Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PC sendet häufiger "falsche Fehlermeldungen" und läuft mit reduzierter Geschwindigkeit (https://www.trojaner-board.de/168194-pc-sendet-haeufiger-falsche-fehlermeldungen-laeuft-reduzierter-geschwindigkeit.html)

Frusti 24.06.2015 15:40
PC sendet häufiger "falsche Fehlermeldungen" und läuft mit reduzierter Geschwindigkeit
 
Guten Tag,

mein PC sendet häufiger "falsche Fehlermeldungen" und läuft mit reduzierter Geschwindigkeit.
Kann es sein, daß da eine Malware dafür verantwortlich ist?
Ich habe mit Malwarebyte 2.0.4.1028 geprüft, 2 PUP's wurden gefunden. Das hat aber das Problem nicht merklich verbessert.
Kann mir da jemand mit einem Rat oder Hilfestellung helfen?

Viele Grüße
Frusti

M-K-D-B 24.06.2015 16:00
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!




Was genau meinst du mit "falsche Fehlermeldungen"??


Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.

Frusti 25.06.2015 09:32
Hallo,

vielen Dank, daß Du mir helfen willst.

Falsche Fehlermeldungen
- entweder: Ich klicke zB den „Internet Explorer“ an und es öffnet sich „Windows Live Mail“.
Und das im Laufe der letzten Zeit öfter mal
- oder: Ich will bei meinem _E-Mail-Dienst „web.de“ das Postfach öffnen und ich erhalte irgendeine - sonst nicht übliche - Werbung

Hier die beiden FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by Besitzer (administrator) on BESITZER-PC on 25-06-2015 10:17:47
Running from C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0POMIK1Y
Loaded Profiles: Besitzer (Available Profiles: Besitzer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_194_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2015-03-02] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-04-24]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
SearchScopes: HKU\S-1-5-21-1654125919-855541359-3433209274-1000 -> {D15E8C8C-9DAD-46A3-BB48-4B891FEDCE69} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1654125919-855541359-3433209274-1000 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-03-02] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-03-02] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-03-02]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-06-25]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HD Streamer) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh [2014-01-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 Symantec RemoteAssist; C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe [394704 2008-01-29] (Symantec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150617.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150624.001\IDSvia64.sys [692984 2015-06-19] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150624.017\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150624.017\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [1455648 2012-06-03] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-25 10:10 - 2015-06-25 10:10 - 00003352 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-25 10:10 - 2015-06-25 10:10 - 00003224 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-25 10:01 - 2015-06-25 10:17 - 00000000 ____D C:\FRST
2015-06-25 09:28 - 2015-06-25 09:29 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{AE80FA3E-B323-41F0-960E-F8B3FAB02FC1}
2015-06-24 22:34 - 2015-06-24 22:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6E741019-A810-4C31-AC0D-EABA92654FD1}
2015-06-24 17:53 - 2015-06-24 17:53 - 00011407 _____ C:\Users\Besitzer\Desktop\Hallo Matthias,.odt
2015-06-24 14:38 - 2015-06-24 14:38 - 00016839 _____ C:\Users\Besitzer\Desktop\Karin  Anruf am 23.06.15.odt
2015-06-24 14:08 - 2015-06-24 14:12 - 00018637 _____ C:\Users\Besitzer\Desktop\2015-06-22_Ingeburg.odt
2015-06-24 10:33 - 2015-06-24 10:33 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{3698FC97-8136-4730-9706-D2E4F521A7B9}
2015-06-23 16:34 - 2015-06-23 16:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{F1A0AD4E-D2AA-4CF6-A0A3-FA46283BBBB4}
2015-06-23 10:32 - 2015-06-23 10:33 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6BAD62E7-7FF9-4AB3-8DBE-D03B61A57242}
2015-06-22 17:45 - 2015-06-22 17:46 - 00000000 ____D C:\Users\Besitzer\Desktop\Alex-III Münze-Auktion
2015-06-22 14:51 - 2015-06-22 14:52 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{77F14D45-85AD-4F8B-87D6-2CA009763696}
2015-06-22 11:00 - 2015-06-22 11:00 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{B8FBADF1-F158-4458-A6B6-676BDF3D150E}
2015-06-22 09:37 - 2015-06-25 10:08 - 00000392 _____ C:\Windows\setupact.log
2015-06-22 09:37 - 2015-06-22 09:37 - 00000000 _____ C:\Windows\setuperr.log
2015-06-22 09:36 - 2015-06-24 17:55 - 00004818 _____ C:\Windows\PFRO.log
2015-06-21 20:33 - 2015-06-21 20:33 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{A04F83CE-40C7-4238-9C6E-E2261A6CBFA2}
2015-06-21 16:25 - 2015-06-21 16:59 - 00000000 ____D C:\Users\Besitzer\Desktop\Expander
2015-06-21 13:45 - 2015-06-24 20:58 - 00003246 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-21 13:39 - 2015-06-21 17:23 - 00013503 _____ C:\Users\Besitzer\Desktop\Neue Porns.odt
2015-06-20 16:34 - 2015-06-20 16:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{68C0B195-7625-4BF2-BED6-D70C139E588D}
2015-06-20 09:06 - 2015-06-20 09:06 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{EAD99F9E-7797-4CC2-BAA1-012BD396330C}
2015-06-19 11:28 - 2015-06-21 18:40 - 00000000 ____D C:\Users\Besitzer\Desktop\2015-06-19_Sammelsurium
2015-06-19 09:20 - 2015-06-19 09:20 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{70F74F39-5742-4969-9E3E-8A3C17B51800}
2015-06-18 20:46 - 2015-06-18 20:46 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{4E6B9784-7B01-48B7-890A-592F64DB25F8}
2015-06-18 07:52 - 2015-06-18 07:52 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6840BB48-CDBA-492E-8C7F-B55EB8274101}
2015-06-17 09:40 - 2015-06-17 09:40 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6B4B61E7-3016-47DE-8C3B-A0D93EBD4F0A}
2015-06-16 10:58 - 2015-06-22 17:34 - 00000000 ____D C:\Users\Besitzer\Desktop\Invitation Christa
2015-06-16 10:24 - 2015-06-16 10:24 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{E5857EF1-FE77-427E-AEAA-77E50ECAE40B}
2015-06-15 12:09 - 2015-06-15 11:57 - 00022104 _____ C:\Users\Besitzer\Desktop\Ziele erreichen.odt
2015-06-15 12:09 - 2015-06-15 11:50 - 00021263 _____ C:\Users\Besitzer\Desktop\Ziele setzen.odt
2015-06-15 09:20 - 2015-06-15 09:20 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{700C4F34-CD51-437A-9E58-3846BE655788}
2015-06-14 11:07 - 2015-06-14 11:07 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{D79776A5-A4ED-448D-B4C6-B82523114DB0}
2015-06-13 10:10 - 2015-06-13 10:11 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{3D3B32AE-5DA0-400F-B1D3-8F9913933A49}
2015-06-12 10:50 - 2015-06-12 10:50 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{55B4645D-E629-48E2-8447-C11C7C6F03BF}
2015-06-11 11:00 - 2015-06-11 11:00 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{FC23FC08-E06B-4108-8819-6D6FC590D8AB}
2015-06-10 16:35 - 2015-06-10 16:35 - 00166957 _____ C:\Users\Besitzer\Desktop\Cycas revoluta.odt
2015-06-10 16:21 - 2015-06-10 16:21 - 00011772 _____ C:\Users\Besitzer\Desktop\Pulque.odt
2015-06-10 14:29 - 2015-06-10 14:29 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{C1846F8B-6D97-41AC-A645-2FBD43987ED0}
2015-06-10 14:27 - 2015-06-10 14:27 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{9AA0312B-F1F8-40F2-A980-E7FEA22C2288}
2015-06-10 10:46 - 2015-06-10 10:46 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{EA3FE167-4C28-42CE-8F6B-5DB3A7B6C1DD}
2015-06-10 09:40 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 09:40 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 09:40 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 09:40 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 09:40 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 09:40 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 09:40 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 09:40 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 09:40 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 09:40 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 09:40 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 09:40 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 09:40 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 09:40 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 09:40 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 09:40 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:39 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 09:39 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 09:39 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 09:39 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 09:39 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 09:39 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 09:39 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 09:39 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 09:39 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 09:39 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 09:39 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 09:39 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 09:39 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 09:39 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 09:39 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 09:39 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 09:39 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 09:39 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 09:39 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 09:39 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 09:39 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 09:39 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 09:39 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 09:39 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 09:39 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 09:39 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 09:39 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 09:39 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 09:39 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 09:39 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 09:39 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 09:39 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 09:39 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 09:39 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 09:39 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 09:39 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 09:39 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 09:39 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 09:39 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 09:39 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 09:39 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 09:39 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 09:39 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 09:39 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 09:39 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 09:39 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 09:39 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 09:39 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 09:39 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 09:39 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 09:39 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 09:39 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:39 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 09:39 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 09:39 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 09:39 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 09:39 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 19:32 - 2015-06-09 19:42 - 345237209 _____ C:\Users\Besitzer\Desktop\saartalk.-saartalk._mit_Grand_Prix_Gewinnerin_Nicole-saartalk_20150608_193501_L.mp4
2015-06-09 12:19 - 2015-06-09 12:19 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{2120BF8A-E7AD-40CE-8A29-F1C79FEB2ABC}
2015-06-08 12:17 - 2015-06-08 12:17 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{1787E386-7967-409F-8714-4BCC6F4CF338}
2015-06-07 09:58 - 2015-06-07 09:59 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{DFD7E54B-4441-47A8-8BAD-60F136D851B0}
2015-06-06 11:59 - 2015-06-06 11:59 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{242CC1BE-4C55-424E-9204-6AB4B3DF25B0}
2015-06-05 21:11 - 2015-06-05 21:11 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{ACA48491-C6A1-47B0-A9EC-AF85E1092746}
2015-06-05 10:48 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 10:48 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 10:48 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 09:03 - 2015-06-05 09:03 - 00342252 _____ C:\Users\Besitzer\Desktop\bpost messthaler.html
2015-06-05 08:51 - 2015-06-05 08:51 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{9761ADE1-5987-49D5-94D4-174777C7179C}
2015-06-04 16:19 - 2015-06-04 16:19 - 00013440 _____ C:\Users\Besitzer\Desktop\Klotz,  03.06.15.odt
2015-06-04 13:44 - 2015-06-04 13:45 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{2D72BB77-DA94-49FC-87C0-64D370ACECB7}
2015-06-03 12:11 - 2015-06-03 12:12 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{C3EB9603-DD3B-456E-8CA1-BC187CF095A8}
2015-06-03 07:23 - 2015-06-03 07:23 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-02 22:34 - 2015-06-02 22:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{EC7F3EF6-040B-408F-86E6-DFAACA07AFE1}
2015-06-02 09:21 - 2015-06-02 09:21 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{885B25B9-B371-4457-A1D3-B6FA04686B2A}
2015-06-01 18:28 - 2015-06-01 18:28 - 00000000 ____D C:\Users\Besitzer\AppData\Local\GWX
2015-06-01 14:43 - 2015-06-01 14:43 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{C139AE5F-9DED-41F2-B706-CA67E2E91C7A}
2015-05-31 09:49 - 2015-05-31 09:49 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{92E22DB1-D7BB-4A16-95F0-E803218A054E}
2015-05-30 08:27 - 2015-05-30 08:27 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{ACDDA970-363D-43C2-BE08-82CAF1E601E6}
2015-05-29 08:22 - 2015-05-29 08:22 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{8B27437E-EE4D-42BB-9E07-35DF7FFA5990}
2015-05-28 09:04 - 2015-05-28 09:04 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{5A483A23-5AA1-414B-818D-6496F5DCA009}
2015-05-27 22:00 - 2015-05-27 22:01 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{DD7ECBE7-9DC4-4BFA-B3B5-64B30F6537E7}
2015-05-27 08:31 - 2015-05-27 08:31 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{A4F79049-FBFA-4456-84BB-EE236E06533B}
2015-05-26 15:38 - 2015-05-26 15:38 - 00023810 _____ C:\Users\Besitzer\Desktop\Flecken in Maria-Theresien-Taler-Nachprägung.odt
2015-05-26 15:11 - 2015-05-26 15:11 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{0A418DAE-8C1A-437A-840D-9E22D0300F7A}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-25 10:15 - 2013-11-13 18:06 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{083BECD6-A6F2-4401-A905-5865C87918C6}
2015-06-25 10:14 - 2009-07-14 06:45 - 00023568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-25 10:14 - 2009-07-14 06:45 - 00023568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-25 10:10 - 2011-04-04 12:29 - 01565558 _____ C:\Windows\WindowsUpdate.log
2015-06-25 10:09 - 2012-12-07 08:53 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-25 10:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-25 09:52 - 2012-10-04 20:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-24 22:21 - 2012-12-07 08:53 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-24 21:11 - 2015-03-07 17:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-24 20:49 - 2011-04-07 18:15 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CrashDumps
2015-06-24 18:16 - 2013-09-23 12:36 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\vlc
2015-06-24 17:53 - 2011-05-12 18:37 - 49731584 ___SH C:\Users\Besitzer\Desktop\Thumbs.db
2015-06-24 17:52 - 2012-10-04 20:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 17:52 - 2012-10-04 20:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 17:52 - 2012-10-04 20:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-24 11:43 - 2012-06-08 08:40 - 00003756 _____ C:\Windows\System32\Tasks\Real Player-Online-Aktualisierungsprogramm
2015-06-23 18:34 - 2014-05-01 16:38 - 00000000 ____D C:\Users\Besitzer\Desktop\Essen auf Rädern
2015-06-23 13:42 - 2009-07-14 19:58 - 00699390 _____ C:\Windows\system32\perfh007.dat
2015-06-23 13:42 - 2009-07-14 19:58 - 00152094 _____ C:\Windows\system32\perfc007.dat
2015-06-23 13:42 - 2009-07-14 07:13 - 01659792 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-22 16:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 09:39 - 2014-06-21 16:42 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Adobe
2015-06-12 14:40 - 2014-05-01 15:02 - 00000000 ____D C:\Users\Besitzer\Desktop\D - III - DVDs  und  Festplatte-HDD
2015-06-10 18:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 14:12 - 2014-11-12 14:52 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieBrowserModeList
2015-06-10 14:12 - 2014-05-07 06:53 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieUserList
2015-06-10 14:12 - 2014-05-07 06:53 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieSiteList
2015-06-10 13:47 - 2015-03-01 15:59 - 00297616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 12:02 - 2013-08-14 21:13 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 11:58 - 2011-04-04 15:51 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 19:39 - 2015-04-21 09:28 - 00000000 ____D C:\Users\Besitzer\.mediathek3
2015-06-09 19:32 - 2015-04-21 09:43 - 00000000 ____D C:\Users\Besitzer\MediathekView
2015-06-09 19:01 - 2012-09-22 19:59 - 00051200 ___SH C:\Users\Besitzer\Documents\Thumbs.db
2015-06-05 18:29 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-05 15:59 - 2014-12-10 18:00 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-05 15:59 - 2014-05-06 21:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-02 17:31 - 2015-05-13 10:45 - 00000000 ____D C:\Users\Besitzer\Desktop\PC
2015-05-28 10:50 - 2011-04-07 18:06 - 00000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2010-08-31 10:42 - 2010-08-31 10:42 - 0006148 _____ () C:\Program Files (x86)\Common Files\.DS_Store
2014-03-12 17:12 - 2014-03-12 17:12 - 0000044 _____ () C:\Users\Besitzer\AppData\Roaming\WB.CFG
2011-05-11 20:06 - 2015-03-04 19:18 - 0007168 _____ () C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-09 13:47 - 2015-03-09 13:47 - 0000000 ____H () C:\ProgramData\V93GE

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-24 12:42

==================== End of log ============================
--- --- ---




[QUOTE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Besitzer at 2015-06-25 10:18:23
Running from C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0POMIK1Y
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1654125919-855541359-3433209274-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1654125919-855541359-3433209274-1006 - Limited - Enabled)
Besitzer (S-1-5-21-1654125919-855541359-3433209274-1000 - Administrator - Enabled) => C:\Users\Besitzer
Gast (S-1-5-21-1654125919-855541359-3433209274-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1654125919-855541359-3433209274-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Premier Edition (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier Edition (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis*True*Image*Home (HKLM-x32\...\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}) (Version: 13.0.5029 - Acronis)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\{2755BEE9-F03B-4FB8-BB71-0BA3F2629F18}) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1654125919-855541359-3433209274-1000\...\Amazon Kindle) (Version:  - Amazon)
AM-DeadLink 4.6 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.6 - WebSite-Watcher - Software to check websites for updates and changes (web page monitoring))
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diercke Globus Online (HKLM-x32\...\Diercke Globus Online) (Version: 2.1.36 - Imagon GmbH)
Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.415 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.415 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
OEBackup - Outlook Express Datensicherung (Testversion) (HKLM-x32\...\OutlookExpressDatensicherung) (Version:  - )
OEMaster - DBX-Reader und Daten-Export für Outlook Express (HKLM-x32\...\OEMaster-Daten-ExportfürOutlookExpress) (Version:  - )
OLYMPUS Digital Camera Updater (HKLM-x32\...\{A68C62E8-B243-4777-89BB-12173DFA1D45}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RealDownloader (x32 Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SilverFast 8.0.1r13 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.0.1r13 - LaserSoft Imaging AG)
Stellarium 0.13.1 (HKLM-x32\...\Stellarium_is1) (Version: 0.13.1 - Stellarium team)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Symantec Technical Support Web Controls (HKLM-x32\...\{20C53FA2-4307-4671-A93F-9463B29DFCF1}) (Version: 3.5.3 - Symantec Corporation)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WOT für Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

22-06-2015 10:49:59 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-02-26 12:25 - 00000035 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {031DD665-A4FC-43F1-A910-17EC72EE4C48} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {0A09A241-4E42-463C-8FC3-32D56E7B4ED5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {0B2DD2F8-3803-4FFB-A356-B90CCE77374C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {0D0700C1-2039-4203-BB6C-C3B8EAAA4D92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {27093550-600E-450A-8B7F-0CDA7B53F8D9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {2EB26125-02FB-4F8D-BB82-A45C3B00F9E1} - System32\Tasks\{EF28A5FD-BFF8-4212-9D83-6EFC93B9C0FB} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {2F41D3F5-62CC-4510-A39A-D5D52071DAC0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {400314AA-48FB-4480-9C72-028BCD6A2591} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {49A63869-8BC4-46D9-848A-AA1E7D005F61} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-08-12] (RealNetworks, Inc.)
Task: {4DADF2CA-9334-49C8-8826-88B4ACE47900} - System32\Tasks\Google Updater and Installer => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {527F1541-C0F4-4391-9730-2CA475EF0506} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {55515B29-1490-4787-9AAE-48A5A07300B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {5687AFCB-F8A1-4661-B4B3-3AD8F3541754} - System32\Tasks\{6976D51C-B97F-480C-9B1E-D78F8A738E92} => pcalua.exe -a "C:\Users\Besitzer\Desktop\Programme          -auf PC-6 -\OEMaster  082\Setup.exe" -d "C:\Users\Besitzer\Desktop\Programme          -auf PC-6 -\OEMaster  082"
Task: {5B944C46-99EB-4559-B528-1659F78A0DEC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {69B4DE0B-5054-4760-9E77-186BDC229F6A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {755A01A6-240C-4551-A938-0D60FB8828B1} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {77FC51DB-F189-49BA-82CB-4B9906A20E5D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {78E05A94-48E1-4866-93F2-D9D38F865EEE} - System32\Tasks\{1F7E5E00-647A-47E6-9221-252E2625D665} => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe [2009-08-28] (Acronis)
Task: {7FC83C0E-00EF-4589-987E-90F98BD6ADBB} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {83BBEF56-C32C-4465-8679-D8B3C1294BF1} - System32\Tasks\{B8A21EE9-7235-49BD-9493-2DB5DFC4D4D6} => pcalua.exe -a C:\Users\Besitzer\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Besitzer\Downloads
Task: {8BD6AC21-8434-4ADD-8015-50BAA928F8CE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {97DC5E36-A874-4A9E-9082-95A93FC76864} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {A9F98046-3081-4997-B922-FFE619E35DA5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {B01A5339-5272-4863-AB3A-A65877772433} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B10F2A1C-0C6D-46EF-BCEB-6ABC91D5064B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {B15CC9C0-AFC8-446E-B436-F05055B3E686} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {BA1B1F39-26DF-409F-9F21-E13D3F9C8E91} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {BA8DE5A7-A1B5-4BDF-830A-F4E86D4F9BD7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {BB3C9B46-660E-468F-A7FB-4F0167C925A8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe
Task: {BC7DC894-B831-4252-AC27-90C77817F0B8} - \Start Registry Reviver No Task File <==== ATTENTION
Task: {C1C57C49-5910-4B88-86A6-A152BD354B1F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {C30E1EBC-F7B2-42BC-9C8C-68C1EE7BA375} - System32\Tasks\{E61EAE4B-AADF-40B4-B9C1-55D0ADA7AB47} => pcalua.exe -a C:\Users\Besitzer\Desktop\swfsetup-2-6.exe -d C:\Users\Besitzer\Desktop
Task: {C7E8F109-5765-445C-849F-C720D48603A3} - System32\Tasks\{3E41D0D5-558F-4424-A981-BF9E51EEF31B} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WGCKGF3G\RegCleaner[1].exe" -d C:\Users\Besitzer\Desktop
Task: {D1C27D89-8A79-4A5A-AB71-3889CE10DF2A} - System32\Tasks\{42C1F945-6EBE-437E-8AE1-88D60BD1CA54} => pcalua.exe -a C:\Users\Besitzer\Desktop\irfanview_plugins_427_setup.exe -d C:\Users\Besitzer\Desktop
Task: {D4F8EEDC-64E7-49AD-BE69-88852D88F58D} - System32\Tasks\Real Networks Scheduler => c:\program files (x86)\real\realplayer\Update\realsched.exe [2015-03-02] (RealNetworks, Inc.)
Task: {D612F351-70A0-4FFE-B900-FE832E114413} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-21] (Microsoft Corporation)
Task: {E11A1FE1-3971-49DE-A5A9-9250E2C2DF49} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E82F5AC5-126C-4316-B75D-CBB5DB373CC1} - System32\Tasks\{974799ED-061E-4569-B98A-017C857A82E8} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JCU6EN96\DierckeGlobusOnline.exe" -d C:\Users\Besitzer\Desktop
Task: {EDCEDC44-7B66-44A4-A8EA-7E71A6196586} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EE289BC9-387C-488C-B2D6-B6FBFE6DEA46} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F7E186B2-5BEB-4176-B198-85BFCBC22408} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2015-03-02] (RealNetworks, Inc.)
Task: {FC1F032C-7853-4FCA-918D-3D213E04DE08} - System32\Tasks\{16D2A7FC-5A97-4D12-B147-F00E9F44C7A0} => C:\Program Files (x86)\Datacolor\Spyder3Express\Spyder3Express.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-08-12 12:34 - 2014-08-12 12:34 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-09-02 15:41 - 2013-09-02 15:41 - 01414104 _____ () C:\Program Files (x86)\WOT\WOT.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                     
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe                                                                                                                                                                                                       

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCB6148C-8AEF-431E-8118-1F725B6AFF43}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{25579D7E-AD88-4669-A5EF-5D2B3850CE20}] => (Allow) LPort=2869
FirewallRules: [{058C2573-AB4C-4EFA-8C95-FF82CFE53EC1}] => (Allow) LPort=1900
FirewallRules: [{A7942C46-1F15-4346-958A-2F336879B005}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{24BA15E4-2FA1-4BBC-98EA-2D2282E59191}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{74E41A11-2636-44DE-9AF3-BD1796E6162A}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{F95023A9-A83A-4870-B858-A606C76401BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2865131E-A377-49F3-8999-5AD662E8EDAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2015 10:14:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x84c
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/25/2015 10:03:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x868
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/25/2015 09:32:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x874
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/24/2015 08:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: recordingmanager.exe, Version: 1.3.4.3, Zeitstempel: 0x53ea5e97
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x7b0
Startzeit der fehlerhaften Anwendung: 0xrecordingmanager.exe0
Pfad der fehlerhaften Anwendung: recordingmanager.exe1
Pfad des fehlerhaften Moduls: recordingmanager.exe2
Berichtskennung: recordingmanager.exe3

Error: (06/24/2015 06:09:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/24/2015 06:02:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x860
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/24/2015 05:24:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/24/2015 10:31:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x560
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/23/2015 04:51:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm recordingmanager.exe, Version 1.3.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13f4

Startzeit: 01d0adc371e022ed

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe

Berichts-ID: 3c0725a7-19b7-11e5-bb0b-4061865ed214

Error: (06/23/2015 04:46:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/25/2015 10:14:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/25/2015 10:03:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/25/2015 09:39:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 09:32:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/24/2015 08:58:26 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.

Error: (06/24/2015 06:02:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/24/2015 05:11:29 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (06/24/2015 05:11:29 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (06/24/2015 10:31:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/23/2015 10:38:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office:
=========================
Error: (06/25/2015 10:14:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353484c01d0af1e24be7337C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe300898d6-1b12-11e5-9e95-4061865ed214

Error: (06/25/2015 10:03:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353486801d0af1cab5e8a6aC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exeaa00a6ff-1b10-11e5-963c-4061865ed214

Error: (06/25/2015 09:32:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353487401d0af1837d7f9b7C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe5ef6b52b-1b0c-11e5-9a47-4061865ed214

Error: (06/24/2015 08:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: recordingmanager.exe1.3.4.353ea5e97ntdll.dll6.1.7601.1886955636317c0000374000cea5f7b001d0ae96b3ee32faC:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exeC:\Windows\SysWOW64\ntdll.dllafb25a65-1aa1-11e5-ab03-4061865ed214

Error: (06/24/2015 06:09:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe

Error: (06/24/2015 06:02:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353486001d0ae965a5bdc77C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe752d0d40-1a8a-11e5-ab03-4061865ed214

Error: (06/24/2015 05:24:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe

Error: (06/24/2015 10:31:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353456001d0ae577b2e9cbfC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe701c6429-1a4b-11e5-b662-4061865ed214

Error: (06/23/2015 04:51:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: recordingmanager.exe1.3.4.313f401d0adc371e022ed16C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe3c0725a7-19b7-11e5-bb0b-4061865ed214

Error: (06/23/2015 04:46:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe


CodeIntegrity Errors:
===================================
  Date: 2014-02-18 18:03:40.466
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-18 18:03:40.247
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E6600 @ 3.06GHz
Percentage of memory in use: 40%
Total physical RAM: 4061.24 MB
Available physical RAM: 2407.02 MB
Total Pagefile: 8120.69 MB
Available Pagefile: 6420.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.17 GB) (Free:1331.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 7FD2F734)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---


Leider gelingt es mir nicht, TDSSKiller zu kopieren und einzufügen. Er läßt sich zwar ausführen, das Ergebnis läßt sich jedoch nicht markieren?!

