzres.dll
2015-01-19 11:38 . 2014-11-08 02:45	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2015-01-19 11:37 . 2014-09-19 09:42	342016	----a-w-	c:\windows\system32\schannel.dll
2015-01-19 11:37 . 2014-09-19 09:42	309760	----a-w-	c:\windows\system32\ncrypt.dll
2015-01-19 11:37 . 2014-09-19 09:23	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2015-01-19 11:37 . 2014-09-19 09:23	221184	----a-w-	c:\windows\SysWow64\ncrypt.dll
2015-01-19 11:37 . 2014-09-19 09:42	210944	----a-w-	c:\windows\system32\wdigest.dll
2015-01-19 11:37 . 2014-09-19 09:42	86528	----a-w-	c:\windows\system32\TSpkg.dll
2015-01-19 11:37 . 2014-09-19 09:42	314880	----a-w-	c:\windows\system32\msv1_0.dll
2015-01-19 11:37 . 2014-09-19 09:23	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2015-01-19 11:37 . 2014-09-19 09:23	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2015-01-19 11:37 . 2014-09-19 09:23	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2015-01-19 11:37 . 2014-09-19 09:42	22016	----a-w-	c:\windows\system32\credssp.dll
2015-01-19 11:37 . 2014-09-19 09:23	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2015-01-19 11:34 . 2014-10-25 01:57	77824	----a-w-	c:\windows\system32\packager.dll
2015-01-19 11:34 . 2014-10-25 01:32	67584	----a-w-	c:\windows\SysWow64\packager.dll
2015-01-19 11:33 . 2014-10-10 00:57	3198976	----a-w-	c:\windows\system32\win32k.sys
2015-01-19 11:33 . 2014-10-14 02:13	3241984	----a-w-	c:\windows\system32\msi.dll
2015-01-19 11:33 . 2014-10-14 01:50	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2015-01-19 11:31 . 2014-10-18 02:05	861696	----a-w-	c:\windows\system32\oleaut32.dll
2015-01-19 11:31 . 2014-10-18 01:33	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2015-01-13 21:14 . 2015-01-13 21:15	--------	d-----w-	c:\users\Gast
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-13 20:58 . 2012-05-18 16:38	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-13 20:58 . 2012-05-18 16:38	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-08 08:55 . 2012-03-17 14:20	298120	------w-	c:\windows\system32\MpSigStub.exe
2014-12-31 12:12 . 2012-10-09 11:09	113365784	----a-w-	c:\windows\system32\MRT.exe
2014-10-29 11:55 . 2014-10-29 11:59	43064	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-11-10 17:36 . 2013-11-10 17:36	50053120	----a-w-	c:\program files (x86)\GUT5BD6.tmp
2013-10-20 10:11 . 2013-10-20 10:11	50053120	----a-w-	c:\program files (x86)\GUTC532.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-01-17 702768]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-11-20 126200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-19 11:50	1087816	----a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-18 20:58]
.
2015-01-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1962253291-148107300-3505088333-1003Core.job
- c:\users\Akay_2\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-26 19:09]
.
2015-01-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1962253291-148107300-3505088333-1003UA.job
- c:\users\Akay_2\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-26 19:09]
.
2015-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-26 11:51]
.
2015-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-26 11:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Akay\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-29 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-29 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-29 410648]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-09-22 6489704]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://bitable.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-LightScribe Control Panel - c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-20  12:51:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-01-20 11:50
.
Vor Suchlauf: 16 Verzeichnis(se), 241.984.516.096 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 242.051.727.360 Bytes frei
.
- - End Of File - - 4D6CF038AC522F243D995762B4EB1F89

--- --- ---
][/CODE]

schrauber · 20.01.2015, 18:00

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

WolfsHawk · 20.01.2015, 18:58

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 20.01.2015
Suchlauf-Zeit: 18:13:16
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.20.08
Rootkit Datenbank: v2015.01.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Akay

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 426569
Verstrichene Zeit: 41 Min, 58 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

schrauber · 21.01.2015, 11:11

und der Rest?

WolfsHawk · 21.01.2015, 12:21

AdWear

Code:

ATTFilter

# AdwCleaner v4.108 - Bericht erstellt am 21/01/2015 um 12:10:08
# Aktualisiert 17/01/2015 von Xplode
# Database : 2015-01-13.2 [Local]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Akay - AKAY-HP
# Gestartet von : C:\Users\Akay\Downloads\AdwCleaner_4.108.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\v-Grabber
Ordner Gelöscht : C:\Users\Akay\AppData\Roaming\Babylon
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Datei Gelöscht : C:\Users\Akay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Akay\Desktop\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Akay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Verknüpfung Desinfiziert : C:\Users\Akay\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Akay\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Akay\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{477CCFAC-A14B-43DE-A883-AAA885E8E910}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99


*************************

AdwCleaner[R0].txt - [6182 octets] - [21/01/2015 12:03:25]
AdwCleaner[S0].txt - [6216 octets] - [21/01/2015 12:10:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6276 octets] ##########

schrauber · 21.01.2015, 15:06

poste bitte alle Logs auf einmal wenn Du sie zusammen hast.

19.01.2015, 20:25	#6
schrauber /// the machine /// TB-Ausbilder	allgemein Laptop braucht extrem lange für Aktionen Nett...... Bitte nochmal rebooten, dann nochmal MBAR. __________________ --> allgemein Laptop braucht extrem lange für Aktionen

21.01.2015, 11:11	#12
schrauber /// the machine /// TB-Ausbilder	allgemein Laptop braucht extrem lange für Aktionen und der Rest? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

21.01.2015, 15:06	#14
schrauber /// the machine /// TB-Ausbilder	allgemein Laptop braucht extrem lange für Aktionen poste bitte alle Logs auf einmal wenn Du sie zusammen hast. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

allgemein Laptop braucht extrem lange für Aktionen

Plagegeister aller Art und deren Bekämpfung: allgemein Laptop braucht extrem lange für Aktionen