Gruß
Frusti

Frusti 25.06.2015 09:37
Jetzt ist das Kopieren doch noch gelungen:

Zitat:
10:19:59.0265 0x0524 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:20:08.0838 0x0524 ============================================================
10:20:08.0838 0x0524 Current date / time: 2015/06/25 10:20:08.0838
10:20:08.0838 0x0524 SystemInfo:
10:20:08.0838 0x0524
10:20:08.0838 0x0524 OS Version: 6.1.7601 ServicePack: 1.0
10:20:08.0838 0x0524 Product type: Workstation
10:20:08.0838 0x0524 ComputerName: BESITZER-PC
10:20:08.0838 0x0524 UserName: Besitzer
10:20:08.0838 0x0524 Windows directory: C:\Windows
10:20:08.0838 0x0524 System windows directory: C:\Windows
10:20:08.0838 0x0524 Running under WOW64
10:20:08.0838 0x0524 Processor architecture: Intel x64
10:20:08.0838 0x0524 Number of processors: 2
10:20:08.0838 0x0524 Page size: 0x1000
10:20:08.0838 0x0524 Boot type: Normal boot
10:20:08.0838 0x0524 ============================================================
10:20:11.0428 0x0524 KLMD registered as C:\Windows\system32\drivers\02146529.sys
10:20:11.0600 0x0524 System UUID: {68BF1D23-F415-4E21-4893-D979BAFAF35C}
10:20:11.0990 0x0524 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:20:12.0005 0x0524 ============================================================
10:20:12.0005 0x0524 \Device\Harddisk0\DR0:
10:20:12.0005 0x0524 MBR partitions:
10:20:12.0005 0x0524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:20:12.0005 0x0524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAEA54800
10:20:12.0005 0x0524 ============================================================
10:20:12.0036 0x0524 C: <-> \Device\Harddisk0\DR0\Partition2
10:20:12.0036 0x0524 ============================================================
10:20:12.0036 0x0524 Initialize success
10:20:12.0036 0x0524 ============================================================
10:20:15.0032 0x0964 ============================================================
10:20:15.0032 0x0964 Scan started
10:20:15.0032 0x0964 Mode: Manual;
10:20:15.0032 0x0964 ============================================================
10:20:15.0032 0x0964 KSN ping started
10:20:28.0416 0x0964 KSN ping finished: true
10:20:30.0211 0x0964 ================ Scan system memory ========================
10:20:30.0211 0x0964 System memory - ok
10:20:30.0211 0x0964 ================ Scan services =============================
10:20:30.0523 0x0964 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:20:30.0523 0x0964 1394ohci - ok
10:20:30.0601 0x0964 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:20:30.0601 0x0964 ACPI - ok
10:20:30.0632 0x0964 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:20:30.0632 0x0964 AcpiPmi - ok
10:20:30.0725 0x0964 [ 67B708CBF1D5C60D20568CC23BD544E3, 8BEADD7193D7DB23046367452FB61EE219A7277BEC1EB6C44EE77E9CC541E396 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
10:20:30.0741 0x0964 AcrSch2Svc - ok
10:20:30.0803 0x0964 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:20:30.0803 0x0964 AdobeARMservice - ok
10:20:30.0928 0x0964 [ 6259A5B669AE018A5E53247259A101C3, 1CD2102FAF1DCEB6B8278D098A7C1A85ED6D6E5DCF7F70E0E9A5166B67C8D057 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:20:30.0944 0x0964 AdobeFlashPlayerUpdateSvc - ok
10:20:31.0069 0x0964 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:20:31.0084 0x0964 adp94xx - ok
10:20:31.0147 0x0964 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:20:31.0162 0x0964 adpahci - ok
10:20:31.0225 0x0964 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:20:31.0240 0x0964 adpu320 - ok
10:20:31.0271 0x0964 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:20:31.0271 0x0964 AeLookupSvc - ok
10:20:31.0334 0x0964 [ 7F64EA2FCE77830C020B2E387C0FAC05, 89FDF8ECE4AD9EF9EF8EFB4D280A46F039B5FD5349D754C4B32DEC30423E0D02 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
10:20:31.0349 0x0964 afcdp - ok
10:20:31.0459 0x0964 [ 6900DE81D21CC3CC3C8A5F531CE2AA09, CA4866E135FF1EDB947BAE5DD8AD15C90346658032A04A2C12114A4CDBA2F087 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
10:20:31.0490 0x0964 afcdpsrv - ok
10:20:31.0537 0x0964 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:20:31.0552 0x0964 AFD - ok
10:20:31.0568 0x0964 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:20:31.0568 0x0964 agp440 - ok
10:20:31.0599 0x0964 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:20:31.0599 0x0964 ALG - ok
10:20:31.0630 0x0964 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:20:31.0630 0x0964 aliide - ok
10:20:31.0646 0x0964 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:20:31.0646 0x0964 amdide - ok
10:20:31.0646 0x0964 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:20:31.0646 0x0964 AmdK8 - ok
10:20:31.0661 0x0964 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:20:31.0661 0x0964 AmdPPM - ok
10:20:31.0693 0x0964 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:20:31.0693 0x0964 amdsata - ok
10:20:31.0724 0x0964 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:20:31.0724 0x0964 amdsbs - ok
10:20:31.0739 0x0964 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:20:31.0739 0x0964 amdxata - ok
10:20:31.0755 0x0964 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
10:20:31.0755 0x0964 AppID - ok
10:20:31.0786 0x0964 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:20:31.0786 0x0964 AppIDSvc - ok
10:20:31.0817 0x0964 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:20:31.0817 0x0964 Appinfo - ok
10:20:31.0833 0x0964 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:20:31.0849 0x0964 arc - ok
10:20:31.0849 0x0964 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:20:31.0849 0x0964 arcsas - ok
10:20:31.0927 0x0964 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:20:31.0927 0x0964 aspnet_state - ok
10:20:31.0942 0x0964 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:20:31.0942 0x0964 AsyncMac - ok
10:20:31.0973 0x0964 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:20:31.0973 0x0964 atapi - ok
10:20:32.0020 0x0964 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:20:32.0036 0x0964 AudioEndpointBuilder - ok
10:20:32.0051 0x0964 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:20:32.0067 0x0964 AudioSrv - ok
10:20:32.0114 0x0964 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:20:32.0114 0x0964 AxInstSV - ok
10:20:32.0145 0x0964 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:20:32.0145 0x0964 b06bdrv - ok
10:20:32.0161 0x0964 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:20:32.0161 0x0964 b57nd60a - ok
10:20:32.0176 0x0964 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:20:32.0192 0x0964 BDESVC - ok
10:20:32.0192 0x0964 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:20:32.0192 0x0964 Beep - ok
10:20:32.0254 0x0964 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:20:32.0254 0x0964 BFE - ok
10:20:32.0395 0x0964 [ FB0FAB0E2140FE8E17BAE727C15DBFBB, 227B7472ACE6C583AD67433080BCF57BFDC88F43BF8A56DA78BEB9D618572CA8 ] BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150617.001\BHDrvx64.sys
10:20:32.0426 0x0964 BHDrvx64 - ok
10:20:32.0457 0x0964 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:20:32.0473 0x0964 BITS - ok
10:20:32.0504 0x0964 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:20:32.0504 0x0964 blbdrive - ok
10:20:32.0519 0x0964 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:20:32.0519 0x0964 bowser - ok
10:20:32.0519 0x0964 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:20:32.0519 0x0964 BrFiltLo - ok
10:20:32.0535 0x0964 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:20:32.0535 0x0964 BrFiltUp - ok
10:20:32.0566 0x0964 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:20:32.0566 0x0964 BridgeMP - ok
10:20:32.0597 0x0964 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:20:32.0613 0x0964 Browser - ok
10:20:32.0629 0x0964 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:20:32.0644 0x0964 Brserid - ok
10:20:32.0644 0x0964 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:20:32.0644 0x0964 BrSerWdm - ok
10:20:32.0660 0x0964 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:20:32.0660 0x0964 BrUsbMdm - ok
10:20:32.0660 0x0964 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:20:32.0660 0x0964 BrUsbSer - ok
10:20:32.0675 0x0964 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:20:32.0675 0x0964 BTHMODEM - ok
10:20:32.0691 0x0964 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:20:32.0691 0x0964 bthserv - ok
10:20:32.0707 0x0964 catchme - ok
10:20:32.0769 0x0964 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys
10:20:32.0785 0x0964 ccSet_N360 - ok
10:20:32.0800 0x0964 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:20:32.0800 0x0964 cdfs - ok
10:20:32.0847 0x0964 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:20:32.0847 0x0964 cdrom - ok
10:20:32.0878 0x0964 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:20:32.0878 0x0964 CertPropSvc - ok
10:20:32.0894 0x0964 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:20:32.0894 0x0964 circlass - ok
10:20:32.0925 0x0964 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:20:32.0925 0x0964 CLFS - ok
10:20:32.0956 0x0964 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:20:32.0972 0x0964 clr_optimization_v2.0.50727_32 - ok
10:20:32.0987 0x0964 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:20:32.0987 0x0964 clr_optimization_v2.0.50727_64 - ok
10:20:33.0050 0x0964 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:20:33.0065 0x0964 clr_optimization_v4.0.30319_32 - ok
10:20:33.0081 0x0964 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:20:33.0081 0x0964 clr_optimization_v4.0.30319_64 - ok
10:20:33.0097 0x0964 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:20:33.0097 0x0964 CmBatt - ok
10:20:33.0112 0x0964 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:20:33.0112 0x0964 cmdide - ok
10:20:33.0159 0x0964 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
10:20:33.0175 0x0964 CNG - ok
10:20:33.0175 0x0964 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:20:33.0175 0x0964 Compbatt - ok
10:20:33.0190 0x0964 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:20:33.0190 0x0964 CompositeBus - ok
10:20:33.0206 0x0964 COMSysApp - ok
10:20:33.0206 0x0964 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:20:33.0206 0x0964 crcdisk - ok
10:20:33.0237 0x0964 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:20:33.0237 0x0964 CryptSvc - ok
10:20:33.0268 0x0964 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:20:33.0268 0x0964 DcomLaunch - ok
10:20:33.0299 0x0964 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:20:33.0299 0x0964 defragsvc - ok
10:20:33.0315 0x0964 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:20:33.0315 0x0964 DfsC - ok
10:20:33.0331 0x0964 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:20:33.0331 0x0964 Dhcp - ok
10:20:33.0455 0x0964 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
10:20:33.0471 0x0964 DiagTrack - ok
10:20:33.0502 0x0964 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:20:33.0502 0x0964 discache - ok
10:20:33.0502 0x0964 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:20:33.0518 0x0964 Disk - ok
10:20:33.0533 0x0964 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:20:33.0533 0x0964 Dnscache - ok
10:20:33.0565 0x0964 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:20:33.0565 0x0964 dot3svc - ok
10:20:33.0596 0x0964 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:20:33.0596 0x0964 DPS - ok
10:20:33.0627 0x0964 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:20:33.0627 0x0964 drmkaud - ok
10:20:33.0689 0x0964 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:20:33.0721 0x0964 DXGKrnl - ok
10:20:33.0752 0x0964 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:20:33.0752 0x0964 EapHost - ok
10:20:33.0877 0x0964 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:20:33.0923 0x0964 ebdrv - ok
10:20:34.0001 0x0964 [ E5CE7CFE2E08B03E9AEC2CC3750ACBCB, 9892C142143A761072B1B4AD3ADDB738B3B26A6B4D7C4B1A97C74FBF59A9FDD3 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:20:34.0017 0x0964 eeCtrl - ok
10:20:34.0033 0x0964 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\Windows\System32\lsass.exe
10:20:34.0033 0x0964 EFS - ok
10:20:34.0064 0x0964 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:20:34.0064 0x0964 elxstor - ok
10:20:34.0079 0x0964 [ 13E3BBC4578742E80854451FA16F272A, A9B2D972B114ED2E18246CCBDEE97F6C1AFA8B143791AD5DAED70100E58CD25F ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:20:34.0095 0x0964 EraserUtilRebootDrv - ok
10:20:34.0111 0x0964 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:20:34.0111 0x0964 ErrDev - ok
10:20:34.0142 0x0964 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:20:34.0142 0x0964 EventSystem - ok
10:20:34.0157 0x0964 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:20:34.0157 0x0964 exfat - ok
10:20:34.0173 0x0964 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:20:34.0173 0x0964 fastfat - ok
10:20:34.0189 0x0964 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:20:34.0189 0x0964 fdc - ok
10:20:34.0189 0x0964 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:20:34.0189 0x0964 fdPHost - ok
10:20:34.0204 0x0964 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:20:34.0204 0x0964 FDResPub - ok
10:20:34.0220 0x0964 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:20:34.0220 0x0964 FileInfo - ok
10:20:34.0235 0x0964 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:20:34.0235 0x0964 Filetrace - ok
10:20:34.0251 0x0964 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:20:34.0251 0x0964 flpydisk - ok
10:20:34.0267 0x0964 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:20:34.0267 0x0964 FltMgr - ok
10:20:34.0329 0x0964 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
10:20:34.0345 0x0964 FontCache - ok
10:20:34.0391 0x0964 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:20:34.0391 0x0964 FontCache3.0.0.0 - ok
10:20:34.0407 0x0964 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:20:34.0407 0x0964 FsDepends - ok
10:20:34.0423 0x0964 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:20:34.0438 0x0964 Fs_Rec - ok
10:20:34.0454 0x0964 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:20:34.0454 0x0964 fvevol - ok
10:20:34.0469 0x0964 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:20:34.0485 0x0964 gagp30kx - ok
10:20:34.0516 0x0964 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:20:34.0532 0x0964 gpsvc - ok
10:20:34.0594 0x0964 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:20:34.0610 0x0964 gupdate - ok
10:20:34.0625 0x0964 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:20:34.0625 0x0964 gupdatem - ok
10:20:34.0672 0x0964 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:20:34.0672 0x0964 gusvc - ok
10:20:34.0688 0x0964 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:20:34.0688 0x0964 hcw85cir - ok
10:20:34.0719 0x0964 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:20:34.0735 0x0964 HdAudAddService - ok
10:20:34.0750 0x0964 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:20:34.0750 0x0964 HDAudBus - ok
10:20:34.0766 0x0964 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:20:34.0766 0x0964 HidBatt - ok
10:20:34.0781 0x0964 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:20:34.0781 0x0964 HidBth - ok
10:20:34.0797 0x0964 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:20:34.0797 0x0964 HidIr - ok
10:20:34.0813 0x0964 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
10:20:34.0813 0x0964 hidserv - ok
10:20:34.0828 0x0964 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:20:34.0828 0x0964 HidUsb - ok
10:20:34.0844 0x0964 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:20:34.0844 0x0964 hkmsvc - ok
10:20:34.0875 0x0964 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:20:34.0891 0x0964 HomeGroupListener - ok
10:20:34.0906 0x0964 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:20:34.0906 0x0964 HomeGroupProvider - ok
10:20:34.0937 0x0964 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:20:34.0937 0x0964 HpSAMD - ok
10:20:35.0000 0x0964 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:20:35.0000 0x0964 HTTP - ok
10:20:35.0031 0x0964 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:20:35.0031 0x0964 hwpolicy - ok
10:20:35.0062 0x0964 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:20:35.0062 0x0964 i8042prt - ok
10:20:35.0109 0x0964 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:20:35.0109 0x0964 iaStorV - ok
10:20:35.0171 0x0964 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:20:35.0187 0x0964 idsvc - ok
10:20:35.0265 0x0964 [ 19F52CF90BB4D05B5265773CA7011E4C, BA28BAEE9D64859775C6DF56E407104D1463BD1374CF3F6AA414AB85946ED1F5 ] IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150624.001\IDSvia64.sys
10:20:35.0281 0x0964 IDSVia64 - ok
10:20:35.0296 0x0964 IEEtwCollectorService - ok
10:20:35.0624 0x0964 [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:20:35.0780 0x0964 igfx - ok
10:20:35.0811 0x0964 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:20:35.0811 0x0964 iirsp - ok
10:20:35.0873 0x0964 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:20:35.0873 0x0964 IKEEXT - ok
10:20:35.0905 0x0964 [ B014CE58F0A8048D3924BA8D5CCBC5F1, C2A913B7A7A0CB2B8C1EC9E51DE98B51DF55A9AA4D21804C531E30D9FACCC0F9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
10:20:35.0920 0x0964 IntcHdmiAddService - ok
10:20:35.0936 0x0964 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:20:35.0936 0x0964 intelide - ok
10:20:35.0936 0x0964 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:20:35.0951 0x0964 intelppm - ok
10:20:35.0967 0x0964 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:20:35.0967 0x0964 IPBusEnum - ok
10:20:35.0983 0x0964 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:20:35.0983 0x0964 IpFilterDriver - ok
10:20:36.0029 0x0964 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:20:36.0045 0x0964 iphlpsvc - ok
10:20:36.0061 0x0964 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:20:36.0061 0x0964 IPMIDRV - ok
10:20:36.0076 0x0964 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:20:36.0076 0x0964 IPNAT - ok
10:20:36.0092 0x0964 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:20:36.0092 0x0964 IRENUM - ok
10:20:36.0107 0x0964 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:20:36.0107 0x0964 isapnp - ok
10:20:36.0123 0x0964 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:20:36.0123 0x0964 iScsiPrt - ok
10:20:36.0139 0x0964 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:20:36.0139 0x0964 kbdclass - ok
10:20:36.0154 0x0964 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:20:36.0154 0x0964 kbdhid - ok
10:20:36.0170 0x0964 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\Windows\system32\lsass.exe
10:20:36.0185 0x0964 KeyIso - ok
10:20:36.0232 0x0964 [ 07071C1E3CD8F0F9114AAC8B072CA1E5, F72E49D9A77BBE28B135D5DDBD9037083D90400A6D61DA45B5D53C4ACFFAF932 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
10:20:36.0232 0x0964 KMWDFILTER - ok
10:20:36.0263 0x0964 [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:20:36.0279 0x0964 KSecDD - ok
10:20:36.0295 0x0964 [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:20:36.0295 0x0964 KSecPkg - ok
10:20:36.0295 0x0964 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:20:36.0295 0x0964 ksthunk - ok
10:20:36.0310 0x0964 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:20:36.0310 0x0964 KtmRm - ok
10:20:36.0388 0x0964 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:20:36.0404 0x0964 LanmanServer - ok
10:20:36.0419 0x0964 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:20:36.0435 0x0964 LanmanWorkstation - ok
10:20:36.0466 0x0964 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:20:36.0466 0x0964 lltdio - ok
10:20:36.0497 0x0964 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:20:36.0497 0x0964 lltdsvc - ok
10:20:36.0513 0x0964 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:20:36.0513 0x0964 lmhosts - ok
10:20:36.0544 0x0964 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:20:36.0544 0x0964 LSI_FC - ok
10:20:36.0544 0x0964 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:20:36.0544 0x0964 LSI_SAS - ok
10:20:36.0575 0x0964 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:20:36.0575 0x0964 LSI_SAS2 - ok
10:20:36.0575 0x0964 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:20:36.0575 0x0964 LSI_SCSI - ok
10:20:36.0591 0x0964 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:20:36.0591 0x0964 luafv - ok
10:20:36.0638 0x0964 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:20:36.0638 0x0964 megasas - ok
10:20:36.0669 0x0964 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:20:36.0669 0x0964 MegaSR - ok
10:20:36.0685 0x0964 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:20:36.0685 0x0964 MMCSS - ok
10:20:36.0700 0x0964 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:20:36.0700 0x0964 Modem - ok
10:20:36.0716 0x0964 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:20:36.0716 0x0964 monitor - ok
10:20:36.0731 0x0964 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:20:36.0731 0x0964 mouclass - ok
10:20:36.0731 0x0964 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:20:36.0731 0x0964 mouhid - ok
10:20:36.0763 0x0964 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:20:36.0763 0x0964 mountmgr - ok
10:20:36.0794 0x0964 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:20:36.0794 0x0964 MozillaMaintenance - ok
10:20:36.0825 0x0964 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:20:36.0825 0x0964 mpio - ok
10:20:36.0856 0x0964 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:20:36.0856 0x0964 mpsdrv - ok
10:20:36.0919 0x0964 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:20:36.0919 0x0964 MpsSvc - ok
10:20:36.0950 0x0964 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:20:36.0950 0x0964 MRxDAV - ok
10:20:36.0965 0x0964 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:20:36.0965 0x0964 mrxsmb - ok
10:20:36.0997 0x0964 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:20:36.0997 0x0964 mrxsmb10 - ok
10:20:36.0997 0x0964 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:20:37.0012 0x0964 mrxsmb20 - ok
10:20:37.0028 0x0964 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:20:37.0028 0x0964 msahci - ok
10:20:37.0043 0x0964 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:20:37.0043 0x0964 msdsm - ok
10:20:37.0075 0x0964 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:20:37.0075 0x0964 MSDTC - ok
10:20:37.0075 0x0964 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:20:37.0090 0x0964 Msfs - ok
10:20:37.0090 0x0964 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:20:37.0090 0x0964 mshidkmdf - ok
10:20:37.0090 0x0964 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:20:37.0090 0x0964 msisadrv - ok
10:20:37.0106 0x0964 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:20:37.0106 0x0964 MSiSCSI - ok
10:20:37.0121 0x0964 msiserver - ok
10:20:37.0137 0x0964 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:20:37.0137 0x0964 MSKSSRV - ok
10:20:37.0137 0x0964 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:20:37.0137 0x0964 MSPCLOCK - ok
10:20:37.0153 0x0964 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:20:37.0153 0x0964 MSPQM - ok
10:20:37.0168 0x0964 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:20:37.0168 0x0964 MsRPC - ok
10:20:37.0184 0x0964 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:20:37.0184 0x0964 mssmbios - ok
10:20:37.0184 0x0964 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:20:37.0184 0x0964 MSTEE - ok
10:20:37.0184 0x0964 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:20:37.0199 0x0964 MTConfig - ok
10:20:37.0199 0x0964 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:20:37.0199 0x0964 Mup - ok
10:20:37.0340 0x0964 [ 06F83F2E1FE29115E2D397046BA3C10D, 6551E1A580B6FB7047D445F81305451BB0408859376DE9EA2132F5C5EB48993A ] N360 C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe
10:20:37.0355 0x0964 N360 - ok
10:20:37.0402 0x0964 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:20:37.0418 0x0964 napagent - ok
10:20:37.0449 0x0964 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:20:37.0465 0x0964 NativeWifiP - ok
10:20:37.0543 0x0964 [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150624.017\ENG64.SYS
10:20:37.0543 0x0964 NAVENG - ok
10:20:37.0621 0x0964 [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150624.017\EX64.SYS
10:20:37.0652 0x0964 NAVEX15 - ok
10:20:37.0714 0x0964 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:20:37.0745 0x0964 NDIS - ok
10:20:37.0745 0x0964 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:20:37.0745 0x0964 NdisCap - ok
10:20:37.0777 0x0964 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:20:37.0777 0x0964 NdisTapi - ok
10:20:37.0792 0x0964 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:20:37.0792 0x0964 Ndisuio - ok
10:20:37.0792 0x0964 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:20:37.0792 0x0964 NdisWan - ok
10:20:37.0823 0x0964 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:20:37.0823 0x0964 NDProxy - ok
10:20:37.0823 0x0964 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:20:37.0823 0x0964 NetBIOS - ok
10:20:37.0855 0x0964 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:20:37.0855 0x0964 NetBT - ok
10:20:37.0870 0x0964 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\Windows\system32\lsass.exe
10:20:37.0870 0x0964 Netlogon - ok
10:20:37.0901 0x0964 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:20:37.0901 0x0964 Netman - ok
10:20:37.0948 0x0964 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:20:37.0948 0x0964 NetMsmqActivator - ok
10:20:37.0964 0x0964 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:20:37.0979 0x0964 NetPipeActivator - ok
10:20:38.0011 0x0964 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:20:38.0011 0x0964 netprofm - ok
10:20:38.0026 0x0964 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:20:38.0026 0x0964 NetTcpActivator - ok
10:20:38.0042 0x0964 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:20:38.0042 0x0964 NetTcpPortSharing - ok
10:20:38.0042 0x0964 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:20:38.0042 0x0964 nfrd960 - ok
10:20:38.0073 0x0964 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:20:38.0089 0x0964 NlaSvc - ok
10:20:38.0089 0x0964 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:20:38.0089 0x0964 Npfs - ok
10:20:38.0104 0x0964 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:20:38.0104 0x0964 nsi - ok
10:20:38.0104 0x0964 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:20:38.0104 0x0964 nsiproxy - ok
10:20:38.0167 0x0964 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:20:38.0229 0x0964 Ntfs - ok
10:20:38.0229 0x0964 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:20:38.0229 0x0964 Null - ok
10:20:38.0276 0x0964 [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:20:38.0276 0x0964 nusb3hub - ok
10:20:38.0291 0x0964 [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:20:38.0291 0x0964 nusb3xhc - ok
10:20:38.0323 0x0964 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:20:38.0338 0x0964 nvraid - ok
10:20:38.0354 0x0964 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:20:38.0354 0x0964 nvstor - ok
10:20:38.0385 0x0964 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:20:38.0385 0x0964 nv_agp - ok
10:20:38.0401 0x0964 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:20:38.0416 0x0964 ohci1394 - ok
10:20:38.0447 0x0964 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:20:38.0447 0x0964 p2pimsvc - ok
10:20:38.0494 0x0964 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:20:38.0494 0x0964 p2psvc - ok
10:20:38.0525 0x0964 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:20:38.0525 0x0964 Parport - ok
10:20:38.0525 0x0964 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:20:38.0525 0x0964 partmgr - ok
10:20:38.0572 0x0964 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:20:38.0572 0x0964 PcaSvc - ok
10:20:38.0588 0x0964 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:20:38.0603 0x0964 pci - ok
10:20:38.0619 0x0964 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:20:38.0619 0x0964 pciide - ok
10:20:38.0635 0x0964 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:20:38.0635 0x0964 pcmcia - ok
10:20:38.0650 0x0964 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:20:38.0650 0x0964 pcw - ok
10:20:38.0681 0x0964 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:20:38.0697 0x0964 PEAUTH - ok
10:20:38.0759 0x0964 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:20:38.0759 0x0964 PerfHost - ok
10:20:38.0837 0x0964 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:20:38.0853 0x0964 pla - ok
10:20:38.0947 0x0964 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:20:38.0947 0x0964 PlugPlay - ok
10:20:38.0978 0x0964 [ F485770EEC8959684CC4C4786B63C06C, 34ECC6D83782A2F8E9E32456F3C6C527999283775626C772D0354D232A10604A ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:20:38.0978 0x0964 Pml Driver HPZ12 - ok
10:20:38.0993 0x0964 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:20:38.0993 0x0964 PNRPAutoReg - ok
10:20:39.0025 0x0964 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:20:39.0025 0x0964 PNRPsvc - ok
10:20:39.0071 0x0964 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:20:39.0087 0x0964 PolicyAgent - ok
10:20:39.0118 0x0964 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:20:39.0118 0x0964 Power - ok
10:20:39.0149 0x0964 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:20:39.0149 0x0964 PptpMiniport - ok
10:20:39.0165 0x0964 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:20:39.0165 0x0964 Processor - ok
10:20:39.0243 0x0964 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:20:39.0243 0x0964 ProfSvc - ok
10:20:39.0259 0x0964 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
10:20:39.0259 0x0964 ProtectedStorage - ok
10:20:39.0274 0x0964 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:20:39.0290 0x0964 Psched - ok
10:20:39.0321 0x0964 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
10:20:39.0321 0x0964 PSI - ok
10:20:39.0383 0x0964 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:20:39.0399 0x0964 ql2300 - ok
10:20:39.0430 0x0964 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:20:39.0430 0x0964 ql40xx - ok
10:20:39.0446 0x0964 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:20:39.0446 0x0964 QWAVE - ok
10:20:39.0461 0x0964 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:20:39.0461 0x0964 QWAVEdrv - ok
10:20:39.0477 0x0964 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:20:39.0477 0x0964 RasAcd - ok
10:20:39.0493 0x0964 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:20:39.0493 0x0964 RasAgileVpn - ok
10:20:39.0508 0x0964 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:20:39.0508 0x0964 RasAuto - ok
10:20:39.0524 0x0964 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:20:39.0524 0x0964 Rasl2tp - ok
10:20:39.0539 0x0964 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:20:39.0539 0x0964 RasMan - ok
10:20:39.0555 0x0964 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:20:39.0555 0x0964 RasPppoe - ok
10:20:39.0571 0x0964 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:20:39.0571 0x0964 RasSstp - ok
10:20:39.0571 0x0964 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:20:39.0586 0x0964 rdbss - ok
10:20:39.0602 0x0964 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:20:39.0602 0x0964 rdpbus - ok
10:20:39.0617 0x0964 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:20:39.0617 0x0964 RDPCDD - ok
10:20:39.0617 0x0964 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:20:39.0617 0x0964 RDPENCDD - ok
10:20:39.0633 0x0964 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:20:39.0633 0x0964 RDPREFMP - ok
10:20:39.0664 0x0964 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:20:39.0664 0x0964 RdpVideoMiniport - ok
10:20:39.0695 0x0964 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:20:39.0711 0x0964 RDPWD - ok
10:20:39.0742 0x0964 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:20:39.0758 0x0964 rdyboost - ok
10:20:39.0805 0x0964 [ 20C2F1613EBCF66D0395C59076EE472E, E72DA9D55E3FDFA0D9B3F367B0E08D2E291A8D45C70B49EB8BF2C13F824AB933 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
10:20:39.0805 0x0964 RealNetworks Downloader Resolver Service - ok
10:20:39.0820 0x0964 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:20:39.0820 0x0964 RemoteAccess - ok
10:20:39.0851 0x0964 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:20:39.0851 0x0964 RemoteRegistry - ok
10:20:39.0867 0x0964 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:20:39.0883 0x0964 RpcEptMapper - ok
10:20:39.0898 0x0964 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:20:39.0898 0x0964 RpcLocator - ok
10:20:39.0929 0x0964 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:20:39.0929 0x0964 RpcSs - ok
10:20:39.0945 0x0964 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:20:39.0945 0x0964 rspndr - ok
10:20:39.0992 0x0964 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:20:39.0992 0x0964 RTL8167 - ok
10:20:40.0007 0x0964 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\Windows\system32\lsass.exe
10:20:40.0007 0x0964 SamSs - ok
10:20:40.0023 0x0964 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:20:40.0023 0x0964 sbp2port - ok
10:20:40.0054 0x0964 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:20:40.0054 0x0964 SCardSvr - ok
10:20:40.0070 0x0964 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:20:40.0070 0x0964 scfilter - ok
10:20:40.0117 0x0964 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:20:40.0132 0x0964 Schedule - ok
10:20:40.0148 0x0964 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:20:40.0148 0x0964 SCPolicySvc - ok
10:20:40.0148 0x0964 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:20:40.0163 0x0964 SDRSVC - ok
10:20:40.0179 0x0964 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:20:40.0179 0x0964 secdrv - ok
10:20:40.0179 0x0964 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:20:40.0179 0x0964 seclogon - ok
10:20:40.0304 0x0964 [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
10:20:40.0335 0x0964 Secunia PSI Agent - ok
10:20:40.0429 0x0964 [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
10:20:40.0429 0x0964 Secunia Update Agent - ok
10:20:40.0460 0x0964 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
10:20:40.0460 0x0964 SENS - ok
10:20:40.0475 0x0964 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:20:40.0475 0x0964 SensrSvc - ok
10:20:40.0475 0x0964 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:20:40.0475 0x0964 Serenum - ok
10:20:40.0491 0x0964 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:20:40.0491 0x0964 Serial - ok
10:20:40.0507 0x0964 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:20:40.0507 0x0964 sermouse - ok
10:20:40.0538 0x0964 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:20:40.0538 0x0964 SessionEnv - ok
10:20:40.0553 0x0964 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:20:40.0553 0x0964 sffdisk - ok
10:20:40.0569 0x0964 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:20:40.0569 0x0964 sffp_mmc - ok
10:20:40.0585 0x0964 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:20:40.0585 0x0964 sffp_sd - ok
10:20:40.0600 0x0964 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:20:40.0600 0x0964 sfloppy - ok
10:20:40.0631 0x0964 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:20:40.0647 0x0964 SharedAccess - ok
10:20:40.0678 0x0964 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:20:40.0678 0x0964 ShellHWDetection - ok
10:20:40.0694 0x0964 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:20:40.0694 0x0964 SiSRaid2 - ok
10:20:40.0709 0x0964 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:20:40.0709 0x0964 SiSRaid4 - ok
10:20:40.0725 0x0964 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:20:40.0725 0x0964 Smb - ok
10:20:40.0772 0x0964 [ 20635287FAA016E4E2A07E86C02759B8, 6248EE0C41A845D4DA2B129C19392F51E971592899F3CFBA32363502A2931352 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
10:20:40.0772 0x0964 snapman - ok
10:20:40.0787 0x0964 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:20:40.0787 0x0964 SNMPTRAP - ok
10:20:40.0787 0x0964 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:20:40.0787 0x0964 spldr - ok
10:20:40.0834 0x0964 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:20:40.0834 0x0964 Spooler - ok
10:20:40.0975 0x0964 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:20:41.0021 0x0964 sppsvc - ok
10:20:41.0053 0x0964 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:20:41.0053 0x0964 sppuinotify - ok
10:20:41.0068 0x0964 [ D8B882C520FC83547E22014FF5EC66D7, FC239052E74EEEC9B3CCE21B0D1D2127662ED68367D08C51F3D040AC368E1CAE ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys
10:20:41.0068 0x0964 Spyder3 - ok
10:20:41.0146 0x0964 [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS
10:20:41.0162 0x0964 SRTSP - ok
10:20:41.0224 0x0964 [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS
10:20:41.0224 0x0964 SRTSPX - ok
10:20:41.0255 0x0964 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:20:41.0271 0x0964 srv - ok
10:20:41.0302 0x0964 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:20:41.0318 0x0964 srv2 - ok
10:20:41.0318 0x0964 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:20:41.0333 0x0964 srvnet - ok
10:20:41.0333 0x0964 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:20:41.0349 0x0964 SSDPSRV - ok
10:20:41.0365 0x0964 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:20:41.0365 0x0964 SstpSvc - ok
10:20:41.0365 0x0964 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:20:41.0365 0x0964 stexstor - ok
10:20:41.0411 0x0964 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:20:41.0427 0x0964 stisvc - ok
10:20:41.0443 0x0964 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:20:41.0443 0x0964 swenum - ok
10:20:41.0583 0x0964 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:20:41.0599 0x0964 swprv - ok
10:20:41.0801 0x0964 [ 267C914667C94E5F47D342311C1C577F, E4FE7A8E41680E6845AD4D0FEEF4EDA6DACAE7728D2401520175AAD8ED16ABAD ] Symantec RemoteAssist C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
10:20:41.0817 0x0964 Symantec RemoteAssist - ok
10:20:41.0848 0x0964 [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS C:\Windows\system32\drivers\N360x64\1507000.00B\SYMDS64.SYS
10:20:41.0848 0x0964 SymDS - ok
10:20:41.0895 0x0964 [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA C:\Windows\system32\drivers\N360x64\1507000.00B\SYMEFA64.SYS
10:20:41.0911 0x0964 SymEFA - ok
10:20:41.0957 0x0964 [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:20:41.0957 0x0964 SymEvent - ok
10:20:41.0973 0x0964 [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS
10:20:41.0989 0x0964 SymIRON - ok
10:20:42.0020 0x0964 [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS
10:20:42.0020 0x0964 SymNetS - ok
10:20:42.0113 0x0964 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:20:42.0145 0x0964 SysMain - ok
10:20:42.0176 0x0964 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:20:42.0176 0x0964 TabletInputService - ok
10:20:42.0207 0x0964 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:20:42.0207 0x0964 TapiSrv - ok
10:20:42.0223 0x0964 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:20:42.0223 0x0964 TBS - ok
10:20:42.0269 0x0964 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:20:42.0301 0x0964 Tcpip - ok
10:20:42.0363 0x0964 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:20:42.0394 0x0964 TCPIP6 - ok
10:20:42.0410 0x0964 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:20:42.0410 0x0964 tcpipreg - ok
10:20:42.0425 0x0964 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:20:42.0425 0x0964 TDPIPE - ok
10:20:42.0488 0x0964 [ DF9179B7BDF0C5B71F9C3D93C016BAE5, F065E7ECEC27B4312A361A5C2AD388C10578250BAF31B20801B901449B736C77 ] tdrpman251 C:\Windows\system32\DRIVERS\tdrpm251.sys
10:20:42.0503 0x0964 tdrpman251 - ok
10:20:42.0550 0x0964 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:20:42.0550 0x0964 TDTCP - ok
10:20:42.0581 0x0964 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:20:42.0581 0x0964 tdx - ok
10:20:42.0597 0x0964 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:20:42.0597 0x0964 TermDD - ok
10:20:42.0628 0x0964 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:20:42.0644 0x0964 TermService - ok
10:20:42.0659 0x0964 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:20:42.0659 0x0964 Themes - ok
10:20:42.0706 0x0964 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:20:42.0706 0x0964 THREADORDER - ok
10:20:42.0769 0x0964 [ F7546EAD58CC3000AC02CF9529B9934E, 932A7A7AA50F207B97F52EF25CF2E38E57C2F88AC1AC203E1DC9CFA461CFA441 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
10:20:42.0784 0x0964 timounter - ok
10:20:42.0815 0x0964 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:20:42.0815 0x0964 TrkWks - ok
10:20:42.0862 0x0964 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:20:42.0862 0x0964 TrustedInstaller - ok
10:20:42.0940 0x0964 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:20:42.0940 0x0964 tssecsrv - ok
10:20:42.0987 0x0964 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:20:42.0987 0x0964 TsUsbFlt - ok
10:20:43.0159 0x0964 [ 258C050D197D923668B36C8D3F6A2353, 9A8CDC8FDCF24986FE963566591E2B535653837A8A63EE462126D336E6F94E97 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
10:20:43.0190 0x0964 TuneUp.UtilitiesSvc - ok
10:20:43.0221 0x0964 [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
10:20:43.0221 0x0964 TuneUpUtilitiesDrv - ok
10:20:43.0252 0x0964 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:20:43.0252 0x0964 tunnel - ok
10:20:43.0268 0x0964 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:20:43.0268 0x0964 uagp35 - ok
10:20:43.0283 0x0964 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:20:43.0299 0x0964 udfs - ok
10:20:43.0315 0x0964 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:20:43.0315 0x0964 UI0Detect - ok
10:20:43.0346 0x0964 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:20:43.0346 0x0964 uliagpkx - ok
10:20:43.0377 0x0964 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
10:20:43.0377 0x0964 umbus - ok
10:20:43.0393 0x0964 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:20:43.0393 0x0964 UmPass - ok
10:20:43.0439 0x0964 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
10:20:43.0439 0x0964 UnlockerDriver5 - ok
10:20:43.0471 0x0964 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:20:43.0486 0x0964 upnphost - ok
10:20:43.0502 0x0964 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:20:43.0502 0x0964 usbccgp - ok
10:20:43.0517 0x0964 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:20:43.0533 0x0964 usbcir - ok
10:20:43.0549 0x0964 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:20:43.0549 0x0964 usbehci - ok
10:20:43.0564 0x0964 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:20:43.0580 0x0964 usbhub - ok
10:20:43.0595 0x0964 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:20:43.0595 0x0964 usbohci - ok
10:20:43.0611 0x0964 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:20:43.0611 0x0964 usbprint - ok
10:20:43.0658 0x0964 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
10:20:43.0658 0x0964 usbscan - ok
10:20:43.0673 0x0964 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:20:43.0673 0x0964 USBSTOR - ok
10:20:43.0689 0x0964 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:20:43.0689 0x0964 usbuhci - ok
10:20:43.0736 0x0964 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:20:43.0736 0x0964 UxSms - ok
10:20:43.0767 0x0964 [ 97BCD40E27C46B398524DF9B4DC88A6F, D1466C414B6044B65D63138B3C42B54B3B6E54AD40613E171F980D0E0D9627B5 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
10:20:43.0767 0x0964 UxTuneUp - ok
10:20:43.0783 0x0964 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\Windows\system32\lsass.exe
10:20:43.0783 0x0964 VaultSvc - ok
10:20:43.0798 0x0964 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:20:43.0798 0x0964 vdrvroot - ok
10:20:43.0845 0x0964 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:20:43.0861 0x0964 vds - ok
10:20:43.0876 0x0964 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:20:43.0892 0x0964 vga - ok
10:20:43.0892 0x0964 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:20:43.0892 0x0964 VgaSave - ok
10:20:43.0907 0x0964 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:20:43.0923 0x0964 vhdmp - ok
10:20:43.0939 0x0964 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:20:43.0939 0x0964 viaide - ok
10:20:43.0954 0x0964 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:20:43.0954 0x0964 volmgr - ok
10:20:43.0954 0x0964 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:20:43.0970 0x0964 volmgrx - ok
10:20:43.0970 0x0964 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:20:43.0985 0x0964 volsnap - ok
10:20:44.0001 0x0964 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:20:44.0001 0x0964 vsmraid - ok
10:20:44.0063 0x0964 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:20:44.0095 0x0964 VSS - ok
10:20:44.0110 0x0964 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:20:44.0110 0x0964 vwifibus - ok
10:20:44.0141 0x0964 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:20:44.0141 0x0964 W32Time - ok
10:20:44.0141 0x0964 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:20:44.0157 0x0964 WacomPen - ok
10:20:44.0173 0x0964 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:20:44.0173 0x0964 WANARP - ok
10:20:44.0188 0x0964 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:20:44.0188 0x0964 Wanarpv6 - ok
10:20:44.0251 0x0964 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:20:44.0266 0x0964 WatAdminSvc - ok
10:20:44.0329 0x0964 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:20:44.0360 0x0964 wbengine - ok
10:20:44.0375 0x0964 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:20:44.0391 0x0964 WbioSrvc - ok
10:20:44.0407 0x0964 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:20:44.0407 0x0964 wcncsvc - ok
10:20:44.0422 0x0964 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:20:44.0422 0x0964 WcsPlugInService - ok
10:20:44.0438 0x0964 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:20:44.0438 0x0964 Wd - ok
10:20:44.0453 0x0964 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
10:20:44.0453 0x0964 WDC_SAM - ok
10:20:44.0485 0x0964 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:20:44.0485 0x0964 Wdf01000 - ok
10:20:44.0531 0x0964 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:20:44.0531 0x0964 WdiServiceHost - ok
10:20:44.0531 0x0964 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:20:44.0547 0x0964 WdiSystemHost - ok
10:20:44.0594 0x0964 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:20:44.0594 0x0964 WebClient - ok
10:20:44.0641 0x0964 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:20:44.0656 0x0964 Wecsvc - ok
10:20:44.0672 0x0964 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:20:44.0672 0x0964 wercplsupport - ok
10:20:44.0687 0x0964 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:20:44.0687 0x0964 WerSvc - ok
10:20:44.0719 0x0964 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:20:44.0719 0x0964 WfpLwf - ok
10:20:44.0719 0x0964 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:20:44.0719 0x0964 WIMMount - ok
10:20:44.0797 0x0964 WinDefend - ok
10:20:44.0812 0x0964 WinHttpAutoProxySvc - ok
10:20:44.0859 0x0964 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:20:44.0875 0x0964 Winmgmt - ok
10:20:44.0968 0x0964 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:20:45.0031 0x0964 WinRM - ok
10:20:45.0077 0x0964 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:20:45.0093 0x0964 Wlansvc - ok
10:20:45.0140 0x0964 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:20:45.0140 0x0964 wlcrasvc - ok
10:20:45.0265 0x0964 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:20:45.0296 0x0964 wlidsvc - ok
10:20:45.0327 0x0964 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:20:45.0327 0x0964 WmiAcpi - ok
10:20:45.0343 0x0964 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:20:45.0343 0x0964 wmiApSrv - ok
10:20:45.0343 0x0964 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:20:45.0343 0x0964 WPCSvc - ok
10:20:45.0374 0x0964 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:20:45.0374 0x0964 WPDBusEnum - ok
10:20:45.0374 0x0964 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:20:45.0374 0x0964 ws2ifsl - ok
10:20:45.0389 0x0964 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
10:20:45.0405 0x0964 wscsvc - ok
10:20:45.0405 0x0964 WSearch - ok
10:20:45.0499 0x0964 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
10:20:45.0545 0x0964 wuauserv - ok
10:20:45.0577 0x0964 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:20:45.0577 0x0964 WudfPf - ok
10:20:45.0592 0x0964 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:20:45.0592 0x0964 WUDFRd - ok
10:20:45.0623 0x0964 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:20:45.0623 0x0964 wudfsvc - ok
10:20:45.0655 0x0964 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:20:45.0655 0x0964 WwanSvc - ok
10:20:45.0670 0x0964 ================ Scan global ===============================
10:20:45.0686 0x0964 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:20:45.0717 0x0964 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:20:45.0733 0x0964 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:20:45.0748 0x0964 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:20:45.0764 0x0964 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:20:45.0779 0x0964 [ Global ] - ok
10:20:45.0779 0x0964 ================ Scan MBR ==================================
10:20:45.0795 0x0964 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:20:46.0169 0x0964 \Device\Harddisk0\DR0 - ok
10:20:46.0169 0x0964 ================ Scan VBR ==================================
10:20:46.0169 0x0964 [ 70B707B1FBB087D5EA8680C0C0F16E49 ] \Device\Harddisk0\DR0\Partition1
10:20:46.0247 0x0964 \Device\Harddisk0\DR0\Partition1 - ok
10:20:46.0247 0x0964 [ BA88DEE73D77145D56599FB71D6E4394 ] \Device\Harddisk0\DR0\Partition2
10:20:46.0279 0x0964 \Device\Harddisk0\DR0\Partition2 - ok
10:20:46.0279 0x0964 ================ Scan generic autorun ======================
10:20:46.0325 0x0964 [ 820D1184C0B9C426B71567DF3641DEE3, ABC8F4E1018ACD89F0473634DC38A25D864E577EB0F345E777E015AF02F70F89 ] C:\Windows\system32\igfxtray.exe
10:20:46.0325 0x0964 IgfxTray - ok
10:20:46.0357 0x0964 [ 09ED9D98114525A7F6913CDC4B14F5E9, AB0850698A3E3F53B96F3AA81E4981CEE336DC01FC5BB5AB0538F342CCFCE0FA ] C:\Windows\system32\hkcmd.exe
10:20:46.0357 0x0964 HotKeysCmds - ok
10:20:46.0388 0x0964 [ 764998FAC5233DA8E2A896799DB1A991, 2B1CA708A253A3F65BDC3B21924058C8A19EDF7255A6975BABF9B26B71FE5330 ] C:\Windows\system32\igfxpers.exe
10:20:46.0388 0x0964 Persistence - ok
10:20:46.0435 0x0964 [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
10:20:46.0450 0x0964 NUSB3MON - ok
10:20:46.0497 0x0964 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:20:46.0497 0x0964 APSDaemon - ok
10:20:46.0544 0x0964 [ ED00E26A63133795647449445CF896CC, B731EB5D04CA81C3855E17251192E59F9B7C2EC5B937E6C09F4351A6DC56CA9D ] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
10:20:46.0559 0x0964 TkBellExe - ok
10:20:46.0840 0x0964 [ 09266319529C342813EA013E24200568, DEC1DCC14CD08304CF502FE4AD5CC188982705BF7D642A8E0EA239F6CB0CE57D ] C:\Program Files\CCleaner\CCleaner64.exe
10:20:47.0090 0x0964 CCleaner Monitoring - ok
10:20:47.0105 0x0964 Waiting for KSN requests completion. In queue: 337
10:20:48.0119 0x0964 Waiting for KSN requests completion. In queue: 25
10:20:49.0133 0x0964 Waiting for KSN requests completion. In queue: 25
10:20:50.0163 0x0964 AV detected via SS2: Norton 360 Premier Edition, C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe ( 21.7.0.0 ), 0x50000 ( disabled : updated )
10:20:50.0163 0x0964 FW detected via SS2: Norton 360 Premier Edition, C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe ( 21.7.0.0 ), 0x51010 ( enabled )
10:20:52.0753 0x0964 ============================================================
10:20:52.0753 0x0964 Scan finished
10:20:52.0753 0x0964 ============================================================
10:20:52.0753 0x0e5c Detected object count: 0
10:20:52.0753 0x0e5c Actual detected object count: 0
10:24:25.0303 0x0ea0 Deinitialize success

M-K-D-B 25.06.2015 13:53
Zukünftig bitte beachten:
Zitat:
Running from C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0POMIK1Y
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.


FRST bitte nochmal, dieses Mal vom Desktop:
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

Frusti 25.06.2015 15:06
Hallo M-K-D-B,

ok, entschuldige bitte meinen Fehler.

Hier die beiden neuen FRST's. Ich hoffe, so ist es verwertbar:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by Besitzer (administrator) on BESITZER-PC on 25-06-2015 15:59:41
Running from C:\Users\Besitzer\Desktop
Loaded Profiles: Besitzer (Available Profiles: Besitzer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2015-03-02] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-04-24]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
SearchScopes: HKU\S-1-5-21-1654125919-855541359-3433209274-1000 -> {D15E8C8C-9DAD-46A3-BB48-4B891FEDCE69} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1654125919-855541359-3433209274-1000 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-03-02] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-03-02] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-03-02]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-06-25]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HD Streamer) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh [2014-01-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 Symantec RemoteAssist; C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe [394704 2008-01-29] (Symantec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150617.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150624.001\IDSvia64.sys [692984 2015-06-19] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150624.037\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150624.037\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [1455648 2012-06-03] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-25 15:59 - 2015-06-25 15:59 - 02112512 _____ (Farbar) C:\Users\Besitzer\Desktop\FRST64.exe
2015-06-25 15:59 - 2015-06-25 15:59 - 00018455 _____ C:\Users\Besitzer\Desktop\FRST.txt
2015-06-25 11:52 - 2015-06-25 11:52 - 00016004 _____ C:\Users\Besitzer\Desktop\2015-06-24_Fatima.odt
2015-06-25 10:10 - 2015-06-25 14:19 - 00003352 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-25 10:10 - 2015-06-25 14:19 - 00003224 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-25 10:01 - 2015-06-25 15:59 - 00000000 ____D C:\FRST
2015-06-25 09:28 - 2015-06-25 09:29 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{AE80FA3E-B323-41F0-960E-F8B3FAB02FC1}
2015-06-24 22:34 - 2015-06-24 22:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6E741019-A810-4C31-AC0D-EABA92654FD1}
2015-06-24 17:53 - 2015-06-24 17:53 - 00011407 _____ C:\Users\Besitzer\Desktop\Hallo Matthias,.odt
2015-06-24 14:38 - 2015-06-24 14:38 - 00016839 _____ C:\Users\Besitzer\Desktop\Karin  Anruf am 23.06.15.odt
2015-06-24 14:08 - 2015-06-24 14:12 - 00018637 _____ C:\Users\Besitzer\Desktop\2015-06-22_Ingeburg.odt
2015-06-24 10:33 - 2015-06-24 10:33 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{3698FC97-8136-4730-9706-D2E4F521A7B9}
2015-06-23 16:34 - 2015-06-23 16:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{F1A0AD4E-D2AA-4CF6-A0A3-FA46283BBBB4}
2015-06-23 10:32 - 2015-06-23 10:33 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6BAD62E7-7FF9-4AB3-8DBE-D03B61A57242}
2015-06-22 17:45 - 2015-06-22 17:46 - 00000000 ____D C:\Users\Besitzer\Desktop\Alex-III Münze-Auktion
2015-06-22 14:51 - 2015-06-22 14:52 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{77F14D45-85AD-4F8B-87D6-2CA009763696}
2015-06-22 11:00 - 2015-06-22 11:00 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{B8FBADF1-F158-4458-A6B6-676BDF3D150E}
2015-06-22 09:37 - 2015-06-25 10:08 - 00000392 _____ C:\Windows\setupact.log
2015-06-22 09:37 - 2015-06-22 09:37 - 00000000 _____ C:\Windows\setuperr.log
2015-06-22 09:36 - 2015-06-24 17:55 - 00004818 _____ C:\Windows\PFRO.log
2015-06-21 20:33 - 2015-06-21 20:33 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{A04F83CE-40C7-4238-9C6E-E2261A6CBFA2}
2015-06-21 16:25 - 2015-06-21 16:59 - 00000000 ____D C:\Users\Besitzer\Desktop\Expander
2015-06-21 13:45 - 2015-06-24 20:58 - 00003246 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-21 13:39 - 2015-06-21 17:23 - 00013503 _____ C:\Users\Besitzer\Desktop\Neue Porns.odt
2015-06-20 16:34 - 2015-06-20 16:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{68C0B195-7625-4BF2-BED6-D70C139E588D}
2015-06-20 09:06 - 2015-06-20 09:06 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{EAD99F9E-7797-4CC2-BAA1-012BD396330C}
2015-06-19 11:28 - 2015-06-21 18:40 - 00000000 ____D C:\Users\Besitzer\Desktop\2015-06-19_Sammelsurium
2015-06-19 09:20 - 2015-06-19 09:20 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{70F74F39-5742-4969-9E3E-8A3C17B51800}
2015-06-18 20:46 - 2015-06-18 20:46 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{4E6B9784-7B01-48B7-890A-592F64DB25F8}
2015-06-18 07:52 - 2015-06-18 07:52 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6840BB48-CDBA-492E-8C7F-B55EB8274101}
2015-06-17 09:40 - 2015-06-17 09:40 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6B4B61E7-3016-47DE-8C3B-A0D93EBD4F0A}
2015-06-16 10:58 - 2015-06-22 17:34 - 00000000 ____D C:\Users\Besitzer\Desktop\Invitation Christa
2015-06-16 10:24 - 2015-06-16 10:24 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{E5857EF1-FE77-427E-AEAA-77E50ECAE40B}
2015-06-15 12:09 - 2015-06-15 11:57 - 00022104 _____ C:\Users\Besitzer\Desktop\Ziele erreichen.odt
2015-06-15 12:09 - 2015-06-15 11:50 - 00021263 _____ C:\Users\Besitzer\Desktop\Ziele setzen.odt
2015-06-15 09:20 - 2015-06-15 09:20 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{700C4F34-CD51-437A-9E58-3846BE655788}
2015-06-14 11:07 - 2015-06-14 11:07 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{D79776A5-A4ED-448D-B4C6-B82523114DB0}
2015-06-13 10:10 - 2015-06-13 10:11 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{3D3B32AE-5DA0-400F-B1D3-8F9913933A49}
2015-06-12 10:50 - 2015-06-12 10:50 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{55B4645D-E629-48E2-8447-C11C7C6F03BF}
2015-06-11 11:00 - 2015-06-11 11:00 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{FC23FC08-E06B-4108-8819-6D6FC590D8AB}
2015-06-10 16:35 - 2015-06-10 16:35 - 00166957 _____ C:\Users\Besitzer\Desktop\Cycas revoluta.odt
2015-06-10 16:21 - 2015-06-10 16:21 - 00011772 _____ C:\Users\Besitzer\Desktop\Pulque.odt
2015-06-10 14:29 - 2015-06-10 14:29 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{C1846F8B-6D97-41AC-A645-2FBD43987ED0}
2015-06-10 14:27 - 2015-06-10 14:27 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{9AA0312B-F1F8-40F2-A980-E7FEA22C2288}
2015-06-10 10:46 - 2015-06-10 10:46 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{EA3FE167-4C28-42CE-8F6B-5DB3A7B6C1DD}
2015-06-10 09:40 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 09:40 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 09:40 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 09:40 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 09:40 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 09:40 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 09:40 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 09:40 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 09:40 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 09:40 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 09:40 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 09:40 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 09:40 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 09:40 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 09:40 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 09:40 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:39 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 09:39 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 09:39 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 09:39 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 09:39 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 09:39 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 09:39 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 09:39 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 09:39 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 09:39 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 09:39 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 09:39 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 09:39 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 09:39 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 09:39 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 09:39 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 09:39 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 09:39 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 09:39 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 09:39 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 09:39 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 09:39 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 09:39 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 09:39 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 09:39 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 09:39 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 09:39 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 09:39 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 09:39 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 09:39 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 09:39 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 09:39 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 09:39 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 09:39 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 09:39 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 09:39 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 09:39 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 09:39 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 09:39 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 09:39 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 09:39 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 09:39 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 09:39 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 09:39 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 09:39 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 09:39 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 09:39 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 09:39 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 09:39 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 09:39 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 09:39 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 09:39 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:39 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 09:39 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 09:39 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 09:39 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 09:39 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 19:32 - 2015-06-09 19:42 - 345237209 _____ C:\Users\Besitzer\Desktop\saartalk.-saartalk._mit_Grand_Prix_Gewinnerin_Nicole-saartalk_20150608_193501_L.mp4
2015-06-09 12:19 - 2015-06-09 12:19 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{2120BF8A-E7AD-40CE-8A29-F1C79FEB2ABC}
2015-06-08 12:17 - 2015-06-08 12:17 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{1787E386-7967-409F-8714-4BCC6F4CF338}
2015-06-07 09:58 - 2015-06-07 09:59 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{DFD7E54B-4441-47A8-8BAD-60F136D851B0}
2015-06-06 11:59 - 2015-06-06 11:59 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{242CC1BE-4C55-424E-9204-6AB4B3DF25B0}
2015-06-05 21:11 - 2015-06-05 21:11 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{ACA48491-C6A1-47B0-A9EC-AF85E1092746}
2015-06-05 10:48 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 10:48 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 10:48 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 09:03 - 2015-06-05 09:03 - 00342252 _____ C:\Users\Besitzer\Desktop\bpost messthaler.html
2015-06-05 08:51 - 2015-06-05 08:51 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{9761ADE1-5987-49D5-94D4-174777C7179C}
2015-06-04 16:19 - 2015-06-04 16:19 - 00013440 _____ C:\Users\Besitzer\Desktop\Klotz,  03.06.15.odt
2015-06-04 13:44 - 2015-06-04 13:45 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{2D72BB77-DA94-49FC-87C0-64D370ACECB7}
2015-06-03 12:11 - 2015-06-03 12:12 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{C3EB9603-DD3B-456E-8CA1-BC187CF095A8}
2015-06-03 07:23 - 2015-06-03 07:23 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-02 22:34 - 2015-06-02 22:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{EC7F3EF6-040B-408F-86E6-DFAACA07AFE1}
2015-06-02 09:21 - 2015-06-02 09:21 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{885B25B9-B371-4457-A1D3-B6FA04686B2A}
2015-06-01 18:28 - 2015-06-01 18:28 - 00000000 ____D C:\Users\Besitzer\AppData\Local\GWX
2015-06-01 14:43 - 2015-06-01 14:43 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{C139AE5F-9DED-41F2-B706-CA67E2E91C7A}
2015-05-31 09:49 - 2015-05-31 09:49 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{92E22DB1-D7BB-4A16-95F0-E803218A054E}
2015-05-30 08:27 - 2015-05-30 08:27 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{ACDDA970-363D-43C2-BE08-82CAF1E601E6}
2015-05-29 08:22 - 2015-05-29 08:22 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{8B27437E-EE4D-42BB-9E07-35DF7FFA5990}
2015-05-28 09:04 - 2015-05-28 09:04 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{5A483A23-5AA1-414B-818D-6496F5DCA009}
2015-05-27 22:00 - 2015-05-27 22:01 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{DD7ECBE7-9DC4-4BFA-B3B5-64B30F6537E7}
2015-05-27 08:31 - 2015-05-27 08:31 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{A4F79049-FBFA-4456-84BB-EE236E06533B}
2015-05-26 15:38 - 2015-05-26 15:38 - 00023810 _____ C:\Users\Besitzer\Desktop\Flecken in Maria-Theresien-Taler-Nachprägung.odt
2015-05-26 15:11 - 2015-05-26 15:11 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{0A418DAE-8C1A-437A-840D-9E22D0300F7A}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-25 15:52 - 2012-10-04 20:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-25 15:46 - 2013-11-13 18:06 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{083BECD6-A6F2-4401-A905-5865C87918C6}
2015-06-25 15:21 - 2012-12-07 08:53 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-25 15:21 - 2012-12-07 08:53 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-25 15:02 - 2009-07-14 06:45 - 00023568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-25 15:02 - 2009-07-14 06:45 - 00023568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-25 14:18 - 2013-09-23 12:36 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\vlc
2015-06-25 14:18 - 2009-07-14 19:58 - 00699390 _____ C:\Windows\system32\perfh007.dat
2015-06-25 14:18 - 2009-07-14 19:58 - 00152094 _____ C:\Windows\system32\perfc007.dat
2015-06-25 14:18 - 2009-07-14 07:13 - 01659792 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-25 11:52 - 2011-05-12 18:37 - 49739264 ___SH C:\Users\Besitzer\Desktop\Thumbs.db
2015-06-25 10:21 - 2014-12-29 11:14 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 10:10 - 2011-04-04 12:29 - 01574684 _____ C:\Windows\WindowsUpdate.log
2015-06-25 10:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-24 21:11 - 2015-03-07 17:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-24 20:49 - 2011-04-07 18:15 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CrashDumps
2015-06-24 17:52 - 2012-10-04 20:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 17:52 - 2012-10-04 20:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 17:52 - 2012-10-04 20:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-24 11:43 - 2012-06-08 08:40 - 00003756 _____ C:\Windows\System32\Tasks\Real Player-Online-Aktualisierungsprogramm
2015-06-23 18:34 - 2014-05-01 16:38 - 00000000 ____D C:\Users\Besitzer\Desktop\Essen auf Rädern
2015-06-22 16:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 09:39 - 2014-06-21 16:42 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Adobe
2015-06-12 14:40 - 2014-05-01 15:02 - 00000000 ____D C:\Users\Besitzer\Desktop\D - III - DVDs  und  Festplatte-HDD
2015-06-10 18:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 14:12 - 2014-11-12 14:52 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieBrowserModeList
2015-06-10 14:12 - 2014-05-07 06:53 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieUserList
2015-06-10 14:12 - 2014-05-07 06:53 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieSiteList
2015-06-10 13:47 - 2015-03-01 15:59 - 00297616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 12:02 - 2013-08-14 21:13 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 11:58 - 2011-04-04 15:51 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 19:39 - 2015-04-21 09:28 - 00000000 ____D C:\Users\Besitzer\.mediathek3
2015-06-09 19:32 - 2015-04-21 09:43 - 00000000 ____D C:\Users\Besitzer\MediathekView
2015-06-09 19:01 - 2012-09-22 19:59 - 00051200 ___SH C:\Users\Besitzer\Documents\Thumbs.db
2015-06-05 18:29 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-05 15:59 - 2014-12-10 18:00 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-05 15:59 - 2014-05-06 21:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-02 17:31 - 2015-05-13 10:45 - 00000000 ____D C:\Users\Besitzer\Desktop\PC
2015-05-28 10:50 - 2011-04-07 18:06 - 00000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2010-08-31 10:42 - 2010-08-31 10:42 - 0006148 _____ () C:\Program Files (x86)\Common Files\.DS_Store
2014-03-12 17:12 - 2014-03-12 17:12 - 0000044 _____ () C:\Users\Besitzer\AppData\Roaming\WB.CFG
2011-05-11 20:06 - 2015-03-04 19:18 - 0007168 _____ () C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-09 13:47 - 2015-03-09 13:47 - 0000000 ____H () C:\ProgramData\V93GE

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-24 12:42

==================== End of log ============================
--- --- ---



===========================
=============================
[QUOTE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Besitzer at 2015-06-25 16:00:18
Running from C:\Users\Besitzer\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1654125919-855541359-3433209274-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1654125919-855541359-3433209274-1006 - Limited - Enabled)
Besitzer (S-1-5-21-1654125919-855541359-3433209274-1000 - Administrator - Enabled) => C:\Users\Besitzer
Gast (S-1-5-21-1654125919-855541359-3433209274-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1654125919-855541359-3433209274-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Premier Edition (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier Edition (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis*True*Image*Home (HKLM-x32\...\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}) (Version: 13.0.5029 - Acronis)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\{2755BEE9-F03B-4FB8-BB71-0BA3F2629F18}) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1654125919-855541359-3433209274-1000\...\Amazon Kindle) (Version:  - Amazon)
AM-DeadLink 4.6 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.6 - WebSite-Watcher - Software to check websites for updates and changes (web page monitoring))
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diercke Globus Online (HKLM-x32\...\Diercke Globus Online) (Version: 2.1.36 - Imagon GmbH)
Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.415 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.415 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
OEBackup - Outlook Express Datensicherung (Testversion) (HKLM-x32\...\OutlookExpressDatensicherung) (Version:  - )
OEMaster - DBX-Reader und Daten-Export für Outlook Express (HKLM-x32\...\OEMaster-Daten-ExportfürOutlookExpress) (Version:  - )
OLYMPUS Digital Camera Updater (HKLM-x32\...\{A68C62E8-B243-4777-89BB-12173DFA1D45}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RealDownloader (x32 Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SilverFast 8.0.1r13 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.0.1r13 - LaserSoft Imaging AG)
Stellarium 0.13.1 (HKLM-x32\...\Stellarium_is1) (Version: 0.13.1 - Stellarium team)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Symantec Technical Support Web Controls (HKLM-x32\...\{20C53FA2-4307-4671-A93F-9463B29DFCF1}) (Version: 3.5.3 - Symantec Corporation)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WOT für Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

22-06-2015 10:49:59 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-02-26 12:25 - 00000035 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {031DD665-A4FC-43F1-A910-17EC72EE4C48} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {0A09A241-4E42-463C-8FC3-32D56E7B4ED5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {0B2DD2F8-3803-4FFB-A356-B90CCE77374C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {0D0700C1-2039-4203-BB6C-C3B8EAAA4D92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {27093550-600E-450A-8B7F-0CDA7B53F8D9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {2EB26125-02FB-4F8D-BB82-A45C3B00F9E1} - System32\Tasks\{EF28A5FD-BFF8-4212-9D83-6EFC93B9C0FB} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {2F41D3F5-62CC-4510-A39A-D5D52071DAC0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {400314AA-48FB-4480-9C72-028BCD6A2591} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {49A63869-8BC4-46D9-848A-AA1E7D005F61} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-08-12] (RealNetworks, Inc.)
Task: {4DADF2CA-9334-49C8-8826-88B4ACE47900} - System32\Tasks\Google Updater and Installer => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {55515B29-1490-4787-9AAE-48A5A07300B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {5687AFCB-F8A1-4661-B4B3-3AD8F3541754} - System32\Tasks\{6976D51C-B97F-480C-9B1E-D78F8A738E92} => pcalua.exe -a "C:\Users\Besitzer\Desktop\Programme          -auf PC-6 -\OEMaster  082\Setup.exe" -d "C:\Users\Besitzer\Desktop\Programme          -auf PC-6 -\OEMaster  082"
Task: {5B944C46-99EB-4559-B528-1659F78A0DEC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {69B4DE0B-5054-4760-9E77-186BDC229F6A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {77FC51DB-F189-49BA-82CB-4B9906A20E5D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {78E05A94-48E1-4866-93F2-D9D38F865EEE} - System32\Tasks\{1F7E5E00-647A-47E6-9221-252E2625D665} => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe [2009-08-28] (Acronis)
Task: {7FC83C0E-00EF-4589-987E-90F98BD6ADBB} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {83BBEF56-C32C-4465-8679-D8B3C1294BF1} - System32\Tasks\{B8A21EE9-7235-49BD-9493-2DB5DFC4D4D6} => pcalua.exe -a C:\Users\Besitzer\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Besitzer\Downloads
Task: {8BD6AC21-8434-4ADD-8015-50BAA928F8CE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {97DC5E36-A874-4A9E-9082-95A93FC76864} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {A9944B24-ACCC-40D5-9301-FDB504DB92B3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {A9F98046-3081-4997-B922-FFE619E35DA5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {B01A5339-5272-4863-AB3A-A65877772433} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B10F2A1C-0C6D-46EF-BCEB-6ABC91D5064B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {B15CC9C0-AFC8-446E-B436-F05055B3E686} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {B9915873-9AEF-4A39-92E4-9881D16042F4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {BA8DE5A7-A1B5-4BDF-830A-F4E86D4F9BD7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {BB3C9B46-660E-468F-A7FB-4F0167C925A8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe
Task: {BC7DC894-B831-4252-AC27-90C77817F0B8} - \Start Registry Reviver No Task File <==== ATTENTION
Task: {C1C57C49-5910-4B88-86A6-A152BD354B1F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {C30E1EBC-F7B2-42BC-9C8C-68C1EE7BA375} - System32\Tasks\{E61EAE4B-AADF-40B4-B9C1-55D0ADA7AB47} => pcalua.exe -a C:\Users\Besitzer\Desktop\swfsetup-2-6.exe -d C:\Users\Besitzer\Desktop
Task: {C7E8F109-5765-445C-849F-C720D48603A3} - System32\Tasks\{3E41D0D5-558F-4424-A981-BF9E51EEF31B} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WGCKGF3G\RegCleaner[1].exe" -d C:\Users\Besitzer\Desktop
Task: {D1C27D89-8A79-4A5A-AB71-3889CE10DF2A} - System32\Tasks\{42C1F945-6EBE-437E-8AE1-88D60BD1CA54} => pcalua.exe -a C:\Users\Besitzer\Desktop\irfanview_plugins_427_setup.exe -d C:\Users\Besitzer\Desktop
Task: {D4F8EEDC-64E7-49AD-BE69-88852D88F58D} - System32\Tasks\Real Networks Scheduler => c:\program files (x86)\real\realplayer\Update\realsched.exe [2015-03-02] (RealNetworks, Inc.)
Task: {D612F351-70A0-4FFE-B900-FE832E114413} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-21] (Microsoft Corporation)
Task: {DCDA6114-7A9F-4D6C-A4B5-C3A4563420D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {E11A1FE1-3971-49DE-A5A9-9250E2C2DF49} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {E82F5AC5-126C-4316-B75D-CBB5DB373CC1} - System32\Tasks\{974799ED-061E-4569-B98A-017C857A82E8} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JCU6EN96\DierckeGlobusOnline.exe" -d C:\Users\Besitzer\Desktop
Task: {EDCEDC44-7B66-44A4-A8EA-7E71A6196586} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EE289BC9-387C-488C-B2D6-B6FBFE6DEA46} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {F7E186B2-5BEB-4176-B198-85BFCBC22408} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2015-03-02] (RealNetworks, Inc.)
Task: {FC1F032C-7853-4FCA-918D-3D213E04DE08} - System32\Tasks\{16D2A7FC-5A97-4D12-B147-F00E9F44C7A0} => C:\Program Files (x86)\Datacolor\Spyder3Express\Spyder3Express.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-08-12 12:34 - 2014-08-12 12:34 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                     
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe                                                                                                                                                                                                       

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCB6148C-8AEF-431E-8118-1F725B6AFF43}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{25579D7E-AD88-4669-A5EF-5D2B3850CE20}] => (Allow) LPort=2869
FirewallRules: [{058C2573-AB4C-4EFA-8C95-FF82CFE53EC1}] => (Allow) LPort=1900
FirewallRules: [{A7942C46-1F15-4346-958A-2F336879B005}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{24BA15E4-2FA1-4BBC-98EA-2D2282E59191}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{74E41A11-2636-44DE-9AF3-BD1796E6162A}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{F95023A9-A83A-4870-B858-A606C76401BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2865131E-A377-49F3-8999-5AD662E8EDAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2015 10:14:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x84c
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/25/2015 10:03:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x868
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/25/2015 09:32:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x874
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/24/2015 08:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: recordingmanager.exe, Version: 1.3.4.3, Zeitstempel: 0x53ea5e97
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000cea5f
ID des fehlerhaften Prozesses: 0x7b0
Startzeit der fehlerhaften Anwendung: 0xrecordingmanager.exe0
Pfad der fehlerhaften Anwendung: recordingmanager.exe1
Pfad des fehlerhaften Moduls: recordingmanager.exe2
Berichtskennung: recordingmanager.exe3

Error: (06/24/2015 06:09:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/24/2015 06:02:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x860
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/24/2015 05:24:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/24/2015 10:31:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x560
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (06/23/2015 04:51:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm recordingmanager.exe, Version 1.3.4.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13f4

Startzeit: 01d0adc371e022ed

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe

Berichts-ID: 3c0725a7-19b7-11e5-bb0b-4061865ed214

Error: (06/23/2015 04:46:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/25/2015 03:58:49 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 11:19:43 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 11:19:43 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 11:08:32 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 11:08:32 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 11:06:54 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 11:06:54 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 11:06:54 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/25/2015 10:14:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/25/2015 10:03:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (06/25/2015 10:14:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353484c01d0af1e24be7337C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe300898d6-1b12-11e5-9e95-4061865ed214

Error: (06/25/2015 10:03:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353486801d0af1cab5e8a6aC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exeaa00a6ff-1b10-11e5-963c-4061865ed214

Error: (06/25/2015 09:32:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353487401d0af1837d7f9b7C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe5ef6b52b-1b0c-11e5-9a47-4061865ed214

Error: (06/24/2015 08:49:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: recordingmanager.exe1.3.4.353ea5e97ntdll.dll6.1.7601.1886955636317c0000374000cea5f7b001d0ae96b3ee32faC:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exeC:\Windows\SysWOW64\ntdll.dllafb25a65-1aa1-11e5-ab03-4061865ed214

Error: (06/24/2015 06:09:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe

Error: (06/24/2015 06:02:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353486001d0ae965a5bdc77C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe752d0d40-1a8a-11e5-ab03-4061865ed214

Error: (06/24/2015 05:24:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe

Error: (06/24/2015 10:31:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353456001d0ae577b2e9cbfC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe701c6429-1a4b-11e5-b662-4061865ed214

Error: (06/23/2015 04:51:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: recordingmanager.exe1.3.4.313f401d0adc371e022ed16C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe3c0725a7-19b7-11e5-bb0b-4061865ed214

Error: (06/23/2015 04:46:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe


CodeIntegrity Errors:
===================================
  Date: 2014-02-18 18:03:40.466
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-18 18:03:40.247
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E6600 @ 3.06GHz
Percentage of memory in use: 43%
Total physical RAM: 4061.24 MB
Available physical RAM: 2311 MB
Total Pagefile: 8120.69 MB
Available Pagefile: 6404.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.17 GB) (Free:1331.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 7FD2F734)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---


Viele Grüße
Frusti

M-K-D-B 25.06.2015 19:42
Servus,




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Frusti 26.06.2015 09:42
Hallo,

ich habe Norton 360 Premier Edition und habe "Intelligente Firewall" und "Antivirus Auto-Protect" deaktiviert.

Trotzdem zeigt mir Combofix an, daß bei Norton 360 Premier Edition die "Antispyware" aktiv sei???

Dies könne zu Schäden am PC führen.

Wie ist das zu beurteilen?

Gruß
Frusti

M-K-D-B 26.06.2015 20:15
Servus,


wenn du Norton deaktiviert hast, sollte das passen. ComboFix bitte durchlaufen lassen.

Frusti 27.06.2015 09:56
Hallo,

hier das ComboFix.txt- ich hoffe, ich habe alles richtig gemacht:

Zitat:
ComboFix 15-06-26.01 - Besitzer 27.06.2015 10:27:12.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.2578 [GMT 2:00]
ausgeführt von:: C:\Users\Besitzer\Desktop\ComboFix.exe
AV: Norton 360 Premier Edition *Disabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
FW: Norton 360 Premier Edition *Disabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
SP: Norton 360 Premier Edition *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}


(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))


C:\Windows\SysWow64\DEBUG.log

C:\Windows\SysWow64\Drivers\atapi.sys . . . ist infiziert!!


((((((((((((((((((((((( Dateien erstellt von 2015-05-27 bis 2015-06-27 ))))))))))))))))))))))))))))))


2015-06-27 08:41:57 . 2015-06-27 08:41:57 -------- d-----w- C:\Users\Public\AppData\Local\temp
2015-06-27 08:41:57 . 2015-06-27 08:41:57 -------- d-----w- C:\Users\Default\AppData\Local\temp
2015-06-27 08:41:57 . 2015-06-27 08:41:57 -------- d-----w- C:\Users\Besitzer\AppData\Local\temp
2015-06-25 08:01:20 . 2015-06-25 14:00:31 -------- d-----w- C:\FRST
2015-06-10 07:39:41 . 2015-04-24 18:17:26 633856 ----a-w- C:\Windows\system32\comctl32.dll
2015-06-05 08:48:03 . 2015-05-22 18:18:41 700416 ----a-w- C:\Windows\system32\generaltel.dll
2015-06-05 08:48:03 . 2015-05-22 18:18:29 757248 ----a-w- C:\Windows\system32\invagent.dll
2015-06-05 08:48:03 . 2015-05-22 18:18:24 423424 ----a-w- C:\Windows\system32\devinv.dll
2015-06-05 08:48:03 . 2015-05-22 18:18:22 1021440 ----a-w- C:\Windows\system32\appraiser.dll
2015-06-05 08:48:03 . 2015-05-22 18:18:21 45568 ----a-w- C:\Windows\system32\acmigration.dll
2015-06-05 08:48:03 . 2015-05-22 18:18:21 227328 ----a-w- C:\Windows\system32\aepdu.dll
2015-06-05 08:48:03 . 2015-05-22 18:13:03 1119232 ----a-w- C:\Windows\system32\aeinv.dll
2015-06-05 08:48:03 . 2015-05-21 13:19:52 193536 ----a-w- C:\Windows\system32\aepic.dll
2015-06-01 16:28:09 . 2015-06-01 16:28:09 -------- d-----w- C:\Users\Besitzer\AppData\Local\GWX
.


(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2015-06-27 07:58:59 . 2012-10-04 18:29:59 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-06-27 07:58:59 . 2012-10-04 18:29:59 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-24 19:11:12 . 2015-03-07 15:40:40 129752 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-06-10 09:58:49 . 2011-04-04 13:51:17 140135120 ----a-w- C:\Windows\system32\MRT.exe
2015-05-25 18:01:17 . 2015-06-10 07:40:19 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2015-05-01 13:17:03 . 2015-05-13 09:02:45 124112 ----a-w- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41 . 2015-05-13 09:02:45 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17:07 . 2015-05-13 06:56:20 1647104 ----a-w- C:\Windows\system32\DWrite.dll
2015-04-20 03:17:07 . 2015-05-13 06:56:20 1179136 ----a-w- C:\Windows\system32\FntCache.dll
2015-04-20 02:56:29 . 2015-05-13 06:56:19 1250816 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-04-19 07:05:42 . 2015-04-19 07:06:40 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-19 07:03:10 . 2015-04-19 07:03:25 320424 ----a-w- C:\Windows\system32\javaws.exe
2015-04-19 07:03:10 . 2015-04-19 07:03:13 189352 ----a-w- C:\Windows\system32\javaw.exe
2015-04-19 07:03:10 . 2015-04-19 07:03:13 189352 ----a-w- C:\Windows\system32\java.exe
2015-04-19 07:03:10 . 2015-04-19 07:03:13 111016 ----a-w- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-18 03:10:57 . 2015-05-13 06:57:35 460800 ----a-w- C:\Windows\system32\certcli.dll
2015-04-18 02:56:57 . 2015-05-13 06:57:35 342016 ----a-w- C:\Windows\SysWow64\certcli.dll
2015-04-13 03:28:33 . 2015-05-13 06:56:33 328704 ----a-w- C:\Windows\system32\services.exe
2015-04-08 03:29:07 . 2015-05-13 06:56:12 275456 ----a-w- C:\Windows\system32\InkEd.dll
2015-04-08 03:14:07 . 2015-05-13 06:56:12 216064 ----a-w- C:\Windows\SysWow64\InkEd.dll


(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" [2015-06-01 18:27:22 8358680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 08:09:52 113288]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 17:51:06 59720]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe [2014-11-28 591576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
"Iminent"=C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
"IminentMessenger"=C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe;C:\Program Files (x86)\Secunia\PSI\sua.exe [x]
R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys;C:\Windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys;C:\Windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys;C:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Spyder3;Datacolor Spyder3;C:\Windows\system32\DRIVERS\Spyder3.sys;C:\Windows\SYSNATIVE\DRIVERS\Spyder3.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys;C:\Windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\1507000.00B\SYMDS64.SYS;C:\Windows\SYSNATIVE\drivers\N360x64\1507000.00B\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\1507000.00B\SYMEFA64.SYS;C:\Windows\SYSNATIVE\drivers\N360x64\1507000.00B\SYMEFA64.SYS [x]
S0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);C:\Windows\system32\DRIVERS\tdrpm251.sys;C:\Windows\SYSNATIVE\DRIVERS\tdrpm251.sys [x]
S1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150625.001\BHDrvx64.sys;C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150625.001\BHDrvx64.sys [x]
S1 ccSet_N360;N360 Settings Manager;C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys;C:\Windows\SYSNATIVE\drivers\N360x64\1507000.00B\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150626.001\IDSvia64.sys;C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150626.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS;C:\Windows\SYSNATIVE\drivers\N360x64\1507000.00B\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS;C:\Windows\SYSNATIVE\Drivers\N360x64\1507000.00B\SYMNETS.SYS [x]
S2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe;C:\Windows\SYSNATIVE\svchost.exe [x]
S2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe;C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\PSIA.exe;C:\Program Files (x86)\Secunia\PSI\PSIA.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys;C:\Windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys;C:\Windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf_amd64.sys;C:\Windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]


Inhalt des "geplante Tasks" Ordners

2015-06-27 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-04 18:30:00 . 2015-06-27 07:58:59]

2015-06-27 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07 06:53:17 . 2012-12-07 06:53:16]

2015-06-27 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07 06:53:17 . 2012-12-07 06:53:16]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2011-10-13 11:14:46 162584]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2011-10-13 11:14:38 386840]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2011-10-13 11:14:42 417560]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

------- Zusätzlicher Suchlauf -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://www.google.com
mLocal Page = C:\Windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant =
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default\

- - - - Entfernte verwaiste Registrierungseinträge - - - -

Toolbar-10 - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
Gruß
Frusti

M-K-D-B 27.06.2015 12:11
Servus,

  • Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
    Code:
    atapi.sys
  • Drücke auf Search Files.
  • FRST beginnt mit dem Suchlauf und erstellt am Ende eine Textdatei Search.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.

Frusti 27.06.2015 15:46
Hallo,

zunächst:
Auffallend war nach Durchführung von ComboFix war, daß danach zB der Papierkorb leer war und auch die Programme "FRST" und "ComboFix" vom Desktop verschwunden waren!?
Ist das richtig so?

==========================================

Zu dem von Dir genannten Teil:
Zitat: "Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
Code: Alles auswählen Aufklappen
ATTFilter"

Dies habe ich habe ich bei FRST nicht gefunden, nur die Zeile "Search" mit auszufüllendem Kästchen.
Dort habe ich "atapi.sys" eingegeben mit dem unten stehenden Ergebnis:

Zitat:
Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Besitzer at 2015-06-27 16:34:50
Running from C:\Users\Besitzer\Desktop
Boot Mode: Normal

================== Search Files: "atapi.sys
" =============

C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
[2009-07-14 01:19][2009-07-14 03:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]

C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009-07-14 01:19][2009-07-14 03:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]

C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-14 01:19][2009-07-14 03:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]

C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009-07-14 01:19][2009-07-14 03:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]

C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 01:19][2009-07-14 03:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]

C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009-07-14 01:19][2009-07-14 03:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]

C:\Windows\System32\drivers\atapi.sys
[2009-07-14 01:19][2009-07-14 03:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]

C:\Windows\erdnt\cache64\atapi.sys
[2014-02-18 19:05][2009-07-14 03:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]

====== End of Search ======
Gruß
Frusti

M-K-D-B 28.06.2015 10:44
Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Frusti 28.06.2015 15:00
Hallo,

hier die neuesten Ergebnisse:



AdwCleaner Logfile:
Code:
# AdwCleaner v4.207 - Bericht erstellt 28/06/2015 um 14:16:06
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-06-23.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Besitzer - BESITZER-PC
# Gestarted von : C:\Users\Besitzer\Desktop\AdwCleaner_4.207.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Besitzer\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Besitzer\AppData\Roaming\Babylon

***** [ Geplante Tasks ] *****

Task Gelöscht : Start Registry Reviver

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SDP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9103C314-C4E2-4463-8934-B19BCB46236D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97CEF41C-5055-474A-855A-892D4FE3E596}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Universal

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.1 (x86 de)

[5ab6qqw3.default\prefs.js] - Zeile Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2412 Bytes] - [28/06/2015 14:15:07]
AdwCleaner[S0].txt - [2287 Bytes] - [28/06/2015 14:16:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2346  Bytes] ##########
--- --- ---


==============
==============


Zitat:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
=====================
==================
Zitat:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 28.06.2015
Suchlauf-Zeit: 14:53:02
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.28.02
Rootkit Datenbank: v2015.06.26.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Besitzer

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 394751
Verstrichene Zeit: 9 Min, 35 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.0 (06.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Besitzer on 28.06.2015 at 15:42:59,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] C:\Program Files (x86)\tuneup utilities 2014



~~~ Chrome


[C:\Users\Besitzer\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Besitzer\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Besitzer\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Besitzer\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.06.2015 at 15:46:22,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
========================
=========================
[QUOTE
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015
Ran by Besitzer (administrator) on BESITZER-PC on 28-06-2015 15:55:35
Running from C:\Users\Besitzer\Desktop
Loaded Profiles: Besitzer (Available Profiles: Besitzer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_194_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-04-24]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1654125919-855541359-3433209274-1000 -> {D15E8C8C-9DAD-46A3-BB48-4B891FEDCE69} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{51DCD475-287D-43BE-A240-DB826AEB2CBC}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-27] ()
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-27] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-03-02] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-03-02] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-03-02]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-06-28]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HD Streamer) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh [2014-01-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 Symantec RemoteAssist; C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe [394704 2008-01-29] (Symantec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150625.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150626.001\IDSvia64.sys [692984 2015-06-19] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150627.002\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150627.002\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [1455648 2012-06-03] (Acronis)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 15:46 - 2015-06-28 15:46 - 00001271 _____ C:\Users\Besitzer\Desktop\JRT.txt
2015-06-28 15:30 - 2015-06-28 15:30 - 02112512 _____ (Farbar) C:\Users\Besitzer\Desktop\FRST64.exe
2015-06-28 15:10 - 2015-06-28 15:10 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BESITZER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-28 15:08 - 2015-06-28 15:09 - 02950808 _____ (Malwarebytes Corporation) C:\Users\Besitzer\Desktop\JRT.exe
2015-06-28 15:07 - 2015-06-28 15:07 - 00001210 _____ C:\Users\Besitzer\Desktop\mbam.txt
2015-06-28 14:23 - 2015-06-28 14:23 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-28 14:21 - 2015-06-28 14:21 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Besitzer\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-28 14:18 - 2015-06-28 14:18 - 00002434 _____ C:\Users\Besitzer\Desktop\AdwCleaner[S0].txt
2015-06-28 14:14 - 2015-06-28 14:16 - 00000000 ____D C:\AdwCleaner
2015-06-28 14:13 - 2015-06-28 14:13 - 02244096 _____ C:\Users\Besitzer\Desktop\AdwCleaner_4.207.exe
2015-06-28 08:40 - 2015-06-28 14:18 - 00003352 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-28 08:40 - 2015-06-28 14:18 - 00003224 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-27 16:34 - 2015-06-27 16:36 - 00001940 _____ C:\Users\Besitzer\Desktop\Search.txt
2015-06-27 10:47 - 2015-06-27 10:47 - 00019441 _____ C:\ComboFix.txt
2015-06-27 10:20 - 2015-06-27 10:47 - 00000000 ____D C:\ComboFix
2015-06-27 09:58 - 2015-06-27 09:59 - 00000326 _____ C:\Windows\SecuniaPackage.log
2015-06-27 09:56 - 2015-06-28 14:17 - 00000224 _____ C:\Windows\setupact.log
2015-06-27 09:56 - 2015-06-28 08:40 - 00005346 _____ C:\Windows\PFRO.log
2015-06-27 09:56 - 2015-06-27 09:56 - 00000000 _____ C:\Windows\setuperr.log
2015-06-26 10:33 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-26 10:33 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-26 10:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-26 10:32 - 2015-06-27 10:47 - 00000000 ____D C:\Qoobox
2015-06-25 16:00 - 2015-06-28 15:35 - 00033734 _____ C:\Users\Besitzer\Desktop\Addition.txt
2015-06-25 15:59 - 2015-06-28 15:55 - 00017924 _____ C:\Users\Besitzer\Desktop\FRST.txt
2015-06-25 11:52 - 2015-06-25 11:52 - 00016004 _____ C:\Users\Besitzer\Desktop\2015-06-24_Fatima.odt
2015-06-25 10:01 - 2015-06-28 15:55 - 00000000 ____D C:\FRST
2015-06-24 17:53 - 2015-06-24 17:53 - 00011407 _____ C:\Users\Besitzer\Desktop\Hallo Matthias,.odt
2015-06-24 14:38 - 2015-06-24 14:38 - 00016839 _____ C:\Users\Besitzer\Desktop\Karin  Anruf am 23.06.15.odt
2015-06-24 14:08 - 2015-06-24 14:12 - 00018637 _____ C:\Users\Besitzer\Desktop\2015-06-22_Ingeburg.odt
2015-06-22 17:45 - 2015-06-25 16:22 - 00000000 ____D C:\Users\Besitzer\Desktop\Alex-III Münze-Auktion
2015-06-21 16:25 - 2015-06-21 16:59 - 00000000 ____D C:\Users\Besitzer\Desktop\Expander
2015-06-21 13:45 - 2015-06-27 11:06 - 00003246 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-21 13:39 - 2015-06-21 17:23 - 00013503 _____ C:\Users\Besitzer\Desktop\Neue Porns.odt
2015-06-19 11:28 - 2015-06-21 18:40 - 00000000 ____D C:\Users\Besitzer\Desktop\2015-06-19_Sammelsurium
2015-06-16 10:58 - 2015-06-22 17:34 - 00000000 ____D C:\Users\Besitzer\Desktop\Invitation Christa
2015-06-15 12:09 - 2015-06-15 11:57 - 00022104 _____ C:\Users\Besitzer\Desktop\Ziele erreichen.odt
2015-06-15 12:09 - 2015-06-15 11:50 - 00021263 _____ C:\Users\Besitzer\Desktop\Ziele setzen.odt
2015-06-10 16:35 - 2015-06-10 16:35 - 00166957 _____ C:\Users\Besitzer\Desktop\Cycas revoluta.odt
2015-06-10 16:21 - 2015-06-10 16:21 - 00011772 _____ C:\Users\Besitzer\Desktop\Pulque.odt
2015-06-10 09:40 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 09:40 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 09:40 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 09:40 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 09:40 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 09:40 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 09:40 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 09:40 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 09:40 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 09:40 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 09:40 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 09:40 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 09:40 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 09:40 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 09:40 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 09:40 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:39 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 09:39 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 09:39 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 09:39 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 09:39 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 09:39 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 09:39 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 09:39 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 09:39 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 09:39 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 09:39 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 09:39 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 09:39 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 09:39 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 09:39 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 09:39 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 09:39 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 09:39 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 09:39 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 09:39 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 09:39 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 09:39 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 09:39 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 09:39 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 09:39 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 09:39 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 09:39 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 09:39 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 09:39 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 09:39 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 09:39 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 09:39 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 09:39 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 09:39 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 09:39 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 09:39 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 09:39 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 09:39 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 09:39 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 09:39 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 09:39 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 09:39 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 09:39 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 09:39 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 09:39 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 09:39 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 09:39 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 09:39 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 09:39 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 09:39 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 09:39 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 09:39 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:39 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 09:39 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 09:39 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 09:39 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 09:39 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 19:32 - 2015-06-09 19:42 - 345237209 _____ C:\Users\Besitzer\Desktop\saartalk.-saartalk._mit_Grand_Prix_Gewinnerin_Nicole-saartalk_20150608_193501_L.mp4
2015-06-05 10:48 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 10:48 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 10:48 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 09:03 - 2015-06-05 09:03 - 00342252 _____ C:\Users\Besitzer\Desktop\bpost messthaler.html
2015-06-04 16:19 - 2015-06-04 16:19 - 00013440 _____ C:\Users\Besitzer\Desktop\Klotz,  03.06.15.odt
2015-06-03 07:23 - 2015-06-03 07:23 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-01 18:28 - 2015-06-01 18:28 - 00000000 ____D C:\Users\Besitzer\AppData\Local\GWX

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 15:52 - 2013-11-13 18:06 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{083BECD6-A6F2-4401-A905-5865C87918C6}
2015-06-28 15:52 - 2012-10-04 20:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-28 15:51 - 2011-04-04 12:29 - 01750906 _____ C:\Windows\WindowsUpdate.log
2015-06-28 15:21 - 2012-12-07 08:53 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-28 15:21 - 2012-12-07 08:53 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-28 15:11 - 2013-09-07 14:35 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-06-28 14:53 - 2015-03-07 17:40 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-28 14:26 - 2009-07-14 06:45 - 00023568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-28 14:26 - 2009-07-14 06:45 - 00023568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-28 14:23 - 2015-03-07 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-28 14:23 - 2015-03-07 17:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-28 14:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-27 20:35 - 2011-05-12 18:37 - 49739264 ___SH C:\Users\Besitzer\Desktop\Thumbs.db
2015-06-27 10:47 - 2014-04-23 06:33 - 00000000 ____D C:\Users\dub_cm_auto
2015-06-27 10:42 - 2014-02-18 18:56 - 00000000 ____D C:\Windows\erdnt
2015-06-27 10:42 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-27 09:59 - 2012-10-04 20:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-27 09:58 - 2012-10-04 20:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-27 09:58 - 2012-10-04 20:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-26 17:02 - 2012-06-08 08:40 - 00003756 _____ C:\Windows\System32\Tasks\Real Player-Online-Aktualisierungsprogramm
2015-06-26 17:00 - 2011-04-07 18:15 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CrashDumps
2015-06-26 16:53 - 2011-04-07 18:06 - 00000000 ____D C:\Program Files\CCleaner
2015-06-26 14:54 - 2009-07-14 19:58 - 00699390 _____ C:\Windows\system32\perfh007.dat
2015-06-26 14:54 - 2009-07-14 19:58 - 00152094 _____ C:\Windows\system32\perfc007.dat
2015-06-26 14:54 - 2009-07-14 07:13 - 01659792 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-25 14:18 - 2013-09-23 12:36 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\vlc
2015-06-25 10:21 - 2014-12-29 11:14 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 18:34 - 2014-05-01 16:38 - 00000000 ____D C:\Users\Besitzer\Desktop\Essen auf Rädern
2015-06-22 16:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 09:39 - 2014-06-21 16:42 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Adobe
2015-06-12 14:40 - 2014-05-01 15:02 - 00000000 ____D C:\Users\Besitzer\Desktop\D - III - DVDs  und  Festplatte-HDD
2015-06-10 18:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 14:12 - 2014-11-12 14:52 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieBrowserModeList
2015-06-10 14:12 - 2014-05-07 06:53 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieUserList
2015-06-10 14:12 - 2014-05-07 06:53 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieSiteList
2015-06-10 13:47 - 2015-03-01 15:59 - 00297616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 12:02 - 2013-08-14 21:13 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 11:58 - 2011-04-04 15:51 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 19:39 - 2015-04-21 09:28 - 00000000 ____D C:\Users\Besitzer\.mediathek3
2015-06-09 19:32 - 2015-04-21 09:43 - 00000000 ____D C:\Users\Besitzer\MediathekView
2015-06-09 19:01 - 2012-09-22 19:59 - 00051200 ___SH C:\Users\Besitzer\Documents\Thumbs.db
2015-06-05 18:29 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-05 15:59 - 2014-12-10 18:00 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-05 15:59 - 2014-05-06 21:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-02 17:31 - 2015-05-13 10:45 - 00000000 ____D C:\Users\Besitzer\Desktop\PC

==================== Files in the root of some directories =======

2010-08-31 10:42 - 2010-08-31 10:42 - 0006148 _____ () C:\Program Files (x86)\Common Files\.DS_Store
2014-03-12 17:12 - 2014-03-12 17:12 - 0000044 _____ () C:\Users\Besitzer\AppData\Roaming\WB.CFG
2011-05-11 20:06 - 2015-03-04 19:18 - 0007168 _____ () C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-09 13:47 - 2015-03-09 13:47 - 0000000 ____H () C:\ProgramData\V93GE

Some files in TEMP:
====================
C:\Users\Besitzer\AppData\Local\temp\Quarantine.exe
C:\Users\Besitzer\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-24 12:42

==================== End of log ============================
--- --- ---
][/QUOTE]

=========================
========================
[QUOTEAdditional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015
Ran by Besitzer at 2015-06-28 15:55:57
Running from C:\Users\Besitzer\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1654125919-855541359-3433209274-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1654125919-855541359-3433209274-1006 - Limited - Enabled)
Besitzer (S-1-5-21-1654125919-855541359-3433209274-1000 - Administrator - Enabled) => C:\Users\Besitzer
Gast (S-1-5-21-1654125919-855541359-3433209274-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1654125919-855541359-3433209274-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Premier Edition (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier Edition (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis*True*Image*Home (HKLM-x32\...\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}) (Version: 13.0.5029 - Acronis)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\{B0069674-D80C-48CB-852D-88AD36EAB0A5}) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1654125919-855541359-3433209274-1000\...\Amazon Kindle) (Version:  - Amazon)
AM-DeadLink 4.6 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.6 - WebSite-Watcher - Software to check websites for updates and changes (web page monitoring))
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diercke Globus Online (HKLM-x32\...\Diercke Globus Online) (Version: 2.1.36 - Imagon GmbH)
Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.415 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.415 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
OEBackup - Outlook Express Datensicherung (Testversion) (HKLM-x32\...\OutlookExpressDatensicherung) (Version:  - )
OEMaster - DBX-Reader und Daten-Export für Outlook Express (HKLM-x32\...\OEMaster-Daten-ExportfürOutlookExpress) (Version:  - )
OLYMPUS Digital Camera Updater (HKLM-x32\...\{A68C62E8-B243-4777-89BB-12173DFA1D45}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RealDownloader (x32 Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SilverFast 8.0.1r13 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.0.1r13 - LaserSoft Imaging AG)
Stellarium 0.13.1 (HKLM-x32\...\Stellarium_is1) (Version: 0.13.1 - Stellarium team)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Symantec Technical Support Web Controls (HKLM-x32\...\{20C53FA2-4307-4671-A93F-9463B29DFCF1}) (Version: 3.5.3 - Symantec Corporation)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WOT für Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

22-06-2015 10:49:59 Geplanter Prüfpunkt
27-06-2015 10:21:05 ComboFix created restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-06-27 10:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B2DD2F8-3803-4FFB-A356-B90CCE77374C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {0D0700C1-2039-4203-BB6C-C3B8EAAA4D92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27] (Adobe Systems Incorporated)
Task: {2EB26125-02FB-4F8D-BB82-A45C3B00F9E1} - System32\Tasks\{EF28A5FD-BFF8-4212-9D83-6EFC93B9C0FB} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {2F41D3F5-62CC-4510-A39A-D5D52071DAC0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {400314AA-48FB-4480-9C72-028BCD6A2591} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {49A63869-8BC4-46D9-848A-AA1E7D005F61} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-08-12] (RealNetworks, Inc.)
Task: {4DADF2CA-9334-49C8-8826-88B4ACE47900} - System32\Tasks\Google Updater and Installer => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {55515B29-1490-4787-9AAE-48A5A07300B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {5687AFCB-F8A1-4661-B4B3-3AD8F3541754} - System32\Tasks\{6976D51C-B97F-480C-9B1E-D78F8A738E92} => pcalua.exe -a "C:\Users\Besitzer\Desktop\Programme          -auf PC-6 -\OEMaster  082\Setup.exe" -d "C:\Users\Besitzer\Desktop\Programme          -auf PC-6 -\OEMaster  082"
Task: {5B944C46-99EB-4559-B528-1659F78A0DEC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {69B4DE0B-5054-4760-9E77-186BDC229F6A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {77FC51DB-F189-49BA-82CB-4B9906A20E5D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {78E05A94-48E1-4866-93F2-D9D38F865EEE} - System32\Tasks\{1F7E5E00-647A-47E6-9221-252E2625D665} => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe [2009-08-28] (Acronis)
Task: {7D4A3609-AE87-475B-9330-FD9E1048A93B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {7FC83C0E-00EF-4589-987E-90F98BD6ADBB} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {83BBEF56-C32C-4465-8679-D8B3C1294BF1} - System32\Tasks\{B8A21EE9-7235-49BD-9493-2DB5DFC4D4D6} => pcalua.exe -a C:\Users\Besitzer\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Besitzer\Downloads
Task: {8BD6AC21-8434-4ADD-8015-50BAA928F8CE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {95A0E6D1-FF12-4432-9610-11390D586695} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {97DC5E36-A874-4A9E-9082-95A93FC76864} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {A87855A7-7CF8-4845-924E-DCB9706B3FC0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {A9F98046-3081-4997-B922-FFE619E35DA5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {B10F2A1C-0C6D-46EF-BCEB-6ABC91D5064B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {BB3C9B46-660E-468F-A7FB-4F0167C925A8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe
Task: {C30E1EBC-F7B2-42BC-9C8C-68C1EE7BA375} - System32\Tasks\{E61EAE4B-AADF-40B4-B9C1-55D0ADA7AB47} => pcalua.exe -a C:\Users\Besitzer\Desktop\swfsetup-2-6.exe -d C:\Users\Besitzer\Desktop
Task: {C7E8F109-5765-445C-849F-C720D48603A3} - System32\Tasks\{3E41D0D5-558F-4424-A981-BF9E51EEF31B} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WGCKGF3G\RegCleaner[1].exe" -d C:\Users\Besitzer\Desktop
Task: {D1C27D89-8A79-4A5A-AB71-3889CE10DF2A} - System32\Tasks\{42C1F945-6EBE-437E-8AE1-88D60BD1CA54} => pcalua.exe -a C:\Users\Besitzer\Desktop\irfanview_plugins_427_setup.exe -d C:\Users\Besitzer\Desktop
Task: {D4F8EEDC-64E7-49AD-BE69-88852D88F58D} - System32\Tasks\Real Networks Scheduler => c:\program files (x86)\real\realplayer\Update\realsched.exe [2015-03-02] (RealNetworks, Inc.)
Task: {D612F351-70A0-4FFE-B900-FE832E114413} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-21] (Microsoft Corporation)
Task: {D6F6C5CD-180E-4AEA-AC43-D8EFA4D6628E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {DCDA6114-7A9F-4D6C-A4B5-C3A4563420D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {E11A1FE1-3971-49DE-A5A9-9250E2C2DF49} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {E82F5AC5-126C-4316-B75D-CBB5DB373CC1} - System32\Tasks\{974799ED-061E-4569-B98A-017C857A82E8} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JCU6EN96\DierckeGlobusOnline.exe" -d C:\Users\Besitzer\Desktop
Task: {EDCEDC44-7B66-44A4-A8EA-7E71A6196586} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EE289BC9-387C-488C-B2D6-B6FBFE6DEA46} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {F7E186B2-5BEB-4176-B198-85BFCBC22408} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2015-03-02] (RealNetworks, Inc.)
Task: {FC1F032C-7853-4FCA-918D-3D213E04DE08} - System32\Tasks\{16D2A7FC-5A97-4D12-B147-F00E9F44C7A0} => C:\Program Files (x86)\Datacolor\Spyder3Express\Spyder3Express.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                     
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe                                                                                                                                                                                                       

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCB6148C-8AEF-431E-8118-1F725B6AFF43}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{25579D7E-AD88-4669-A5EF-5D2B3850CE20}] => (Allow) LPort=2869
FirewallRules: [{058C2573-AB4C-4EFA-8C95-FF82CFE53EC1}] => (Allow) LPort=1900
FirewallRules: [{A7942C46-1F15-4346-958A-2F336879B005}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{24BA15E4-2FA1-4BBC-98EA-2D2282E59191}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{74E41A11-2636-44DE-9AF3-BD1796E6162A}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{F95023A9-A83A-4870-B858-A606C76401BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2865131E-A377-49F3-8999-5AD662E8EDAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
        0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (06/27/2015 09:56:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (2368) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00252.log.


System errors:
=============
Error: (06/28/2015 03:43:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/28/2015 03:43:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/28/2015 03:10:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/28/2015 03:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/28/2015 03:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/28/2015 03:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RealNetworks Downloader Resolver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/28/2015 03:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/28/2015 03:10:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/28/2015 02:16:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/28/2015 02:16:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description:
Details:
        0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (06/27/2015 09:56:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows2368Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00252.log-1811


CodeIntegrity Errors:
===================================
  Date: 2015-06-27 10:41:19.933
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-27 10:41:19.839
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-27 10:41:19.730
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-27 10:41:19.605
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-18 18:03:40.466
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-18 18:03:40.247
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E6600 @ 3.06GHz
Percentage of memory in use: 40%
Total physical RAM: 4061.24 MB
Available physical RAM: 2403.83 MB
Total Pagefile: 8120.69 MB
Available Pagefile: 6499.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.17 GB) (Free:1330.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 7FD2F734)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---
][/QUOTE]

Gruß
Frusti

M-K-D-B 29.06.2015 13:48
Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR Extension: (HD Streamer) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh [2014-01-22]
C:\ProgramData\V93GE
RemoveProxy:
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

Frusti 29.06.2015 16:49
Hallo,

ich habe überraschend Besuch bekommen, bei dem es um intensive Dinge geht.
Ich werde mich deshalb wohl erst ab etwa Donnerstag wieder um "Trojaner-board" kümmern können.
Ich bitte um Verständnis.
Bitte halte den thread so lange offen.

Gruß
Frusti

M-K-D-B 29.06.2015 18:10
Servus,


danke für den Hinweis. :)

Dann bis Donnerstag. ;)

Frusti 02.07.2015 10:05
Hallo,

so, da bin ich wieder.
Ich habe die Anweisungen ausgeführt, ich hoffe, ich habe alles richtig gemacht.

Zitat:
Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Besitzer at 2015-07-02 09:02:47 Run:1
Running from C:\Users\Besitzer\Desktop
Loaded Profiles: Besitzer (Available Profiles: Besitzer)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR Extension: (HD Streamer) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh [2014-01-22]
C:\ProgramData\V93GE
RemoveProxy:
EmptyTemp:
end

*****************

Processes closed successfully.
"HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh => moved successfully.
C:\ProgramData\V93GE => moved successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => 60.9 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 09:03:11 ====
========================
=========================
Zitat:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5762b9f06e8aea4c8638eaae500bb535
# end=init
# utc_time=2015-07-02 07:13:58
# local_time=2015-07-02 09:13:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24602
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5762b9f06e8aea4c8638eaae500bb535
# end=updated
# utc_time=2015-07-02 07:16:02
# local_time=2015-07-02 09:16:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5762b9f06e8aea4c8638eaae500bb535
# engine=24602
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-02 08:34:23
# local_time=2015-07-02 10:34:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 100 100 12256 186488559 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 53107265 187455913 0 0
# scanned=247740
# found=0
# cleaned=0
# scan_time=4701
=======================
========================
Zitat:
Results of screen317's Security Check version 1.004
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Norton 360 Premier Edition
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.10004)
TuneUp Utilities 2014
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities 2014
Java 8 Update 45
Adobe Flash Player 18.0.0.194
Adobe Reader XI
Mozilla Firefox (38.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Gruß
Frusti

M-K-D-B 02.07.2015 13:54
Servus,


  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

Frusti 02.07.2015 15:15
Hallo,

1.) Interessant war für mich, daß Norton FRST nach dem Deaktivieren gleich erst mal vom PC entfernt hat - Norton mag FRST ganz offensichtlich nicht, hat es auch als "nicht sicher" eingestuft)!!!

2.) War das richtig so: die Zusatzgeräte (Stick, Ext. Festplatte) hatte ich zwischenzeitlich (vor Durchführung von FRST) wieder entfernt?

3.)

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Besitzer (administrator) on BESITZER-PC on 02-07-2015 16:06:04
Running from C:\Users\Besitzer\Desktop
Loaded Profiles: Besitzer (Available Profiles: Besitzer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17843_none_85394e6bf752dae9\iexplore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_194_ActiveX.exe
(Microsoft Corporation) C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17843_none_85394e6bf752dae9\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2015-03-02] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-04-24]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1654125919-855541359-3433209274-1000 -> {D15E8C8C-9DAD-46A3-BB48-4B891FEDCE69} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{51DCD475-287D-43BE-A240-DB826AEB2CBC}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-27] ()
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-27] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-03-02] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-03-02] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5ab6qqw3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-03-02]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-07-02]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 Symantec RemoteAssist; C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe [394704 2008-01-29] (Symantec, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150625.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150701.001\IDSvia64.sys [692984 2015-06-19] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150701.017\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150701.017\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2008-09-08] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [1455648 2012-06-03] (Acronis)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-02 16:05 - 2015-07-02 16:05 - 02112512 _____ (Farbar) C:\Users\Besitzer\Desktop\FRST64.exe
2015-07-02 11:14 - 2015-07-02 11:15 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{EE922DA7-DFDF-4F90-939F-9EDB58189645}
2015-07-02 10:46 - 2015-07-02 10:46 - 00852662 _____ C:\Users\Besitzer\Desktop\SecurityCheck.exe
2015-07-02 09:13 - 2015-07-02 09:13 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-02 09:12 - 2015-07-02 09:13 - 02870984 _____ (ESET) C:\Users\Besitzer\Desktop\esetsmartinstaller_deu.exe
2015-07-01 20:10 - 2015-07-01 20:10 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{956FB05E-D18C-4D1C-8472-E1B26D530591}
2015-07-01 20:07 - 2015-07-01 20:07 - 00000000 ____D C:\Users\Besitzer\Desktop\TV-Film Paradies
2015-07-01 08:08 - 2015-07-01 08:09 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{6AAEC0B0-DACA-486F-8420-62B81782F956}
2015-06-30 08:55 - 2015-06-30 08:55 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{FCB03F12-DA88-429E-AEFB-8A6DB838A1AE}
2015-06-30 08:53 - 2015-06-30 08:53 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{0C06C6E1-FC45-41C7-A7BE-479ED212E49C}
2015-06-29 09:25 - 2015-06-29 09:25 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{C11610D8-D822-4347-995A-3A40908FC865}
2015-06-28 15:46 - 2015-06-28 15:46 - 00001271 _____ C:\Users\Besitzer\Desktop\JRT.txt
2015-06-28 15:10 - 2015-06-28 15:10 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BESITZER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-28 15:08 - 2015-06-28 15:09 - 02950808 _____ (Malwarebytes Corporation) C:\Users\Besitzer\Desktop\JRT.exe
2015-06-28 15:07 - 2015-06-28 15:07 - 00001210 _____ C:\Users\Besitzer\Desktop\mbam.txt
2015-06-28 14:23 - 2015-06-28 14:23 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-28 14:21 - 2015-06-28 14:21 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Besitzer\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-28 14:18 - 2015-06-28 14:18 - 00002434 _____ C:\Users\Besitzer\Desktop\AdwCleaner[S0].txt
2015-06-28 14:14 - 2015-06-28 14:16 - 00000000 ____D C:\AdwCleaner
2015-06-28 14:13 - 2015-06-28 14:13 - 02244096 _____ C:\Users\Besitzer\Desktop\AdwCleaner_4.207.exe
2015-06-28 08:40 - 2015-07-02 09:05 - 00003352 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-28 08:40 - 2015-07-02 09:05 - 00003224 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-27 16:34 - 2015-06-27 16:36 - 00001940 _____ C:\Users\Besitzer\Desktop\Search.txt
2015-06-27 10:47 - 2015-06-27 10:47 - 00019441 _____ C:\ComboFix.txt
2015-06-27 10:20 - 2015-06-27 10:47 - 00000000 ____D C:\ComboFix
2015-06-27 09:58 - 2015-06-27 09:59 - 00000326 _____ C:\Windows\SecuniaPackage.log
2015-06-27 09:56 - 2015-07-02 09:04 - 00000448 _____ C:\Windows\setupact.log
2015-06-27 09:56 - 2015-07-02 07:09 - 00006616 _____ C:\Windows\PFRO.log
2015-06-27 09:56 - 2015-06-27 09:56 - 00000000 _____ C:\Windows\setuperr.log
2015-06-26 10:33 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-26 10:33 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-26 10:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-26 10:33 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-26 10:32 - 2015-06-27 10:47 - 00000000 ____D C:\Qoobox
2015-06-25 16:00 - 2015-06-28 15:56 - 00033745 _____ C:\Users\Besitzer\Desktop\Addition.txt
2015-06-25 15:59 - 2015-07-02 16:06 - 00018682 _____ C:\Users\Besitzer\Desktop\FRST.txt
2015-06-25 11:52 - 2015-06-25 11:52 - 00016004 _____ C:\Users\Besitzer\Desktop\2015-06-24_Fatima.odt
2015-06-25 10:01 - 2015-07-02 16:06 - 00000000 ____D C:\FRST
2015-06-24 17:53 - 2015-06-24 17:53 - 00011407 _____ C:\Users\Besitzer\Desktop\Hallo Matthias,.odt
2015-06-24 14:38 - 2015-06-24 14:38 - 00016839 _____ C:\Users\Besitzer\Desktop\Karin  Anruf am 23.06.15.odt
2015-06-24 14:08 - 2015-06-24 14:12 - 00018637 _____ C:\Users\Besitzer\Desktop\2015-06-22_Ingeburg.odt
2015-06-22 17:45 - 2015-06-25 16:22 - 00000000 ____D C:\Users\Besitzer\Desktop\Alex-III Münze-Auktion
2015-06-21 16:25 - 2015-06-21 16:59 - 00000000 ____D C:\Users\Besitzer\Desktop\Expander
2015-06-21 13:45 - 2015-07-01 11:41 - 00003246 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000
2015-06-21 13:39 - 2015-06-21 17:23 - 00013503 _____ C:\Users\Besitzer\Desktop\Neue Porns.odt
2015-06-19 11:28 - 2015-06-21 18:40 - 00000000 ____D C:\Users\Besitzer\Desktop\2015-06-19_Sammelsurium
2015-06-16 10:58 - 2015-06-22 17:34 - 00000000 ____D C:\Users\Besitzer\Desktop\Invitation Christa
2015-06-15 12:09 - 2015-06-15 11:57 - 00022104 _____ C:\Users\Besitzer\Desktop\Ziele erreichen.odt
2015-06-15 12:09 - 2015-06-15 11:50 - 00021263 _____ C:\Users\Besitzer\Desktop\Ziele setzen.odt
2015-06-10 16:35 - 2015-06-10 16:35 - 00166957 _____ C:\Users\Besitzer\Desktop\Cycas revoluta.odt
2015-06-10 16:21 - 2015-06-10 16:21 - 00011772 _____ C:\Users\Besitzer\Desktop\Pulque.odt
2015-06-10 09:40 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 09:40 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 09:40 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 09:40 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 09:40 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 09:40 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 09:40 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 09:40 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 09:40 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 09:40 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 09:40 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 09:40 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 09:40 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 09:40 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 09:40 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 09:40 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 09:40 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 09:40 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 09:40 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 09:40 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 09:40 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 09:40 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:40 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:39 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 09:39 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 09:39 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 09:39 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 09:39 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 09:39 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 09:39 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 09:39 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 09:39 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 09:39 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 09:39 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 09:39 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 09:39 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 09:39 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 09:39 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 09:39 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 09:39 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 09:39 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 09:39 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 09:39 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 09:39 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 09:39 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 09:39 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 09:39 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 09:39 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 09:39 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 09:39 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 09:39 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 09:39 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 09:39 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 09:39 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 09:39 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 09:39 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 09:39 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 09:39 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 09:39 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 09:39 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 09:39 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 09:39 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 09:39 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 09:39 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 09:39 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 09:39 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 09:39 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 09:39 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 09:39 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 09:39 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 09:39 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 09:39 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 09:39 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 09:39 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 09:39 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 09:39 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 09:39 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:39 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 09:39 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 09:39 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 09:39 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 09:39 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 19:32 - 2015-06-09 19:42 - 345237209 _____ C:\Users\Besitzer\Desktop\saartalk.-saartalk._mit_Grand_Prix_Gewinnerin_Nicole-saartalk_20150608_193501_L.mp4
2015-06-05 10:48 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 10:48 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 10:48 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 10:48 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 09:03 - 2015-06-05 09:03 - 00342252 _____ C:\Users\Besitzer\Desktop\bpost messthaler.html
2015-06-04 16:19 - 2015-06-04 16:19 - 00013440 _____ C:\Users\Besitzer\Desktop\Klotz,  03.06.15.odt
2015-06-03 07:23 - 2015-06-03 07:23 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-02 16:02 - 2012-12-07 08:53 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-02 16:02 - 2012-12-07 08:53 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-02 16:02 - 2012-10-04 20:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-02 16:02 - 2011-04-04 12:29 - 01912183 _____ C:\Windows\WindowsUpdate.log
2015-07-02 16:02 - 2009-07-14 06:45 - 00023568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-02 16:02 - 2009-07-14 06:45 - 00023568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-02 14:38 - 2013-11-13 18:06 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{083BECD6-A6F2-4401-A905-5865C87918C6}
2015-07-02 11:30 - 2014-05-01 16:38 - 00000000 ____D C:\Users\Besitzer\Desktop\Essen auf Rädern
2015-07-02 11:30 - 2011-05-12 18:37 - 49757184 ___SH C:\Users\Besitzer\Desktop\Thumbs.db
2015-07-02 09:12 - 2009-07-14 19:58 - 00699390 _____ C:\Windows\system32\perfh007.dat
2015-07-02 09:12 - 2009-07-14 19:58 - 00152094 _____ C:\Windows\system32\perfc007.dat
2015-07-02 09:12 - 2009-07-14 07:13 - 01659792 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-02 09:04 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-28 15:11 - 2013-09-07 14:35 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-06-28 14:53 - 2015-03-07 17:40 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-28 14:23 - 2015-03-07 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-28 14:23 - 2015-03-07 17:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-27 10:47 - 2014-04-23 06:33 - 00000000 ____D C:\Users\dub_cm_auto
2015-06-27 10:42 - 2014-02-18 18:56 - 00000000 ____D C:\Windows\erdnt
2015-06-27 10:42 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-27 09:59 - 2012-10-04 20:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-27 09:58 - 2012-10-04 20:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-27 09:58 - 2012-10-04 20:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-26 17:02 - 2012-06-08 08:40 - 00003756 _____ C:\Windows\System32\Tasks\Real Player-Online-Aktualisierungsprogramm
2015-06-26 17:00 - 2011-04-07 18:15 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CrashDumps
2015-06-26 16:53 - 2011-04-07 18:06 - 00000000 ____D C:\Program Files\CCleaner
2015-06-25 14:18 - 2013-09-23 12:36 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\vlc
2015-06-25 10:21 - 2014-12-29 11:14 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-22 16:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 09:39 - 2014-06-21 16:42 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Adobe
2015-06-12 14:40 - 2014-05-01 15:02 - 00000000 ____D C:\Users\Besitzer\Desktop\D - III - DVDs  und  Festplatte-HDD
2015-06-10 18:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 14:12 - 2014-11-12 14:52 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieBrowserModeList
2015-06-10 14:12 - 2014-05-07 06:53 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieUserList
2015-06-10 14:12 - 2014-05-07 06:53 - 00000000 __SHD C:\Users\Besitzer\AppData\Local\EmieSiteList
2015-06-10 13:47 - 2015-03-01 15:59 - 00297616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 12:02 - 2013-08-14 21:13 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 11:58 - 2011-04-04 15:51 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 19:39 - 2015-04-21 09:28 - 00000000 ____D C:\Users\Besitzer\.mediathek3
2015-06-09 19:32 - 2015-04-21 09:43 - 00000000 ____D C:\Users\Besitzer\MediathekView
2015-06-09 19:01 - 2012-09-22 19:59 - 00051200 ___SH C:\Users\Besitzer\Documents\Thumbs.db
2015-06-05 18:29 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-05 15:59 - 2014-12-10 18:00 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-05 15:59 - 2014-05-06 21:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-02 17:31 - 2015-05-13 10:45 - 00000000 ____D C:\Users\Besitzer\Desktop\PC

==================== Files in the root of some directories =======

2010-08-31 10:42 - 2010-08-31 10:42 - 0006148 _____ () C:\Program Files (x86)\Common Files\.DS_Store
2014-03-12 17:12 - 2014-03-12 17:12 - 0000044 _____ () C:\Users\Besitzer\AppData\Roaming\WB.CFG
2011-05-11 20:06 - 2015-03-04 19:18 - 0007168 _____ () C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-24 12:42

==================== End of log ============================
--- --- ---


=======================
====================FRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Besitzer at 2015-07-02 16:06:43
Running from C:\Users\Besitzer\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1654125919-855541359-3433209274-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1654125919-855541359-3433209274-1006 - Limited - Enabled)
Besitzer (S-1-5-21-1654125919-855541359-3433209274-1000 - Administrator - Enabled) => C:\Users\Besitzer
Gast (S-1-5-21-1654125919-855541359-3433209274-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1654125919-855541359-3433209274-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Premier Edition (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier Edition (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis*True*Image*Home (HKLM-x32\...\{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}) (Version: 13.0.5029 - Acronis)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\{B0069674-D80C-48CB-852D-88AD36EAB0A5}) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1654125919-855541359-3433209274-1000\...\Amazon Kindle) (Version:  - Amazon)
AM-DeadLink 4.6 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.6 - WebSite-Watcher - Software to check websites for updates and changes (web page monitoring))
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diercke Globus Online (HKLM-x32\...\Diercke Globus Online) (Version: 2.1.36 - Imagon GmbH)
Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.415 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.415 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
OEBackup - Outlook Express Datensicherung (Testversion) (HKLM-x32\...\OutlookExpressDatensicherung) (Version:  - )
OEMaster - DBX-Reader und Daten-Export für Outlook Express (HKLM-x32\...\OEMaster-Daten-ExportfürOutlookExpress) (Version:  - )
OLYMPUS Digital Camera Updater (HKLM-x32\...\{A68C62E8-B243-4777-89BB-12173DFA1D45}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RealDownloader (x32 Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SilverFast 8.0.1r13 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.0.1r13 - LaserSoft Imaging AG)
Stellarium 0.13.1 (HKLM-x32\...\Stellarium_is1) (Version: 0.13.1 - Stellarium team)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Symantec Technical Support Web Controls (HKLM-x32\...\{20C53FA2-4307-4671-A93F-9463B29DFCF1}) (Version: 3.5.3 - Symantec Corporation)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WOT für Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

22-06-2015 10:49:59 Geplanter Prüfpunkt
27-06-2015 10:21:05 ComboFix created restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-06-27 10:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B2DD2F8-3803-4FFB-A356-B90CCE77374C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {0D0700C1-2039-4203-BB6C-C3B8EAAA4D92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27] (Adobe Systems Incorporated)
Task: {18472CB8-7517-4B63-BF1B-2FBAEAA014D4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {2EB26125-02FB-4F8D-BB82-A45C3B00F9E1} - System32\Tasks\{EF28A5FD-BFF8-4212-9D83-6EFC93B9C0FB} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {2F41D3F5-62CC-4510-A39A-D5D52071DAC0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {400314AA-48FB-4480-9C72-028BCD6A2591} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {49A63869-8BC4-46D9-848A-AA1E7D005F61} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-08-12] (RealNetworks, Inc.)
Task: {4DADF2CA-9334-49C8-8826-88B4ACE47900} - System32\Tasks\Google Updater and Installer => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {55515B29-1490-4787-9AAE-48A5A07300B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {5687AFCB-F8A1-4661-B4B3-3AD8F3541754} - System32\Tasks\{6976D51C-B97F-480C-9B1E-D78F8A738E92} => pcalua.exe -a "C:\Users\Besitzer\Desktop\Programme          -auf PC-6 -\OEMaster  082\Setup.exe" -d "C:\Users\Besitzer\Desktop\Programme          -auf PC-6 -\OEMaster  082"
Task: {5B944C46-99EB-4559-B528-1659F78A0DEC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {69B4DE0B-5054-4760-9E77-186BDC229F6A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {7384C263-FE44-4A9A-8EA2-155FE92F2815} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {77FC51DB-F189-49BA-82CB-4B9906A20E5D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {78E05A94-48E1-4866-93F2-D9D38F865EEE} - System32\Tasks\{1F7E5E00-647A-47E6-9221-252E2625D665} => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe [2009-08-28] (Acronis)
Task: {7FC83C0E-00EF-4589-987E-90F98BD6ADBB} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {83BBEF56-C32C-4465-8679-D8B3C1294BF1} - System32\Tasks\{B8A21EE9-7235-49BD-9493-2DB5DFC4D4D6} => pcalua.exe -a C:\Users\Besitzer\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Besitzer\Downloads
Task: {8BD6AC21-8434-4ADD-8015-50BAA928F8CE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {97DC5E36-A874-4A9E-9082-95A93FC76864} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {A9F98046-3081-4997-B922-FFE619E35DA5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {B10F2A1C-0C6D-46EF-BCEB-6ABC91D5064B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {BB3C9B46-660E-468F-A7FB-4F0167C925A8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe
Task: {C30E1EBC-F7B2-42BC-9C8C-68C1EE7BA375} - System32\Tasks\{E61EAE4B-AADF-40B4-B9C1-55D0ADA7AB47} => pcalua.exe -a C:\Users\Besitzer\Desktop\swfsetup-2-6.exe -d C:\Users\Besitzer\Desktop
Task: {C7E8F109-5765-445C-849F-C720D48603A3} - System32\Tasks\{3E41D0D5-558F-4424-A981-BF9E51EEF31B} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WGCKGF3G\RegCleaner[1].exe" -d C:\Users\Besitzer\Desktop
Task: {D1C27D89-8A79-4A5A-AB71-3889CE10DF2A} - System32\Tasks\{42C1F945-6EBE-437E-8AE1-88D60BD1CA54} => pcalua.exe -a C:\Users\Besitzer\Desktop\irfanview_plugins_427_setup.exe -d C:\Users\Besitzer\Desktop
Task: {D4F8EEDC-64E7-49AD-BE69-88852D88F58D} - System32\Tasks\Real Networks Scheduler => c:\program files (x86)\real\realplayer\Update\realsched.exe [2015-03-02] (RealNetworks, Inc.)
Task: {D8F27A7F-E7C1-4CF7-BFCA-2FE16ECA759C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1654125919-855541359-3433209274-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {DCDA6114-7A9F-4D6C-A4B5-C3A4563420D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {E11A1FE1-3971-49DE-A5A9-9250E2C2DF49} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {E82F5AC5-126C-4316-B75D-CBB5DB373CC1} - System32\Tasks\{974799ED-061E-4569-B98A-017C857A82E8} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JCU6EN96\DierckeGlobusOnline.exe" -d C:\Users\Besitzer\Desktop
Task: {EDCEDC44-7B66-44A4-A8EA-7E71A6196586} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EE289BC9-387C-488C-B2D6-B6FBFE6DEA46} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {F7E186B2-5BEB-4176-B198-85BFCBC22408} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2015-03-02] (RealNetworks, Inc.)
Task: {FC1F032C-7853-4FCA-918D-3D213E04DE08} - System32\Tasks\{16D2A7FC-5A97-4D12-B147-F00E9F44C7A0} => C:\Program Files (x86)\Datacolor\Spyder3Express\Spyder3Express.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-08-12 12:34 - 2014-08-12 12:34 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1654125919-855541359-3433209274-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                     
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe                                                                                                                                                                                                       

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCB6148C-8AEF-431E-8118-1F725B6AFF43}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{25579D7E-AD88-4669-A5EF-5D2B3850CE20}] => (Allow) LPort=2869
FirewallRules: [{058C2573-AB4C-4EFA-8C95-FF82CFE53EC1}] => (Allow) LPort=1900
FirewallRules: [{A7942C46-1F15-4346-958A-2F336879B005}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{24BA15E4-2FA1-4BBC-98EA-2D2282E59191}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{74E41A11-2636-44DE-9AF3-BD1796E6162A}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{F95023A9-A83A-4870-B858-A606C76401BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2865131E-A377-49F3-8999-5AD662E8EDAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2015 10:36:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/02/2015 09:13:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/02/2015 09:13:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/02/2015 09:13:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/02/2015 09:13:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/02/2015 04:02:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/02/2015 02:37:59 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/02/2015 02:37:59 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/02/2015 11:25:50 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/02/2015 11:25:50 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/02/2015 11:25:43 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/02/2015 11:25:43 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/02/2015 11:00:46 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/02/2015 11:00:19 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/02/2015 11:00:18 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.


Microsoft Office:
=========================
Error: (07/02/2015 10:36:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/02/2015 09:13:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Besitzer\Desktop\esetsmartinstaller_deu.exe

Error: (07/02/2015 09:13:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Besitzer\Desktop\esetsmartinstaller_deu.exe

Error: (07/02/2015 09:13:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Besitzer\Desktop\esetsmartinstaller_deu.exe

Error: (07/02/2015 09:13:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Besitzer\Desktop\esetsmartinstaller_deu.exe

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/27/2015 09:56:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (06/27/2015 09:56:45 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


CodeIntegrity Errors:
===================================
  Date: 2015-06-27 10:41:19.933
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-27 10:41:19.839
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-27 10:41:19.730
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-27 10:41:19.605
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-18 18:03:40.466
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-18 18:03:40.247
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E6600 @ 3.06GHz
Percentage of memory in use: 51%
Total physical RAM: 4061.24 MB
Available physical RAM: 1984.71 MB
Total Pagefile: 8120.69 MB
Available Pagefile: 6158.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.17 GB) (Free:1329.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 7FD2F734)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

--- --- ---

Gruß
Frusti

M-K-D-B 03.07.2015 14:33
Zitat:
Zitat von Frusti (Beitrag 1484294)
1.) Interessant war für mich, daß Norton FRST nach dem Deaktivieren gleich erst mal vom PC entfernt hat - Norton mag FRST ganz offensichtlich nicht, hat es auch als "nicht sicher" eingestuft)!!!
Die Einstufung von FRST als "nicht sicher" durch Norton zeigt mir ein weiteres Mal, dass die Sicherheitsprodukte von Symantec einfach zu viele Fehlalarme/Falschmeldungen produzieren... auch ein Grund, warum ich Norton nicht empfehlen kann...





Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall
CCleaner
TuneUp
.

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über
Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
zu deinstallieren.




Zitat:
Zitat von Frusti (Beitrag 1484294)
2.) War das richtig so: die Zusatzgeräte (Stick, Ext. Festplatte) hatte ich zwischenzeitlich (vor Durchführung von FRST) wieder entfernt?
Genau richtig.




Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
Task: {C7E8F109-5765-445C-849F-C720D48603A3} - System32\Tasks\{3E41D0D5-558F-4424-A981-BF9E51EEF31B} => pcalua.exe -a "C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WGCKGF3G\RegCleaner[1].exe" -d C:\Users\Besitzer\Desktop
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

Frusti 04.07.2015 08:55
Hallo,

zunächst zu den "Registry Cleanern":
bei BEIDEN habe ich eine jeweilige "Bereinigung" der REGISTRY ausgeschaltet.
Der Rest "läuft". Das müßte doch eigentlich so ok sein, oder?

========================
==========================

Hier die Dateien:

Zitat:
Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Besitzer at 2015-07-02 09:02:47 Run:1
Running from C:\Users\Besitzer\Desktop
Loaded Profiles: Besitzer (Available Profiles: Besitzer)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR Extension: (HD Streamer) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh [2014-01-22]
C:\ProgramData\V93GE
RemoveProxy:
EmptyTemp:
end

*****************

Processes closed successfully.
"HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh => moved successfully.
C:\ProgramData\V93GE => moved successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1654125919-855541359-3433209274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => 60.9 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 09:03:11 ====
======================================
=======================================
Zitat:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5762b9f06e8aea4c8638eaae500bb535
# end=init
# utc_time=2015-07-04 07:03:44
# local_time=2015-07-04 09:03:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24635
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5762b9f06e8aea4c8638eaae500bb535
# end=updated
# utc_time=2015-07-04 07:05:33
# local_time=2015-07-04 09:05:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5762b9f06e8aea4c8638eaae500bb535
# engine=24635
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-04 07:25:12
# local_time=2015-07-04 09:25:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 100 100 180905 186657208 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 53275914 187624562 0 0
# scanned=76222
# found=0
# cleaned=0
# scan_time=1179
======================
======================
Zitat:
Results of screen317's Security Check version 1.004
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Norton 360 Premier Edition
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.10004)
TuneUp Utilities 2014
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities 2014
Java 8 Update 45
Adobe Flash Player 18.0.0.194
Adobe Reader XI
Mozilla Firefox (38.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Gruß
Frusti

M-K-D-B 04.07.2015 11:49
Zitat:
Zitat von Frusti (Beitrag 1484612)
zunächst zu den "Registry Cleanern":
bei BEIDEN habe ich eine jeweilige "Bereinigung" der REGISTRY ausgeschaltet.
Der Rest "läuft". Das müßte doch eigentlich so ok sein, oder?
Dann sollte das passen.

Wie gesagt, ich hab schon Systeme hier gesehen, die wegen diesen Reg-Cleanern nicht mehr booteten... ;)








Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. :daumenhoc
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
   


Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/adblock_firefox.pngAdblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
http://filepony.de/icon/noscript.png NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/ghostery_chrome.pngGhostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Frusti 04.07.2015 14:46
Hallo,

vielen Dank für Deine Hilfe und die offensichtliche gründliche Reinigung.

Zwei Dinge habe ich nun zunächst noch:

1.) Seit den Aktionen ist mein Programm "TuneUp" verschwunden.
Das wollte ich so eigentlich nicht gelöscht haben! Ich hatte Dir ja geschrieben, daß ich die registry aus allen Aktionen von TuneUp unangetastet lasse.

2.) Nun habe ich noch einen Laptop, mit dem ich auch mal Dokumente, Bilder, Programme usw. manchmal über einen Stick mit dem jetzt geprüften PC hin- und herschiebe.
Müßte der nun nicht auch - zumindest mit einem Minimal-Umfang - untersucht werden?

Gruß
Frusti

M-K-D-B 05.07.2015 11:05
Zitat:
Zitat von Frusti (Beitrag 1484669)
1.) Seit den Aktionen ist mein Programm "TuneUp" verschwunden.
Das wollte ich so eigentlich nicht gelöscht haben! Ich hatte Dir ja geschrieben, daß ich die registry aus allen Aktionen von TuneUp unangetastet lasse.
Bitte neu installieren.



Zitat:
Zitat von Frusti (Beitrag 1484669)
2.) Nun habe ich noch einen Laptop, mit dem ich auch mal Dokumente, Bilder, Programme usw. manchmal über einen Stick mit dem jetzt geprüften PC hin- und herschiebe.
Müßte der nun nicht auch - zumindest mit einem Minimal-Umfang - untersucht werden?
Ja, könnte und sollte man. Interesse? :blabla:

Frusti 07.07.2015 14:03
Hallo,

1.) Was mag der Grund sein, daß das Programm während unsrer Arbeit vollständig gelöscht wurde, und zwar so, daß ich es noch nicht einmal wieder neu aufladen kann, weil mir die Unterlagen fehlen?

2.) Wenn man den Laptop auch prüfen "sollte", dann wäre ich schon dafür!
Was ist zu tun?
Einen neuen thread eröffnen? Oder bei diesem weitermachen?
Muß ich dann damit rechnen, daß dann dort auch in irgendeinem Schritt 'TuneUp' gelöscht wird?

Gruß
Frusti

M-K-D-B 07.07.2015 15:22
Zitat:
Zitat von Frusti (Beitrag 1485573)
1.) Was mag der Grund sein, daß das Programm während unsrer Arbeit vollständig gelöscht wurde, und zwar so, daß ich es noch nicht einmal wieder neu aufladen kann, weil mir die Unterlagen fehlen?
Könnte an einem Tool liegen, das wir verwendet haben. Ich habe den Entwickler bereits informiert. Es sagte, dass es aus der Datenbank gelöscht wird.


Zitat:
Zitat von Frusti (Beitrag 1485573)
2.) Wenn man den Laptop auch prüfen "sollte", dann wäre ich schon dafür!
Was ist zu tun?
Einen neuen thread eröffnen? Oder bei diesem weitermachen?
das machen wir gleich hier. ;)



Zitat:
Zitat von Frusti (Beitrag 1485573)
Muß ich dann damit rechnen, daß dann dort auch in irgendeinem Schritt 'TuneUp' gelöscht wird?
Wie gesagt, sollte bereits aus der Datenbank von JRT draußen sein....






Notebook:


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Frusti 08.07.2015 07:38
Zitat:
Wie gesagt, sollte bereits aus der Datenbank von JRT draußen sein....
Nee, auf dem Laptop ist 'TuneUp' NOCH drauf. - Ich hab ja kein Heimnetzwerk, das Laptop ist isoliert vom PC.

============================
===========================

08:18:42.0713 0x148c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
08:18:48.0157 0x148c ============================================================
08:18:48.0157 0x148c Current date / time: 2015/07/08 08:18:48.0157
08:18:48.0157 0x148c SystemInfo:
08:18:48.0157 0x148c
08:18:48.0157 0x148c OS Version: 6.1.7601 ServicePack: 1.0
08:18:48.0157 0x148c Product type: Workstation
08:18:48.0157 0x148c ComputerName: PC
08:18:48.0157 0x148c UserName: GHM
08:18:48.0157 0x148c Windows directory: C:\Windows
08:18:48.0157 0x148c System windows directory: C:\Windows
08:18:48.0157 0x148c Processor architecture: Intel x86
08:18:48.0157 0x148c Number of processors: 4
08:18:48.0157 0x148c Page size: 0x1000
08:18:48.0157 0x148c Boot type: Normal boot
08:18:48.0157 0x148c ============================================================
08:18:48.0469 0x148c KLMD registered as C:\Windows\system32\drivers\14673167.sys
08:18:48.0766 0x148c System UUID: {4ECAA060-4151-19AE-4A30-A0627BFFA00F}
08:18:49.0280 0x148c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:18:49.0280 0x148c ============================================================
08:18:49.0280 0x148c \Device\Harddisk0\DR0:
08:18:49.0280 0x148c MBR partitions:
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x35152000
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x35184800, BlocksNum 0x5000000
08:18:49.0280 0x148c ============================================================
08:18:49.0312 0x148c C: <-> \Device\Harddisk0\DR0\Partition2
08:18:49.0358 0x148c D: <-> \Device\Harddisk0\DR0\Partition3
08:18:49.0358 0x148c ============================================================
08:18:49.0358 0x148c Initialize success
08:18:49.0358 0x148c ============================================================
08:18:53.0258 0x14c8 ============================================================
08:18:53.0258 0x14c8 Scan started
08:18:53.0258 0x14c8 Mode: Manual;
08:18:53.0258 0x14c8 ============================================================
08:18:53.0258 0x14c8 KSN ping started
08:19:08.0656 0x14c8 KSN ping finished: true
08:19:09.0295 0x14c8 ================ Scan system memory ========================
08:19:09.0295 0x14c8 System memory - ok
08:19:09.0295 0x14c8 ================ Scan services =============================
08:19:09.0529 0x14c8 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:19:09.0545 0x14c8 1394ohci - ok
08:19:09.0623 0x14c8 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:19:09.0638 0x14c8 ACPI - ok
08:19:09.0670 0x14c8 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:19:09.0670 0x14c8 AcpiPmi - ok
08:19:09.0794 0x14c8 [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:19:09.0810 0x14c8 AdobeARMservice - ok
08:19:09.0888 0x14c8 [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:19:09.0919 0x14c8 AdobeFlashPlayerUpdateSvc - ok
08:19:09.0997 0x14c8 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:19:10.0044 0x14c8 adp94xx - ok
08:19:10.0106 0x14c8 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:19:10.0138 0x14c8 adpahci - ok
08:19:10.0216 0x14c8 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:19:10.0216 0x14c8 adpu320 - ok
08:19:10.0262 0x14c8 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:19:10.0278 0x14c8 AeLookupSvc - ok
08:19:10.0325 0x14c8 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
08:19:10.0372 0x14c8 AFD - ok
08:19:10.0387 0x14c8 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
08:19:10.0403 0x14c8 agp440 - ok
08:19:10.0434 0x14c8 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
08:19:10.0450 0x14c8 aic78xx - ok
08:19:10.0496 0x14c8 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
08:19:10.0496 0x14c8 ALG - ok
08:19:10.0512 0x14c8 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
08:19:10.0528 0x14c8 aliide - ok
08:19:10.0543 0x14c8 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
08:19:10.0543 0x14c8 amdagp - ok
08:19:10.0574 0x14c8 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
08:19:10.0590 0x14c8 amdide - ok
08:19:10.0606 0x14c8 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:19:10.0621 0x14c8 AmdK8 - ok
08:19:10.0621 0x14c8 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:19:10.0637 0x14c8 AmdPPM - ok
08:19:10.0668 0x14c8 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:19:10.0684 0x14c8 amdsata - ok
08:19:10.0699 0x14c8 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:19:10.0699 0x14c8 amdsbs - ok
08:19:10.0730 0x14c8 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:19:10.0730 0x14c8 amdxata - ok
08:19:10.0793 0x14c8 [ D1AF38FBAC0DC7E6D796B0ED01707EE0, FAFD2C36594A1628293E7623C8CAB2D47EDF8C6C0E18CC2FB37F9A6CA1F0E57C ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
08:19:10.0793 0x14c8 AppHostSvc - ok
08:19:10.0824 0x14c8 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
08:19:10.0824 0x14c8 AppID - ok
08:19:10.0871 0x14c8 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:19:10.0886 0x14c8 AppIDSvc - ok
08:19:10.0918 0x14c8 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
08:19:10.0918 0x14c8 Appinfo - ok
08:19:10.0964 0x14c8 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
08:19:10.0964 0x14c8 arc - ok
08:19:11.0011 0x14c8 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:19:11.0011 0x14c8 arcsas - ok
08:19:11.0136 0x14c8 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:19:11.0136 0x14c8 aspnet_state - ok
08:19:11.0183 0x14c8 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:19:11.0183 0x14c8 AsyncMac - ok
08:19:11.0230 0x14c8 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
08:19:11.0230 0x14c8 atapi - ok
08:19:11.0292 0x14c8 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:19:11.0339 0x14c8 AudioEndpointBuilder - ok
08:19:11.0354 0x14c8 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:19:11.0386 0x14c8 Audiosrv - ok
08:19:11.0432 0x14c8 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:19:11.0432 0x14c8 AxInstSV - ok
08:19:11.0479 0x14c8 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
08:19:11.0495 0x14c8 b06bdrv - ok
08:19:11.0573 0x14c8 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
08:19:11.0573 0x14c8 b57nd60x - ok
08:19:11.0651 0x14c8 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
08:19:11.0666 0x14c8 BDESVC - ok
08:19:11.0682 0x14c8 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
08:19:11.0682 0x14c8 Beep - ok
08:19:11.0744 0x14c8 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
08:19:11.0791 0x14c8 BFE - ok
08:19:11.0994 0x14c8 [ 69D90F57C6E40EA593F5E24AA586E4C4, 51DB6B08FFBBF563AF11DCDE28464FB5B317EEB45F33F881510FFB3ADFB8B754 ] BHDrvx86 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150706.001\BHDrvx86.sys
08:19:12.0025 0x14c8 BHDrvx86 - ok
08:19:12.0103 0x14c8 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
08:19:12.0150 0x14c8 BITS - ok
08:19:12.0197 0x14c8 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:19:12.0197 0x14c8 blbdrive - ok
08:19:12.0228 0x14c8 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:19:12.0228 0x14c8 bowser - ok
08:19:12.0259 0x14c8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:19:12.0259 0x14c8 BrFiltLo - ok
08:19:12.0275 0x14c8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:19:12.0275 0x14c8 BrFiltUp - ok
08:19:12.0322 0x14c8 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:19:12.0322 0x14c8 BridgeMP - ok
08:19:12.0368 0x14c8 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
08:19:12.0368 0x14c8 Browser - ok
08:19:12.0400 0x14c8 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:19:12.0415 0x14c8 Brserid - ok
08:19:12.0431 0x14c8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:19:12.0431 0x14c8 BrSerWdm - ok
08:19:12.0478 0x14c8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:19:12.0478 0x14c8 BrUsbMdm - ok
08:19:12.0509 0x14c8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:19:12.0509 0x14c8 BrUsbSer - ok
08:19:12.0540 0x14c8 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:19:12.0540 0x14c8 BTHMODEM - ok
08:19:12.0587 0x14c8 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
08:19:12.0587 0x14c8 bthserv - ok
08:19:12.0680 0x14c8 catchme - ok
08:19:12.0758 0x14c8 [ 2D63DABE3805F1C644494913DE285BC7, 87EC4A94F32DCC41EBFB2BDAC26C649A433DA41E42C2B516B08358FA3D341781 ] ccSet_N360 C:\Windows\system32\drivers\N360\1605000.07C\ccSetx86.sys
08:19:12.0758 0x14c8 ccSet_N360 - ok
08:19:12.0805 0x14c8 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:19:12.0805 0x14c8 cdfs - ok
08:19:12.0852 0x14c8 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:19:12.0868 0x14c8 cdrom - ok
08:19:12.0914 0x14c8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
08:19:12.0914 0x14c8 CertPropSvc - ok
08:19:12.0961 0x14c8 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:19:12.0961 0x14c8 circlass - ok
08:19:13.0008 0x14c8 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
08:19:13.0024 0x14c8 CLFS - ok
08:19:13.0102 0x14c8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:19:13.0102 0x14c8 clr_optimization_v2.0.50727_32 - ok
08:19:13.0148 0x14c8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:19:13.0148 0x14c8 clr_optimization_v4.0.30319_32 - ok
08:19:13.0195 0x14c8 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:19:13.0195 0x14c8 CmBatt - ok
08:19:13.0211 0x14c8 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:19:13.0211 0x14c8 cmdide - ok
08:19:13.0258 0x14c8 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
08:19:13.0289 0x14c8 CNG - ok
08:19:13.0351 0x14c8 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:19:13.0351 0x14c8 Compbatt - ok
08:19:13.0382 0x14c8 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:19:13.0382 0x14c8 CompositeBus - ok
08:19:13.0398 0x14c8 COMSysApp - ok
08:19:13.0398 0x14c8 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:19:13.0414 0x14c8 crcdisk - ok
08:19:13.0460 0x14c8 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:19:13.0460 0x14c8 CryptSvc - ok
08:19:13.0507 0x14c8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
08:19:13.0538 0x14c8 DcomLaunch - ok
08:19:13.0570 0x14c8 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
08:19:13.0585 0x14c8 defragsvc - ok
08:19:13.0616 0x14c8 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:19:13.0632 0x14c8 DfsC - ok
08:19:13.0679 0x14c8 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:19:13.0694 0x14c8 Dhcp - ok
08:19:13.0804 0x14c8 [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack C:\Windows\system32\diagtrack.dll
08:19:13.0897 0x14c8 DiagTrack - ok
08:19:13.0928 0x14c8 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
08:19:13.0928 0x14c8 discache - ok
08:19:13.0975 0x14c8 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:19:13.0975 0x14c8 Disk - ok
08:19:14.0022 0x14c8 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:19:14.0038 0x14c8 Dnscache - ok
08:19:14.0069 0x14c8 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
08:19:14.0084 0x14c8 dot3svc - ok
08:19:14.0116 0x14c8 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
08:19:14.0116 0x14c8 DPS - ok
08:19:14.0162 0x14c8 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:19:14.0162 0x14c8 drmkaud - ok
08:19:14.0209 0x14c8 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:19:14.0240 0x14c8 DXGKrnl - ok
08:19:14.0272 0x14c8 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
08:19:14.0272 0x14c8 EapHost - ok
08:19:14.0459 0x14c8 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
08:19:14.0615 0x14c8 ebdrv - ok
08:19:14.0724 0x14c8 [ 0CD77CB89473151E6A0201DA7B063EAC, ADE268EB7DE6A07327E74B5F89A087249C6BD5DDEDB7EA2745D54849FF2AF549 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
08:19:14.0740 0x14c8 eeCtrl - ok
08:19:14.0771 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] EFS C:\Windows\System32\lsass.exe
08:19:14.0771 0x14c8 EFS - ok
08:19:14.0864 0x14c8 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:19:14.0911 0x14c8 ehRecvr - ok
08:19:14.0942 0x14c8 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
08:19:14.0942 0x14c8 ehSched - ok
08:19:15.0005 0x14c8 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:19:15.0052 0x14c8 elxstor - ok
08:19:15.0130 0x14c8 [ 94DB911F59E7FA1806DC0408B5EF5720, 9E36A506B8FBE8F2998A4A01A621C33D16911FBBB3CE3C0A106072B456EDA179 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:19:15.0130 0x14c8 EraserUtilRebootDrv - ok
08:19:15.0176 0x14c8 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:19:15.0176 0x14c8 ErrDev - ok
08:19:15.0239 0x14c8 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
08:19:15.0254 0x14c8 EventSystem - ok
08:19:15.0286 0x14c8 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
08:19:15.0301 0x14c8 exfat - ok
08:19:15.0317 0x14c8 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:19:15.0332 0x14c8 fastfat - ok
08:19:15.0395 0x14c8 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
08:19:15.0457 0x14c8 Fax - ok
08:19:15.0488 0x14c8 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:19:15.0504 0x14c8 fdc - ok
08:19:15.0520 0x14c8 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
08:19:15.0520 0x14c8 fdPHost - ok
08:19:15.0551 0x14c8 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
08:19:15.0551 0x14c8 FDResPub - ok
08:19:15.0582 0x14c8 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:19:15.0582 0x14c8 FileInfo - ok
08:19:15.0598 0x14c8 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:19:15.0613 0x14c8 Filetrace - ok
08:19:15.0644 0x14c8 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:19:15.0644 0x14c8 flpydisk - ok
08:19:15.0660 0x14c8 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:19:15.0676 0x14c8 FltMgr - ok
08:19:15.0754 0x14c8 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache C:\Windows\system32\FntCache.dll
08:19:15.0800 0x14c8 FontCache - ok
08:19:15.0863 0x14c8 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:19:15.0878 0x14c8 FontCache3.0.0.0 - ok
08:19:15.0910 0x14c8 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:19:15.0910 0x14c8 FsDepends - ok
08:19:15.0941 0x14c8 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:19:15.0941 0x14c8 Fs_Rec - ok
08:19:15.0972 0x14c8 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:19:15.0988 0x14c8 fvevol - ok
08:19:16.0019 0x14c8 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:19:16.0019 0x14c8 gagp30kx - ok
08:19:16.0081 0x14c8 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
08:19:16.0159 0x14c8 gpsvc - ok
08:19:16.0237 0x14c8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:19:16.0237 0x14c8 gusvc - ok
08:19:16.0268 0x14c8 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:19:16.0268 0x14c8 hcw85cir - ok
08:19:16.0315 0x14c8 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:19:16.0346 0x14c8 HdAudAddService - ok
08:19:16.0378 0x14c8 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:19:16.0378 0x14c8 HDAudBus - ok
08:19:16.0409 0x14c8 [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
08:19:16.0409 0x14c8 HECI - ok
08:19:16.0440 0x14c8 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:19:16.0440 0x14c8 HidBatt - ok
08:19:16.0456 0x14c8 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:19:16.0456 0x14c8 HidBth - ok
08:19:16.0487 0x14c8 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:19:16.0502 0x14c8 HidIr - ok
08:19:16.0534 0x14c8 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
08:19:16.0534 0x14c8 hidserv - ok
08:19:16.0580 0x14c8 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
08:19:16.0580 0x14c8 HidUsb - ok
08:19:16.0612 0x14c8 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
08:19:16.0627 0x14c8 hkmsvc - ok
08:19:16.0658 0x14c8 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:19:16.0674 0x14c8 HomeGroupListener - ok
08:19:16.0705 0x14c8 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:19:16.0721 0x14c8 HomeGroupProvider - ok
08:19:16.0752 0x14c8 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:19:16.0768 0x14c8 HpSAMD - ok
08:19:16.0830 0x14c8 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:19:16.0877 0x14c8 HTTP - ok
08:19:16.0892 0x14c8 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:19:16.0908 0x14c8 hwpolicy - ok
08:19:16.0939 0x14c8 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:19:16.0939 0x14c8 i8042prt - ok
08:19:17.0002 0x14c8 [ D5EDB998656E6ECF1A17C78DAB019A3C, 59A6A658218CE098D28D2202DEE178973C91C5C008AE83391DD6EB64D97DA6A3 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
08:19:17.0017 0x14c8 iaStor - ok
08:19:17.0064 0x14c8 [ 7493EA4DE41348F7D3EDBF9DB298F56A, D40BE4E8D90B5F6EF0B16F3B9E9F63273FE558492A560CB291C7DE2864794CCB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:19:17.0064 0x14c8 IAStorDataMgrSvc - ok
08:19:17.0111 0x14c8 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:19:17.0142 0x14c8 iaStorV - ok
08:19:17.0220 0x14c8 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:19:17.0298 0x14c8 idsvc - ok
08:19:17.0392 0x14c8 [ BA459F9D857B493D29B01A1BD6C9167A, C9C085018629DE508BCC38DFCF4459057BEA015ECDEB69B8FCF8751A80AAC09D ] IDSVix86 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150706.001\IDSvix86.sys
08:19:17.0423 0x14c8 IDSVix86 - ok
08:19:17.0454 0x14c8 IEEtwCollectorService - ok
08:19:17.0860 0x14c8 [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
08:19:18.0250 0x14c8 igfx - ok
08:19:18.0281 0x14c8 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:19:18.0296 0x14c8 iirsp - ok
08:19:18.0359 0x14c8 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
08:19:18.0406 0x14c8 IKEEXT - ok
08:19:18.0452 0x14c8 [ 03C0D99BC2913226F1CEA7CB0D984659, DB42313E98D789634C83A1B8F90D815AA625A970E7C6D3B753386A94BBDAA3EE ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
08:19:18.0468 0x14c8 Impcd - ok
08:19:18.0640 0x14c8 [ 2A4EB3167A071A67D3F56E94663544EC, 0610929670CE2209995813473BB8380500763F328952E4DDDDAF9FF73379A294 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
08:19:18.0718 0x14c8 IntcAzAudAddService - ok
08:19:18.0764 0x14c8 [ 4EA6B57A3B71FD1A208AF054E97FBA37, 590AF022F02083996FA06187BE470CDEC11DA91BE077EA52B1415C048B8BE720 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:19:18.0780 0x14c8 IntcDAud - ok
08:19:18.0811 0x14c8 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
08:19:18.0811 0x14c8 intelide - ok
08:19:18.0858 0x14c8 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:19:18.0858 0x14c8 intelppm - ok
08:19:18.0889 0x14c8 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:19:18.0905 0x14c8 IPBusEnum - ok
08:19:18.0920 0x14c8 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:19:18.0920 0x14c8 IpFilterDriver - ok
08:19:18.0967 0x14c8 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:19:18.0998 0x14c8 iphlpsvc - ok
08:19:19.0030 0x14c8 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:19:19.0030 0x14c8 IPMIDRV - ok
08:19:19.0045 0x14c8 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:19:19.0061 0x14c8 IPNAT - ok
08:19:19.0092 0x14c8 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:19:19.0092 0x14c8 IRENUM - ok
08:19:19.0123 0x14c8 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:19:19.0123 0x14c8 isapnp - ok
08:19:19.0170 0x14c8 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:19:19.0186 0x14c8 iScsiPrt - ok
08:19:19.0201 0x14c8 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
08:19:19.0201 0x14c8 kbdclass - ok
08:19:19.0248 0x14c8 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:19:19.0248 0x14c8 kbdhid - ok
08:19:19.0264 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] KeyIso C:\Windows\system32\lsass.exe
08:19:19.0264 0x14c8 KeyIso - ok
08:19:19.0310 0x14c8 [ D8DF201E64B455DE473FEFD4A7A7AF0C, A6608EA1DD00AC280E655BF1C50067778FD0FCAF919F9C5C3F0B4AABFF54DA4B ] KMWDFilter C:\Windows\System32\Drivers\KMWDFilter.SYS
08:19:19.0310 0x14c8 KMWDFilter - ok
08:19:19.0373 0x14c8 [ 393B6C708B318C457317A32A1F45C545, 18A88519CB883169EEFECA0F8CA19DAD35D9201DFE00AF9230FEBD7C342395FC ] KMWDSERVICE C:\Program Files\Silvercrest NM1005 driver\KMWDSrv.exe
08:19:19.0388 0x14c8 KMWDSERVICE - ok
08:19:19.0420 0x14c8 [ 3C9D9DFCF517103677D7B6255C727B48, F03252C1EF131AC4FEB83983B7BB3BAAACE0EEB0B1CFA06D0E04A156D527A0FD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:19:19.0420 0x14c8 KSecDD - ok
08:19:19.0451 0x14c8 [ 0DFC56491C8B56A35AD52EAF770752FE, C887D6A06DD691DB6E6DC73D2ED0072FE5430F46F85111338196CF342C5892D0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:19:19.0451 0x14c8 KSecPkg - ok
08:19:19.0498 0x14c8 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
08:19:19.0529 0x14c8 KtmRm - ok
08:19:19.0591 0x14c8 [ 4566FD5F4416E7FEF3600E4B30D086C3, 8AF3E81D4BFE974D7419D1C7EFA7D2910AEA38A44C932A5EC83DAAAD995B7AB7 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
08:19:19.0591 0x14c8 L1C - ok
08:19:19.0638 0x14c8 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:19:19.0654 0x14c8 LanmanServer - ok
08:19:19.0685 0x14c8 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:19:19.0700 0x14c8 LanmanWorkstation - ok
08:19:19.0747 0x14c8 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:19:19.0747 0x14c8 lltdio - ok
08:19:19.0778 0x14c8 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:19:19.0794 0x14c8 lltdsvc - ok
08:19:19.0810 0x14c8 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:19:19.0810 0x14c8 lmhosts - ok
08:19:19.0888 0x14c8 [ 1E2F802846EB944E0333EFEE7C9532A8, 86EB59BF238E3DB8AF9E379B0BAE5AEC734C15598E665062B2E19C0A58BEF783 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:19:19.0903 0x14c8 LMS - ok
08:19:19.0966 0x14c8 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:19:19.0966 0x14c8 LSI_FC - ok
08:19:19.0997 0x14c8 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:19:20.0012 0x14c8 LSI_SAS - ok
08:19:20.0028 0x14c8 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:19:20.0044 0x14c8 LSI_SAS2 - ok
08:19:20.0075 0x14c8 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:19:20.0075 0x14c8 LSI_SCSI - ok
08:19:20.0106 0x14c8 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
08:19:20.0106 0x14c8 luafv - ok
08:19:20.0168 0x14c8 [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:19:20.0168 0x14c8 MBAMProtector - ok
08:19:20.0278 0x14c8 [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
08:19:20.0356 0x14c8 MBAMService - ok
08:19:20.0418 0x14c8 [ 167BCE00050B19DA25065335645A3C7A, 5CD3EA3E09B4ED318AB6151F56A17B0E4C8CE32DBB77342A39DEF53908F7D2F0 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
08:19:20.0418 0x14c8 MBAMWebAccessControl - ok
08:19:20.0465 0x14c8 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:19:20.0480 0x14c8 Mcx2Svc - ok
08:19:20.0496 0x14c8 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:19:20.0496 0x14c8 megasas - ok
08:19:20.0558 0x14c8 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:19:20.0590 0x14c8 MegaSR - ok
08:19:20.0621 0x14c8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
08:19:20.0621 0x14c8 MMCSS - ok
08:19:20.0699 0x14c8 [ 5B9CA81817E046666E7ABF8B9B101545, 6DD02C4C991198AC515847DAAEF7A3DF379636649FDB2623A0FBD8B51DADD523 ] mod7700 C:\Windows\system32\DRIVERS\mod7700.sys
08:19:20.0746 0x14c8 mod7700 - ok
08:19:20.0777 0x14c8 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
08:19:20.0777 0x14c8 Modem - ok
08:19:20.0792 0x14c8 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:19:20.0792 0x14c8 monitor - ok
08:19:20.0839 0x14c8 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\drivers\mouclass.sys
08:19:20.0855 0x14c8 mouclass - ok
08:19:20.0870 0x14c8 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:19:20.0870 0x14c8 mouhid - ok
08:19:20.0902 0x14c8 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:19:20.0902 0x14c8 mountmgr - ok
08:19:20.0948 0x14c8 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
08:19:20.0948 0x14c8 mpio - ok
08:19:20.0980 0x14c8 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:19:20.0980 0x14c8 mpsdrv - ok
08:19:21.0042 0x14c8 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:19:21.0104 0x14c8 MpsSvc - ok
08:19:21.0136 0x14c8 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:19:21.0136 0x14c8 MRxDAV - ok
08:19:21.0182 0x14c8 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:19:21.0182 0x14c8 mrxsmb - ok
08:19:21.0229 0x14c8 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:19:21.0229 0x14c8 mrxsmb10 - ok
08:19:21.0245 0x14c8 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:19:21.0260 0x14c8 mrxsmb20 - ok
08:19:21.0292 0x14c8 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
08:19:21.0292 0x14c8 msahci - ok
08:19:21.0307 0x14c8 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:19:21.0323 0x14c8 msdsm - ok
08:19:21.0354 0x14c8 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
08:19:21.0354 0x14c8 MSDTC - ok
08:19:21.0385 0x14c8 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:19:21.0401 0x14c8 Msfs - ok
08:19:21.0416 0x14c8 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:19:21.0416 0x14c8 mshidkmdf - ok
08:19:21.0448 0x14c8 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:19:21.0448 0x14c8 msisadrv - ok
08:19:21.0494 0x14c8 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:19:21.0510 0x14c8 MSiSCSI - ok
08:19:21.0510 0x14c8 msiserver - ok
08:19:21.0557 0x14c8 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:19:21.0557 0x14c8 MSKSSRV - ok
08:19:21.0588 0x14c8 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:19:21.0588 0x14c8 MSPCLOCK - ok
08:19:21.0604 0x14c8 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:19:21.0604 0x14c8 MSPQM - ok
08:19:21.0619 0x14c8 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:19:21.0635 0x14c8 MsRPC - ok
08:19:21.0666 0x14c8 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:19:21.0666 0x14c8 mssmbios - ok
08:19:21.0682 0x14c8 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:19:21.0682 0x14c8 MSTEE - ok
08:19:21.0713 0x14c8 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:19:21.0713 0x14c8 MTConfig - ok
08:19:21.0744 0x14c8 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
08:19:21.0744 0x14c8 Mup - ok
08:19:21.0916 0x14c8 [ ED3C7037BF8AEA20291C01B66078FF77, A052ED91C26746D236219785C1932394A769F0A34BCBDBE12B960484F532FB9D ] N360 C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe
08:19:21.0931 0x14c8 N360 - ok
08:19:21.0978 0x14c8 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
08:19:22.0025 0x14c8 napagent - ok
08:19:22.0072 0x14c8 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:19:22.0103 0x14c8 NativeWifiP - ok
08:19:22.0212 0x14c8 [ 18AD0AC87FF266B5E5616FCD6C577311, 8B97F1C95FDD650F14974CF16D8756CE5ABD9D8306D703C2AD5AC3BC6B6DF992 ] NAVENG C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150707.001\NAVENG.SYS
08:19:22.0212 0x14c8 NAVENG - ok
08:19:22.0321 0x14c8 [ 9EDB941A9FA181C4C3DEFF0A0559A056, 1EDC562955EE2D9A464F82A38F82555FE9021ABAC4B0DED99AE6E611EB750AF1 ] NAVEX15 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150707.001\NAVEX15.SYS
08:19:22.0368 0x14c8 NAVEX15 - ok
08:19:22.0425 0x14c8 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:19:22.0470 0x14c8 NDIS - ok
08:19:22.0495 0x14c8 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:19:22.0495 0x14c8 NdisCap - ok
08:19:22.0515 0x14c8 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:19:22.0515 0x14c8 NdisTapi - ok
08:19:22.0555 0x14c8 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:19:22.0560 0x14c8 Ndisuio - ok
08:19:22.0595 0x14c8 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:19:22.0605 0x14c8 NdisWan - ok
08:19:22.0620 0x14c8 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:19:22.0625 0x14c8 NDProxy - ok
08:19:22.0650 0x14c8 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:19:22.0655 0x14c8 NetBIOS - ok
08:19:22.0690 0x14c8 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:19:22.0700 0x14c8 NetBT - ok
08:19:22.0720 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] Netlogon C:\Windows\system32\lsass.exe
08:19:22.0725 0x14c8 Netlogon - ok
08:19:22.0765 0x14c8 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
08:19:22.0780 0x14c8 Netman - ok
08:19:22.0825 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0835 0x14c8 NetMsmqActivator - ok
08:19:22.0860 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0865 0x14c8 NetPipeActivator - ok
08:19:22.0915 0x14c8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
08:19:22.0950 0x14c8 netprofm - ok
08:19:22.0960 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0970 0x14c8 NetTcpActivator - ok
08:19:22.0980 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0990 0x14c8 NetTcpPortSharing - ok
08:19:23.0025 0x14c8 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:19:23.0030 0x14c8 nfrd960 - ok
08:19:23.0075 0x14c8 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:19:23.0090 0x14c8 NlaSvc - ok
08:19:23.0115 0x14c8 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:19:23.0120 0x14c8 Npfs - ok
08:19:23.0145 0x14c8 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
08:19:23.0150 0x14c8 nsi - ok
08:19:23.0160 0x14c8 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:19:23.0160 0x14c8 nsiproxy - ok
08:19:23.0250 0x14c8 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:19:23.0340 0x14c8 Ntfs - ok
08:19:23.0355 0x14c8 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
08:19:23.0360 0x14c8 Null - ok
08:19:23.0400 0x14c8 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:19:23.0410 0x14c8 nvraid - ok
08:19:23.0460 0x14c8 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:19:23.0470 0x14c8 nvstor - ok
08:19:23.0495 0x14c8 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:19:23.0500 0x14c8 nv_agp - ok
08:19:23.0535 0x14c8 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:19:23.0540 0x14c8 ohci1394 - ok
08:19:23.0585 0x14c8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:19:23.0605 0x14c8 p2pimsvc - ok
08:19:23.0645 0x14c8 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
08:19:23.0665 0x14c8 p2psvc - ok
08:19:23.0700 0x14c8 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:19:23.0705 0x14c8 Parport - ok
08:19:23.0740 0x14c8 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:19:23.0745 0x14c8 partmgr - ok
08:19:23.0770 0x14c8 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
08:19:23.0770 0x14c8 Parvdm - ok
08:19:23.0805 0x14c8 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
08:19:23.0815 0x14c8 PcaSvc - ok
08:19:23.0855 0x14c8 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
08:19:23.0865 0x14c8 pci - ok
08:19:23.0900 0x14c8 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
08:19:23.0900 0x14c8 pciide - ok
08:19:23.0940 0x14c8 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:19:23.0950 0x14c8 pcmcia - ok
08:19:23.0990 0x14c8 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
08:19:23.0990 0x14c8 pcw - ok
08:19:24.0050 0x14c8 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:19:24.0145 0x14c8 PEAUTH - ok
08:19:24.0290 0x14c8 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
08:19:24.0365 0x14c8 pla - ok
08:19:24.0430 0x14c8 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:19:24.0460 0x14c8 PlugPlay - ok
08:19:24.0495 0x14c8 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:19:24.0500 0x14c8 PNRPAutoReg - ok
08:19:24.0540 0x14c8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:19:24.0555 0x14c8 PNRPsvc - ok
08:19:24.0605 0x14c8 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:19:24.0625 0x14c8 PolicyAgent - ok
08:19:24.0660 0x14c8 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
08:19:24.0670 0x14c8 Power - ok
08:19:24.0710 0x14c8 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:19:24.0715 0x14c8 PptpMiniport - ok
08:19:24.0740 0x14c8 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:19:24.0745 0x14c8 Processor - ok
08:19:24.0770 0x14c8 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
08:19:24.0780 0x14c8 ProfSvc - ok
08:19:24.0795 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:19:24.0800 0x14c8 ProtectedStorage - ok
08:19:24.0830 0x14c8 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:19:24.0835 0x14c8 Psched - ok
08:19:24.0900 0x14c8 [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI C:\Windows\system32\DRIVERS\psi_mf_x86.sys
08:19:24.0900 0x14c8 PSI - ok
08:19:24.0940 0x14c8 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
08:19:24.0955 0x14c8 PSI_SVC_2 - ok
08:19:25.0065 0x14c8 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:19:25.0160 0x14c8 ql2300 - ok
08:19:25.0190 0x14c8 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:19:25.0195 0x14c8 ql40xx - ok
08:19:25.0235 0x14c8 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
08:19:25.0245 0x14c8 QWAVE - ok
08:19:25.0265 0x14c8 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:19:25.0265 0x14c8 QWAVEdrv - ok
08:19:25.0285 0x14c8 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:19:25.0285 0x14c8 RasAcd - ok
08:19:25.0305 0x14c8 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:19:25.0305 0x14c8 RasAgileVpn - ok
08:19:25.0335 0x14c8 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
08:19:25.0345 0x14c8 RasAuto - ok
08:19:25.0370 0x14c8 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:19:25.0375 0x14c8 Rasl2tp - ok
08:19:25.0430 0x14c8 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
08:19:25.0450 0x14c8 RasMan - ok
08:19:25.0475 0x14c8 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:19:25.0480 0x14c8 RasPppoe - ok
08:19:25.0500 0x14c8 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:19:25.0505 0x14c8 RasSstp - ok
08:19:25.0525 0x14c8 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:19:25.0540 0x14c8 rdbss - ok
08:19:25.0575 0x14c8 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:19:25.0575 0x14c8 rdpbus - ok
08:19:25.0605 0x14c8 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:19:25.0605 0x14c8 RDPCDD - ok
08:19:25.0630 0x14c8 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:19:25.0635 0x14c8 RDPENCDD - ok
08:19:25.0645 0x14c8 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:19:25.0645 0x14c8 RDPREFMP - ok
08:19:25.0680 0x14c8 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:19:25.0690 0x14c8 RDPWD - ok
08:19:25.0745 0x14c8 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:19:25.0755 0x14c8 rdyboost - ok
08:19:25.0790 0x14c8 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:19:25.0800 0x14c8 RemoteAccess - ok
08:19:25.0830 0x14c8 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:19:25.0840 0x14c8 RemoteRegistry - ok
08:19:25.0855 0x14c8 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:19:25.0860 0x14c8 RpcEptMapper - ok
08:19:25.0890 0x14c8 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
08:19:25.0890 0x14c8 RpcLocator - ok
08:19:25.0930 0x14c8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
08:19:25.0940 0x14c8 RpcSs - ok
08:19:25.0975 0x14c8 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:19:25.0975 0x14c8 rspndr - ok
08:19:26.0025 0x14c8 [ A633399432491BB173BB3CF3B41B9C55, B4AD5D5B3801D026BE3FC4EAB97543193A90C2262EE0EF82261670149FCB58C6 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
08:19:26.0035 0x14c8 RSUSBSTOR - ok
08:19:26.0115 0x14c8 [ 7AC9F43613CD0EE40BEBBF150FF3A189, C8260E36BE5E156936273FA3FE02C996C06740843E663AFCB1904E4976B37581 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
08:19:26.0145 0x14c8 rtl8192se - ok
08:19:26.0165 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] SamSs C:\Windows\system32\lsass.exe
08:19:26.0165 0x14c8 SamSs - ok
08:19:26.0210 0x14c8 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:19:26.0215 0x14c8 sbp2port - ok
08:19:26.0255 0x14c8 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:19:26.0270 0x14c8 SCardSvr - ok
08:19:26.0290 0x14c8 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:19:26.0295 0x14c8 scfilter - ok
08:19:26.0355 0x14c8 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
08:19:26.0410 0x14c8 Schedule - ok
08:19:26.0450 0x14c8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:19:26.0455 0x14c8 SCPolicySvc - ok
08:19:26.0490 0x14c8 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:19:26.0500 0x14c8 SDRSVC - ok
08:19:26.0535 0x14c8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:19:26.0540 0x14c8 secdrv - ok
08:19:26.0570 0x14c8 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
08:19:26.0575 0x14c8 seclogon - ok
08:19:26.0745 0x14c8 [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
08:19:26.0790 0x14c8 Secunia PSI Agent - ok
08:19:26.0910 0x14c8 [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
08:19:26.0975 0x14c8 Secunia Update Agent - ok
08:19:27.0000 0x14c8 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
08:19:27.0005 0x14c8 SENS - ok
08:19:27.0020 0x14c8 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:19:27.0025 0x14c8 SensrSvc - ok
08:19:27.0060 0x14c8 [ B97E1D0E59A128394F24E9F31E227EF2, 4E3349407522F31D60ACF0BDC050A02D646905048471C43E1A4CFDB31F0D7C64 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl.sys
08:19:27.0070 0x14c8 Ser2pl - ok
08:19:27.0085 0x14c8 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:19:27.0085 0x14c8 Serenum - ok
08:19:27.0095 0x14c8 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:19:27.0100 0x14c8 Serial - ok
08:19:27.0115 0x14c8 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:19:27.0120 0x14c8 sermouse - ok
08:19:27.0150 0x14c8 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
08:19:27.0155 0x14c8 SessionEnv - ok
08:19:27.0175 0x14c8 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:19:27.0175 0x14c8 sffdisk - ok
08:19:27.0190 0x14c8 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:19:27.0190 0x14c8 sffp_mmc - ok
08:19:27.0205 0x14c8 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:19:27.0205 0x14c8 sffp_sd - ok
08:19:27.0245 0x14c8 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:19:27.0250 0x14c8 sfloppy - ok
08:19:27.0285 0x14c8 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:19:27.0310 0x14c8 SharedAccess - ok
08:19:27.0345 0x14c8 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:19:27.0370 0x14c8 ShellHWDetection - ok
08:19:27.0390 0x14c8 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
08:19:27.0395 0x14c8 sisagp - ok
08:19:27.0420 0x14c8 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:19:27.0425 0x14c8 SiSRaid2 - ok
08:19:27.0465 0x14c8 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:19:27.0470 0x14c8 SiSRaid4 - ok
08:19:27.0500 0x14c8 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:19:27.0505 0x14c8 Smb - ok
08:19:27.0565 0x14c8 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:19:27.0570 0x14c8 SNMPTRAP - ok
08:19:27.0590 0x14c8 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
08:19:27.0590 0x14c8 spldr - ok
08:19:27.0625 0x14c8 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
08:19:27.0660 0x14c8 Spooler - ok
08:19:27.0820 0x14c8 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
08:19:27.0925 0x14c8 sppsvc - ok
08:19:27.0965 0x14c8 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:19:27.0975 0x14c8 sppuinotify - ok
08:19:28.0000 0x14c8 [ 1C63FE706AB797BC3C24813FF969B4DE, 7AD2016E1A8119B3E6063F8D065BA16D558E8DA4293604BE4CF7D1C493F5CEED ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys
08:19:28.0005 0x14c8 Spyder3 - ok
08:19:28.0170 0x14c8 [ F0910D9F11A5C1A32B05C8A5B3FB1571, 55E605DEE056966981E93F39BD7851C5F97949A7C6D9E3BEFC1933CB074C3F4D ] SRTSP C:\Windows\System32\Drivers\N360\1605000.07C\SRTSP.SYS
08:19:28.0195 0x14c8 SRTSP - ok
08:19:28.0215 0x14c8 [ 8360A8AF7AA0FCDC67C82FDEF7C38A4B, 9C74DC0B079C2ECD48D9DAD51269DE1DA3F9967EE2706BB39004B9984C4BB6CA ] SRTSPX C:\Windows\system32\drivers\N360\1605000.07C\SRTSPX.SYS
08:19:28.0215 0x14c8 SRTSPX - ok
08:19:28.0250 0x14c8 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:19:28.0265 0x14c8 srv - ok
08:19:28.0295 0x14c8 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:19:28.0305 0x14c8 srv2 - ok
08:19:28.0320 0x14c8 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:19:28.0325 0x14c8 srvnet - ok
08:19:28.0355 0x14c8 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:19:28.0360 0x14c8 SSDPSRV - ok
08:19:28.0380 0x14c8 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:19:28.0385 0x14c8 SstpSvc - ok
08:19:28.0400 0x14c8 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:19:28.0405 0x14c8 stexstor - ok
08:19:28.0452 0x14c8 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
08:19:28.0483 0x14c8 StiSvc - ok
08:19:28.0514 0x14c8 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
08:19:28.0514 0x14c8 swenum - ok
08:19:28.0545 0x14c8 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
08:19:28.0545 0x14c8 swprv - ok
08:19:28.0701 0x14c8 [ 1B92C102E6F6D28D9A4B86BE1160D6F0, 672D383D3396E9380E6E39839586D20EDC02C6E2EA4CDE9F3282F366B331E603 ] SymEFASI C:\Windows\system32\drivers\N360\1605000.07C\SYMEFASI.SYS
08:19:28.0764 0x14c8 SymEFASI - ok
08:19:28.0826 0x14c8 [ 3A6653DD91E159476409D567CB9D4708, D4F1D331D8A2455A03070B46A52FED10BC3FEF37750099F72CD35331CCE6B1DD ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
08:19:28.0826 0x14c8 SymEvent - ok
08:19:28.0873 0x14c8 [ D31541BE604898F04B86278010E834DE, E29D10BC138D0607EC9FC6ACCA6AEA1071FE41139F429499C3081C6A51C8C5DC ] SymIRON C:\Windows\system32\drivers\N360\1605000.07C\Ironx86.SYS
08:19:28.0888 0x14c8 SymIRON - ok
08:19:28.0966 0x14c8 [ 30DA051C81788C1091A70BF0E2989777, 4295EE071E5C5582D0A0D39F306D364497E04E88FEA749D048D0B094586FEFC6 ] SymNetS C:\Windows\System32\Drivers\N360\1605000.07C\SYMNETS.SYS
08:19:28.0982 0x14c8 SymNetS - ok
08:19:29.0029 0x14c8 [ D776EB85A20696D9D43129CCF6E703E2, F4C16C6EE09DA173A8FE3FD85E3F81E68AB4FF66D996FA3CCC47989052DD69C2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:19:29.0044 0x14c8 SynTP - ok
08:19:29.0138 0x14c8 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
08:19:29.0200 0x14c8 SysMain - ok
08:19:29.0247 0x14c8 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
08:19:29.0263 0x14c8 TabletInputService - ok
08:19:29.0294 0x14c8 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
08:19:29.0325 0x14c8 TapiSrv - ok
08:19:29.0356 0x14c8 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
08:19:29.0356 0x14c8 TBS - ok
08:19:29.0450 0x14c8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:19:29.0544 0x14c8 Tcpip - ok
08:19:29.0590 0x14c8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:19:29.0637 0x14c8 TCPIP6 - ok
08:19:29.0653 0x14c8 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:19:29.0653 0x14c8 tcpipreg - ok
08:19:29.0684 0x14c8 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:19:29.0684 0x14c8 TDPIPE - ok
08:19:29.0715 0x14c8 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:19:29.0715 0x14c8 TDTCP - ok
08:19:29.0746 0x14c8 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:19:29.0746 0x14c8 tdx - ok
08:19:29.0778 0x14c8 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:19:29.0778 0x14c8 TermDD - ok
08:19:29.0840 0x14c8 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
08:19:29.0887 0x14c8 TermService - ok
08:19:29.0934 0x14c8 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
08:19:29.0934 0x14c8 Themes - ok
08:19:29.0965 0x14c8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
08:19:29.0965 0x14c8 THREADORDER - ok
08:19:29.0996 0x14c8 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
08:19:29.0996 0x14c8 TrkWks - ok
08:19:30.0058 0x14c8 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:19:30.0074 0x14c8 TrustedInstaller - ok
08:19:30.0105 0x14c8 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:19:30.0105 0x14c8 tssecsrv - ok
08:19:30.0136 0x14c8 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:19:30.0136 0x14c8 TsUsbFlt - ok
08:19:30.0246 0x14c8 [ C1A64414DB4E49D41D9DF9359ED9369B, 9AD4971380D4B76089363A66E2CE220139DB6B5D96334CBCF2B7FAEDA3A386F0 ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
08:19:30.0292 0x14c8 TuneUp.Defrag - ok
08:19:30.0386 0x14c8 [ DC653CF2D70827C4EBC2B157DA25CF57, 2361101B2E5D15FB7E3690681E402C23E1A149442D1907D5C9DB8BEF19E70C29 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
08:19:30.0417 0x14c8 TuneUp.UtilitiesSvc - ok
08:19:30.0464 0x14c8 [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
08:19:30.0464 0x14c8 TuneUpUtilitiesDrv - ok
08:19:30.0511 0x14c8 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:19:30.0511 0x14c8 tunnel - ok
08:19:30.0542 0x14c8 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:19:30.0558 0x14c8 uagp35 - ok
08:19:30.0573 0x14c8 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:19:30.0589 0x14c8 udfs - ok
08:19:30.0620 0x14c8 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:19:30.0620 0x14c8 UI0Detect - ok
08:19:30.0667 0x14c8 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:19:30.0667 0x14c8 uliagpkx - ok
08:19:30.0714 0x14c8 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
08:19:30.0714 0x14c8 umbus - ok
08:19:30.0760 0x14c8 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:19:30.0760 0x14c8 UmPass - ok
08:19:30.0916 0x14c8 [ AF905F4966CFC8B973623AB150CD4B2B, E1BF0481A584C10AE4A927A01A1E6B76036C18FAF7AB38D9B78641F5808D9888 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:19:31.0041 0x14c8 UNS - ok
08:19:31.0072 0x14c8 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
08:19:31.0088 0x14c8 upnphost - ok
08:19:31.0119 0x14c8 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:19:31.0119 0x14c8 usbccgp - ok
08:19:31.0166 0x14c8 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:19:31.0166 0x14c8 usbcir - ok
08:19:31.0182 0x14c8 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:19:31.0182 0x14c8 usbehci - ok
08:19:31.0213 0x14c8 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:19:31.0228 0x14c8 usbhub - ok
08:19:31.0244 0x14c8 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:19:31.0244 0x14c8 usbohci - ok
08:19:31.0275 0x14c8 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:19:31.0275 0x14c8 usbprint - ok
08:19:31.0306 0x14c8 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:19:31.0322 0x14c8 USBSTOR - ok
08:19:31.0322 0x14c8 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:19:31.0322 0x14c8 usbuhci - ok
08:19:31.0353 0x14c8 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
08:19:31.0353 0x14c8 UxSms - ok
08:19:31.0400 0x14c8 [ DC2172ACCB384C6A3D59342050422102, 64B7CA9383FD3D6F4F6B5EC55E483C72D6BAF47BA4A3AF33F802E7A1DFDC359B ] UxTuneUp C:\Windows\System32\uxtuneup.dll
08:19:31.0416 0x14c8 UxTuneUp - ok
08:19:31.0431 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] VaultSvc C:\Windows\system32\lsass.exe
08:19:31.0431 0x14c8 VaultSvc - ok
08:19:31.0462 0x14c8 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:19:31.0462 0x14c8 vdrvroot - ok
08:19:31.0525 0x14c8 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
08:19:31.0587 0x14c8 vds - ok
08:19:31.0618 0x14c8 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:19:31.0618 0x14c8 vga - ok
08:19:31.0634 0x14c8 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:19:31.0634 0x14c8 VgaSave - ok
08:19:31.0665 0x14c8 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:19:31.0681 0x14c8 vhdmp - ok
08:19:31.0696 0x14c8 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
08:19:31.0696 0x14c8 viaagp - ok
08:19:31.0743 0x14c8 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
08:19:31.0743 0x14c8 ViaC7 - ok
08:19:31.0774 0x14c8 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
08:19:31.0774 0x14c8 viaide - ok
08:19:31.0806 0x14c8 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:19:31.0806 0x14c8 volmgr - ok
08:19:31.0868 0x14c8 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:19:31.0868 0x14c8 volmgrx - ok
08:19:31.0899 0x14c8 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:19:31.0915 0x14c8 volsnap - ok
08:19:31.0946 0x14c8 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:19:31.0946 0x14c8 vsmraid - ok
08:19:32.0024 0x14c8 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
08:19:32.0086 0x14c8 VSS - ok
08:19:32.0118 0x14c8 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:19:32.0118 0x14c8 vwifibus - ok
08:19:32.0149 0x14c8 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:19:32.0149 0x14c8 vwififlt - ok
08:19:32.0180 0x14c8 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
08:19:32.0196 0x14c8 W32Time - ok
08:19:32.0289 0x14c8 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
08:19:32.0320 0x14c8 W3SVC - ok
08:19:32.0352 0x14c8 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:19:32.0367 0x14c8 WacomPen - ok
08:19:32.0398 0x14c8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:19:32.0398 0x14c8 WANARP - ok
08:19:32.0398 0x14c8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:19:32.0414 0x14c8 Wanarpv6 - ok
08:19:32.0461 0x14c8 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
08:19:32.0476 0x14c8 WAS - ok
08:19:32.0554 0x14c8 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
08:19:32.0632 0x14c8 wbengine - ok
08:19:32.0664 0x14c8 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:19:32.0664 0x14c8 WbioSrvc - ok
08:19:32.0695 0x14c8 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:19:32.0710 0x14c8 wcncsvc - ok
08:19:32.0726 0x14c8 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:19:32.0726 0x14c8 WcsPlugInService - ok
08:19:32.0757 0x14c8 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:19:32.0757 0x14c8 Wd - ok
08:19:32.0820 0x14c8 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:19:32.0866 0x14c8 Wdf01000 - ok
08:19:32.0913 0x14c8 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:19:32.0913 0x14c8 WdiServiceHost - ok
08:19:32.0929 0x14c8 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:19:32.0929 0x14c8 WdiSystemHost - ok
08:19:32.0976 0x14c8 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
08:19:32.0991 0x14c8 WebClient - ok
08:19:33.0038 0x14c8 [ A0F28966756F161290B7320BAFD92CC8, F5D590792DBFB39FA57E59F900712FE672D2A67B5C7AB99E6913ECBD4EDE7D10 ] WebUpdate4 C:\Windows\system32\WebUpdateSvc4.exe
08:19:33.0054 0x14c8 WebUpdate4 - ok
08:19:33.0085 0x14c8 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:19:33.0100 0x14c8 Wecsvc - ok
08:19:33.0116 0x14c8 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:19:33.0132 0x14c8 wercplsupport - ok
08:19:33.0147 0x14c8 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
08:19:33.0163 0x14c8 WerSvc - ok
08:19:33.0194 0x14c8 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:19:33.0194 0x14c8 WfpLwf - ok
08:19:33.0210 0x14c8 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:19:33.0210 0x14c8 WIMMount - ok
08:19:33.0319 0x14c8 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
08:19:33.0381 0x14c8 WinDefend - ok
08:19:33.0397 0x14c8 WinHttpAutoProxySvc - ok
08:19:33.0490 0x14c8 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:19:33.0506 0x14c8 Winmgmt - ok
08:19:33.0600 0x14c8 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
08:19:33.0709 0x14c8 WinRM - ok
08:19:33.0802 0x14c8 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C, 235C7A41425846EFE4966490EB7F72AA768B3FE1665843BF58520DDBD6822A74 ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe
08:19:33.0802 0x14c8 WisLMSvc - ok
08:19:33.0880 0x14c8 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:19:33.0990 0x14c8 Wlansvc - ok
08:19:34.0036 0x14c8 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:19:34.0036 0x14c8 WmiAcpi - ok
08:19:34.0068 0x14c8 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:19:34.0083 0x14c8 wmiApSrv - ok
08:19:34.0192 0x14c8 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:19:34.0255 0x14c8 WMPNetworkSvc - ok
08:19:34.0286 0x14c8 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:19:34.0286 0x14c8 WPCSvc - ok
08:19:34.0317 0x14c8 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:19:34.0333 0x14c8 WPDBusEnum - ok
08:19:34.0364 0x14c8 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:19:34.0364 0x14c8 ws2ifsl - ok
08:19:34.0380 0x14c8 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
08:19:34.0380 0x14c8 wscsvc - ok
08:19:34.0395 0x14c8 WSearch - ok
08:19:34.0536 0x14c8 [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv C:\Windows\system32\wuaueng.dll
08:19:34.0660 0x14c8 wuauserv - ok
08:19:34.0692 0x14c8 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:19:34.0692 0x14c8 WudfPf - ok
08:19:34.0723 0x14c8 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:19:34.0738 0x14c8 wudfsvc - ok
08:19:34.0770 0x14c8 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
08:19:34.0785 0x14c8 WwanSvc - ok
08:19:34.0816 0x14c8 [ 1F93FCB5BAB3A921ECBA522F63586F4A, 0340B73DBC953B50572666EC603E87F253B9CEB9B0489A441A6A2171A04595D8 ] X10Hid C:\Windows\System32\Drivers\x10hid.sys
08:19:34.0816 0x14c8 X10Hid - ok
08:19:34.0863 0x14c8 [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
08:19:34.0863 0x14c8 x10nets - ok
08:19:34.0894 0x14c8 [ 378DC1B0B1F62A7488EE8D31A3C6E949, 8334CBC479797DC82551D38DFF1AEF5E41E4C6427D410C633DECC95C4FB84C0E ] XUIF C:\Windows\System32\Drivers\x10ufx2.sys
08:19:34.0894 0x14c8 XUIF - ok
08:19:34.0926 0x14c8 ================ Scan global ===============================
08:19:34.0957 0x14c8 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
08:19:34.0988 0x14c8 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
08:19:35.0019 0x14c8 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
08:19:35.0050 0x14c8 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
08:19:35.0097 0x14c8 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
08:19:35.0097 0x14c8 [ Global ] - ok
08:19:35.0097 0x14c8 ================ Scan MBR ==================================
08:19:35.0113 0x14c8 [ 8A1C59E4DFEF87510470928550466632 ] \Device\Harddisk0\DR0
08:19:38.0248 0x14c8 \Device\Harddisk0\DR0 - ok
08:19:38.0248 0x14c8 ================ Scan VBR ==================================
08:19:38.0248 0x14c8 [ 8C93A2D9E95CB4B1D841C00D39061704 ] \Device\Harddisk0\DR0\Partition1
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition1 - ok
08:19:38.0264 0x14c8 [ AD83B5DA10D3E8F55EF494AC8169BA32 ] \Device\Harddisk0\DR0\Partition2
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition2 - ok
08:19:38.0264 0x14c8 [ 9769CDCD7A7B1A6898FAAAF7C4A6A7FF ] \Device\Harddisk0\DR0\Partition3
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition3 - ok
08:19:38.0264 0x14c8 ================ Scan generic autorun ======================
08:19:38.0342 0x14c8 [ 852F12CA7C4FC7E3D77B606492435556, CCDA88794836D40701BF5B0A6872686DDE19C54AFCE6A954C9D83102BB12AEAF ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
08:19:38.0373 0x14c8 IAStorIcon - ok
08:19:38.0732 0x14c8 [ 750C7CEC215C3DACCBD52CF0AB80EC8F, 6086D9311529228CF3CC5DDFF1CF91D478AC16831572385E6930D15B19C3A727 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
08:19:39.0091 0x14c8 RtHDVCpl - ok
08:19:39.0138 0x14c8 [ 2F0ED11A907837A4F5393058AB4490D8, 62A2F9172712ABB2332461F50851D36649F48A3DC6058B073C4E6B01409EAF91 ] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
08:19:39.0169 0x14c8 RtHDVBg - ok
08:19:39.0184 0x14c8 [ 8D2851FC8807D456319C721AE3809824, 3AB40A5538C04CC536523E1AB890BBD4BA648134BB594B852EB8434DCE80632C ] C:\Program Files\Launch Manager\HotkeyApp.exe
08:19:39.0184 0x14c8 HotkeyApp - ok
08:19:39.0216 0x14c8 [ DFA1067EA4157BCCCFD48F052066A076, 5E5B60C20CFF1F3F9D45588B0E0AEB59C3F4C11089CCB52AA92890773BAA081F ] C:\Program Files\Launch Manager\OSD.exe
08:19:39.0216 0x14c8 LMgrVolOSD - ok
08:19:39.0247 0x14c8 [ 9A50FDA9859695E0938EB85E050BCAAF, 36026AF31C905EB9425275D553455FAE0724537F8C3287B8802E910BFE57046E ] C:\Program Files\Launch Manager\Wbutton.exe
08:19:39.0262 0x14c8 Wbutton - ok
08:19:39.0387 0x14c8 [ B2D2DB4C716665691816C77557AD685C, F8B919FED0B4E979DC3F39578D59CFB2D984AFBDD67A6A4D850F71930C28016D ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
08:19:39.0481 0x14c8 SynTPEnh - ok
08:19:39.0512 0x14c8 [ 1029B84ECBE4B95ACB8491A3FE63D70F, DF765BEE2B20800646F70B9E473B95F52457316CB331A3E0BF6974D827AB989D ] C:\Windows\system32\igfxtray.exe
08:19:39.0528 0x14c8 IgfxTray - ok
08:19:39.0543 0x14c8 [ 3CD5BBDA19A1AB4EBA359E0A14FDF0F0, 992E7322C86DA533F6DB9192427EBDC5A8F4D1A878F4B30A17ABD54656CFF6C1 ] C:\Windows\system32\hkcmd.exe
08:19:39.0559 0x14c8 HotKeysCmds - ok
08:19:39.0590 0x14c8 [ 3142195521FEE436088EE8A5748DE1B1, EE8E65977AA0EAC0BF48F7C4620946E48679F047EFC515D5F2E52EA4B88C5731 ] C:\Windows\system32\igfxpers.exe
08:19:39.0606 0x14c8 Persistence - ok
08:19:39.0668 0x14c8 [ E6DEED311D830678E1A0B4889F3C2F0E, 99D34ED089BCC653DE3941C179C4201CC7158F1E4CAE50604908DBB11ACB3905 ] C:\Program Files\Silvercrest NM1005 driver\StartAutorun.exe
08:19:39.0684 0x14c8 KMCONFIG - ok
08:19:39.0980 0x14c8 [ EE526B0428581B57FFC571FF57309E28, 1CF4DD251E78F2B67C4B1973E3378D6B87C5698EEC398CA4043621842ACC426C ] C:\Program Files\CCleaner\CCleaner.exe
08:19:40.0245 0x14c8 CCleaner Monitoring - ok
08:19:40.0354 0x14c8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
08:19:40.0448 0x14c8 Sidebar - ok
08:19:40.0479 0x14c8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
08:19:40.0479 0x14c8 mctadmin - ok
08:19:40.0495 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:41.0509 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:42.0523 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:43.0552 0x14c8 AV detected via SS2: Norton 360 Premier, C:\Program Files\Norton 360\Engine\22.5.0.124\WSCStub.exe ( 22.5.0.0 ), 0x50000 ( disabled : updated )
08:19:43.0552 0x14c8 FW detected via SS2: Norton 360 Premier, C:\Program Files\Norton 360\Engine\22.5.0.124\WSCStub.exe ( 22.5.0.0 ), 0x50010 ( disabled )
08:19:43.0568 0x14c8 Win FW state via NFP2: enabled
08:19:46.0017 0x14c8 ============================================================
08:19:46.0017 0x14c8 Scan finished
08:19:46.0017 0x14c8 ============================================================
08:19:46.0033 0x14c0 Detected object count: 0
08:19:46.0033 0x14c0 Actual detected object count: 0

Frusti 08.07.2015 07:40
08:18:42.0713 0x148c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
08:18:48.0157 0x148c ============================================================
08:18:48.0157 0x148c Current date / time: 2015/07/08 08:18:48.0157
08:18:48.0157 0x148c SystemInfo:
08:18:48.0157 0x148c
08:18:48.0157 0x148c OS Version: 6.1.7601 ServicePack: 1.0
08:18:48.0157 0x148c Product type: Workstation
08:18:48.0157 0x148c ComputerName: PC
08:18:48.0157 0x148c UserName: GHM
08:18:48.0157 0x148c Windows directory: C:\Windows
08:18:48.0157 0x148c System windows directory: C:\Windows
08:18:48.0157 0x148c Processor architecture: Intel x86
08:18:48.0157 0x148c Number of processors: 4
08:18:48.0157 0x148c Page size: 0x1000
08:18:48.0157 0x148c Boot type: Normal boot
08:18:48.0157 0x148c ============================================================
08:18:48.0469 0x148c KLMD registered as C:\Windows\system32\drivers\14673167.sys
08:18:48.0766 0x148c System UUID: {4ECAA060-4151-19AE-4A30-A0627BFFA00F}
08:18:49.0280 0x148c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:18:49.0280 0x148c ============================================================
08:18:49.0280 0x148c \Device\Harddisk0\DR0:
08:18:49.0280 0x148c MBR partitions:
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x35152000
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x35184800, BlocksNum 0x5000000
08:18:49.0280 0x148c ============================================================
08:18:49.0312 0x148c C: <-> \Device\Harddisk0\DR0\Partition2
08:18:49.0358 0x148c D: <-> \Device\Harddisk0\DR0\Partition3
08:18:49.0358 0x148c ============================================================
08:18:49.0358 0x148c Initialize success
08:18:49.0358 0x148c ============================================================
08:18:53.0258 0x14c8 ============================================================
08:18:53.0258 0x14c8 Scan started
08:18:53.0258 0x14c8 Mode: Manual;
08:18:53.0258 0x14c8 ============================================================
08:18:53.0258 0x14c8 KSN ping started
08:19:08.0656 0x14c8 KSN ping finished: true
08:19:09.0295 0x14c8 ================ Scan system memory ========================
08:19:09.0295 0x14c8 System memory - ok
08:19:09.0295 0x14c8 ================ Scan services =============================
08:19:09.0529 0x14c8 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:19:09.0545 0x14c8 1394ohci - ok
08:19:09.0623 0x14c8 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:19:09.0638 0x14c8 ACPI - ok
08:19:09.0670 0x14c8 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:19:09.0670 0x14c8 AcpiPmi - ok
08:19:09.0794 0x14c8 [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:19:09.0810 0x14c8 AdobeARMservice - ok
08:19:09.0888 0x14c8 [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:19:09.0919 0x14c8 AdobeFlashPlayerUpdateSvc - ok
08:19:09.0997 0x14c8 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:19:10.0044 0x14c8 adp94xx - ok
08:19:10.0106 0x14c8 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:19:10.0138 0x14c8 adpahci - ok
08:19:10.0216 0x14c8 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:19:10.0216 0x14c8 adpu320 - ok
08:19:10.0262 0x14c8 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:19:10.0278 0x14c8 AeLookupSvc - ok
08:19:10.0325 0x14c8 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
08:19:10.0372 0x14c8 AFD - ok
08:19:10.0387 0x14c8 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
08:19:10.0403 0x14c8 agp440 - ok
08:19:10.0434 0x14c8 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
08:19:10.0450 0x14c8 aic78xx - ok
08:19:10.0496 0x14c8 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
08:19:10.0496 0x14c8 ALG - ok
08:19:10.0512 0x14c8 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
08:19:10.0528 0x14c8 aliide - ok
08:19:10.0543 0x14c8 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
08:19:10.0543 0x14c8 amdagp - ok
08:19:10.0574 0x14c8 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
08:19:10.0590 0x14c8 amdide - ok
08:19:10.0606 0x14c8 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:19:10.0621 0x14c8 AmdK8 - ok
08:19:10.0621 0x14c8 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:19:10.0637 0x14c8 AmdPPM - ok
08:19:10.0668 0x14c8 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:19:10.0684 0x14c8 amdsata - ok
08:19:10.0699 0x14c8 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:19:10.0699 0x14c8 amdsbs - ok
08:19:10.0730 0x14c8 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:19:10.0730 0x14c8 amdxata - ok
08:19:10.0793 0x14c8 [ D1AF38FBAC0DC7E6D796B0ED01707EE0, FAFD2C36594A1628293E7623C8CAB2D47EDF8C6C0E18CC2FB37F9A6CA1F0E57C ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
08:19:10.0793 0x14c8 AppHostSvc - ok
08:19:10.0824 0x14c8 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
08:19:10.0824 0x14c8 AppID - ok
08:19:10.0871 0x14c8 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:19:10.0886 0x14c8 AppIDSvc - ok
08:19:10.0918 0x14c8 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
08:19:10.0918 0x14c8 Appinfo - ok
08:19:10.0964 0x14c8 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
08:19:10.0964 0x14c8 arc - ok
08:19:11.0011 0x14c8 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:19:11.0011 0x14c8 arcsas - ok
08:19:11.0136 0x14c8 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:19:11.0136 0x14c8 aspnet_state - ok
08:19:11.0183 0x14c8 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:19:11.0183 0x14c8 AsyncMac - ok
08:19:11.0230 0x14c8 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
08:19:11.0230 0x14c8 atapi - ok
08:19:11.0292 0x14c8 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:19:11.0339 0x14c8 AudioEndpointBuilder - ok
08:19:11.0354 0x14c8 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:19:11.0386 0x14c8 Audiosrv - ok
08:19:11.0432 0x14c8 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:19:11.0432 0x14c8 AxInstSV - ok
08:19:11.0479 0x14c8 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
08:19:11.0495 0x14c8 b06bdrv - ok
08:19:11.0573 0x14c8 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
08:19:11.0573 0x14c8 b57nd60x - ok
08:19:11.0651 0x14c8 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
08:19:11.0666 0x14c8 BDESVC - ok
08:19:11.0682 0x14c8 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
08:19:11.0682 0x14c8 Beep - ok
08:19:11.0744 0x14c8 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
08:19:11.0791 0x14c8 BFE - ok
08:19:11.0994 0x14c8 [ 69D90F57C6E40EA593F5E24AA586E4C4, 51DB6B08FFBBF563AF11DCDE28464FB5B317EEB45F33F881510FFB3ADFB8B754 ] BHDrvx86 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150706.001\BHDrvx86.sys
08:19:12.0025 0x14c8 BHDrvx86 - ok
08:19:12.0103 0x14c8 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
08:19:12.0150 0x14c8 BITS - ok
08:19:12.0197 0x14c8 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:19:12.0197 0x14c8 blbdrive - ok
08:19:12.0228 0x14c8 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:19:12.0228 0x14c8 bowser - ok
08:19:12.0259 0x14c8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:19:12.0259 0x14c8 BrFiltLo - ok
08:19:12.0275 0x14c8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:19:12.0275 0x14c8 BrFiltUp - ok
08:19:12.0322 0x14c8 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:19:12.0322 0x14c8 BridgeMP - ok
08:19:12.0368 0x14c8 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
08:19:12.0368 0x14c8 Browser - ok
08:19:12.0400 0x14c8 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:19:12.0415 0x14c8 Brserid - ok
08:19:12.0431 0x14c8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:19:12.0431 0x14c8 BrSerWdm - ok
08:19:12.0478 0x14c8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:19:12.0478 0x14c8 BrUsbMdm - ok
08:19:12.0509 0x14c8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:19:12.0509 0x14c8 BrUsbSer - ok
08:19:12.0540 0x14c8 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:19:12.0540 0x14c8 BTHMODEM - ok
08:19:12.0587 0x14c8 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
08:19:12.0587 0x14c8 bthserv - ok
08:19:12.0680 0x14c8 catchme - ok
08:19:12.0758 0x14c8 [ 2D63DABE3805F1C644494913DE285BC7, 87EC4A94F32DCC41EBFB2BDAC26C649A433DA41E42C2B516B08358FA3D341781 ] ccSet_N360 C:\Windows\system32\drivers\N360\1605000.07C\ccSetx86.sys
08:19:12.0758 0x14c8 ccSet_N360 - ok
08:19:12.0805 0x14c8 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:19:12.0805 0x14c8 cdfs - ok
08:19:12.0852 0x14c8 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:19:12.0868 0x14c8 cdrom - ok
08:19:12.0914 0x14c8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
08:19:12.0914 0x14c8 CertPropSvc - ok
08:19:12.0961 0x14c8 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:19:12.0961 0x14c8 circlass - ok
08:19:13.0008 0x14c8 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
08:19:13.0024 0x14c8 CLFS - ok
08:19:13.0102 0x14c8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:19:13.0102 0x14c8 clr_optimization_v2.0.50727_32 - ok
08:19:13.0148 0x14c8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:19:13.0148 0x14c8 clr_optimization_v4.0.30319_32 - ok
08:19:13.0195 0x14c8 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:19:13.0195 0x14c8 CmBatt - ok
08:19:13.0211 0x14c8 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:19:13.0211 0x14c8 cmdide - ok
08:19:13.0258 0x14c8 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
08:19:13.0289 0x14c8 CNG - ok
08:19:13.0351 0x14c8 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:19:13.0351 0x14c8 Compbatt - ok
08:19:13.0382 0x14c8 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:19:13.0382 0x14c8 CompositeBus - ok
08:19:13.0398 0x14c8 COMSysApp - ok
08:19:13.0398 0x14c8 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:19:13.0414 0x14c8 crcdisk - ok
08:19:13.0460 0x14c8 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:19:13.0460 0x14c8 CryptSvc - ok
08:19:13.0507 0x14c8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
08:19:13.0538 0x14c8 DcomLaunch - ok
08:19:13.0570 0x14c8 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
08:19:13.0585 0x14c8 defragsvc - ok
08:19:13.0616 0x14c8 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:19:13.0632 0x14c8 DfsC - ok
08:19:13.0679 0x14c8 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:19:13.0694 0x14c8 Dhcp - ok
08:19:13.0804 0x14c8 [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack C:\Windows\system32\diagtrack.dll
08:19:13.0897 0x14c8 DiagTrack - ok
08:19:13.0928 0x14c8 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
08:19:13.0928 0x14c8 discache - ok
08:19:13.0975 0x14c8 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:19:13.0975 0x14c8 Disk - ok
08:19:14.0022 0x14c8 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:19:14.0038 0x14c8 Dnscache - ok
08:19:14.0069 0x14c8 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
08:19:14.0084 0x14c8 dot3svc - ok
08:19:14.0116 0x14c8 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
08:19:14.0116 0x14c8 DPS - ok
08:19:14.0162 0x14c8 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:19:14.0162 0x14c8 drmkaud - ok
08:19:14.0209 0x14c8 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:19:14.0240 0x14c8 DXGKrnl - ok
08:19:14.0272 0x14c8 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
08:19:14.0272 0x14c8 EapHost - ok
08:19:14.0459 0x14c8 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
08:19:14.0615 0x14c8 ebdrv - ok
08:19:14.0724 0x14c8 [ 0CD77CB89473151E6A0201DA7B063EAC, ADE268EB7DE6A07327E74B5F89A087249C6BD5DDEDB7EA2745D54849FF2AF549 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
08:19:14.0740 0x14c8 eeCtrl - ok
08:19:14.0771 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] EFS C:\Windows\System32\lsass.exe
08:19:14.0771 0x14c8 EFS - ok
08:19:14.0864 0x14c8 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:19:14.0911 0x14c8 ehRecvr - ok
08:19:14.0942 0x14c8 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
08:19:14.0942 0x14c8 ehSched - ok
08:19:15.0005 0x14c8 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:19:15.0052 0x14c8 elxstor - ok
08:19:15.0130 0x14c8 [ 94DB911F59E7FA1806DC0408B5EF5720, 9E36A506B8FBE8F2998A4A01A621C33D16911FBBB3CE3C0A106072B456EDA179 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:19:15.0130 0x14c8 EraserUtilRebootDrv - ok
08:19:15.0176 0x14c8 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:19:15.0176 0x14c8 ErrDev - ok
08:19:15.0239 0x14c8 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
08:19:15.0254 0x14c8 EventSystem - ok
08:19:15.0286 0x14c8 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
08:19:15.0301 0x14c8 exfat - ok
08:19:15.0317 0x14c8 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:19:15.0332 0x14c8 fastfat - ok
08:19:15.0395 0x14c8 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
08:19:15.0457 0x14c8 Fax - ok
08:19:15.0488 0x14c8 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:19:15.0504 0x14c8 fdc - ok
08:19:15.0520 0x14c8 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
08:19:15.0520 0x14c8 fdPHost - ok
08:19:15.0551 0x14c8 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
08:19:15.0551 0x14c8 FDResPub - ok
08:19:15.0582 0x14c8 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:19:15.0582 0x14c8 FileInfo - ok
08:19:15.0598 0x14c8 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:19:15.0613 0x14c8 Filetrace - ok
08:19:15.0644 0x14c8 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:19:15.0644 0x14c8 flpydisk - ok
08:19:15.0660 0x14c8 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:19:15.0676 0x14c8 FltMgr - ok
08:19:15.0754 0x14c8 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache C:\Windows\system32\FntCache.dll
08:19:15.0800 0x14c8 FontCache - ok
08:19:15.0863 0x14c8 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:19:15.0878 0x14c8 FontCache3.0.0.0 - ok
08:19:15.0910 0x14c8 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:19:15.0910 0x14c8 FsDepends - ok
08:19:15.0941 0x14c8 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:19:15.0941 0x14c8 Fs_Rec - ok
08:19:15.0972 0x14c8 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:19:15.0988 0x14c8 fvevol - ok
08:19:16.0019 0x14c8 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:19:16.0019 0x14c8 gagp30kx - ok
08:19:16.0081 0x14c8 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
08:19:16.0159 0x14c8 gpsvc - ok
08:19:16.0237 0x14c8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:19:16.0237 0x14c8 gusvc - ok
08:19:16.0268 0x14c8 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:19:16.0268 0x14c8 hcw85cir - ok
08:19:16.0315 0x14c8 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:19:16.0346 0x14c8 HdAudAddService - ok
08:19:16.0378 0x14c8 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:19:16.0378 0x14c8 HDAudBus - ok
08:19:16.0409 0x14c8 [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
08:19:16.0409 0x14c8 HECI - ok
08:19:16.0440 0x14c8 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:19:16.0440 0x14c8 HidBatt - ok
08:19:16.0456 0x14c8 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:19:16.0456 0x14c8 HidBth - ok
08:19:16.0487 0x14c8 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:19:16.0502 0x14c8 HidIr - ok
08:19:16.0534 0x14c8 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
08:19:16.0534 0x14c8 hidserv - ok
08:19:16.0580 0x14c8 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
08:19:16.0580 0x14c8 HidUsb - ok
08:19:16.0612 0x14c8 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
08:19:16.0627 0x14c8 hkmsvc - ok
08:19:16.0658 0x14c8 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:19:16.0674 0x14c8 HomeGroupListener - ok
08:19:16.0705 0x14c8 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:19:16.0721 0x14c8 HomeGroupProvider - ok
08:19:16.0752 0x14c8 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:19:16.0768 0x14c8 HpSAMD - ok
08:19:16.0830 0x14c8 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:19:16.0877 0x14c8 HTTP - ok
08:19:16.0892 0x14c8 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:19:16.0908 0x14c8 hwpolicy - ok
08:19:16.0939 0x14c8 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:19:16.0939 0x14c8 i8042prt - ok
08:19:17.0002 0x14c8 [ D5EDB998656E6ECF1A17C78DAB019A3C, 59A6A658218CE098D28D2202DEE178973C91C5C008AE83391DD6EB64D97DA6A3 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
08:19:17.0017 0x14c8 iaStor - ok
08:19:17.0064 0x14c8 [ 7493EA4DE41348F7D3EDBF9DB298F56A, D40BE4E8D90B5F6EF0B16F3B9E9F63273FE558492A560CB291C7DE2864794CCB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:19:17.0064 0x14c8 IAStorDataMgrSvc - ok
08:19:17.0111 0x14c8 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:19:17.0142 0x14c8 iaStorV - ok
08:19:17.0220 0x14c8 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:19:17.0298 0x14c8 idsvc - ok
08:19:17.0392 0x14c8 [ BA459F9D857B493D29B01A1BD6C9167A, C9C085018629DE508BCC38DFCF4459057BEA015ECDEB69B8FCF8751A80AAC09D ] IDSVix86 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150706.001\IDSvix86.sys
08:19:17.0423 0x14c8 IDSVix86 - ok
08:19:17.0454 0x14c8 IEEtwCollectorService - ok
08:19:17.0860 0x14c8 [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
08:19:18.0250 0x14c8 igfx - ok
08:19:18.0281 0x14c8 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:19:18.0296 0x14c8 iirsp - ok
08:19:18.0359 0x14c8 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
08:19:18.0406 0x14c8 IKEEXT - ok
08:19:18.0452 0x14c8 [ 03C0D99BC2913226F1CEA7CB0D984659, DB42313E98D789634C83A1B8F90D815AA625A970E7C6D3B753386A94BBDAA3EE ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
08:19:18.0468 0x14c8 Impcd - ok
08:19:18.0640 0x14c8 [ 2A4EB3167A071A67D3F56E94663544EC, 0610929670CE2209995813473BB8380500763F328952E4DDDDAF9FF73379A294 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
08:19:18.0718 0x14c8 IntcAzAudAddService - ok
08:19:18.0764 0x14c8 [ 4EA6B57A3B71FD1A208AF054E97FBA37, 590AF022F02083996FA06187BE470CDEC11DA91BE077EA52B1415C048B8BE720 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:19:18.0780 0x14c8 IntcDAud - ok
08:19:18.0811 0x14c8 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
08:19:18.0811 0x14c8 intelide - ok
08:19:18.0858 0x14c8 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:19:18.0858 0x14c8 intelppm - ok
08:19:18.0889 0x14c8 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:19:18.0905 0x14c8 IPBusEnum - ok
08:19:18.0920 0x14c8 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:19:18.0920 0x14c8 IpFilterDriver - ok
08:19:18.0967 0x14c8 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:19:18.0998 0x14c8 iphlpsvc - ok
08:19:19.0030 0x14c8 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:19:19.0030 0x14c8 IPMIDRV - ok
08:19:19.0045 0x14c8 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:19:19.0061 0x14c8 IPNAT - ok
08:19:19.0092 0x14c8 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:19:19.0092 0x14c8 IRENUM - ok
08:19:19.0123 0x14c8 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:19:19.0123 0x14c8 isapnp - ok
08:19:19.0170 0x14c8 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:19:19.0186 0x14c8 iScsiPrt - ok
08:19:19.0201 0x14c8 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
08:19:19.0201 0x14c8 kbdclass - ok
08:19:19.0248 0x14c8 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:19:19.0248 0x14c8 kbdhid - ok
08:19:19.0264 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] KeyIso C:\Windows\system32\lsass.exe
08:19:19.0264 0x14c8 KeyIso - ok
08:19:19.0310 0x14c8 [ D8DF201E64B455DE473FEFD4A7A7AF0C, A6608EA1DD00AC280E655BF1C50067778FD0FCAF919F9C5C3F0B4AABFF54DA4B ] KMWDFilter C:\Windows\System32\Drivers\KMWDFilter.SYS
08:19:19.0310 0x14c8 KMWDFilter - ok
08:19:19.0373 0x14c8 [ 393B6C708B318C457317A32A1F45C545, 18A88519CB883169EEFECA0F8CA19DAD35D9201DFE00AF9230FEBD7C342395FC ] KMWDSERVICE C:\Program Files\Silvercrest NM1005 driver\KMWDSrv.exe
08:19:19.0388 0x14c8 KMWDSERVICE - ok
08:19:19.0420 0x14c8 [ 3C9D9DFCF517103677D7B6255C727B48, F03252C1EF131AC4FEB83983B7BB3BAAACE0EEB0B1CFA06D0E04A156D527A0FD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:19:19.0420 0x14c8 KSecDD - ok
08:19:19.0451 0x14c8 [ 0DFC56491C8B56A35AD52EAF770752FE, C887D6A06DD691DB6E6DC73D2ED0072FE5430F46F85111338196CF342C5892D0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:19:19.0451 0x14c8 KSecPkg - ok
08:19:19.0498 0x14c8 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
08:19:19.0529 0x14c8 KtmRm - ok
08:19:19.0591 0x14c8 [ 4566FD5F4416E7FEF3600E4B30D086C3, 8AF3E81D4BFE974D7419D1C7EFA7D2910AEA38A44C932A5EC83DAAAD995B7AB7 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
08:19:19.0591 0x14c8 L1C - ok
08:19:19.0638 0x14c8 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:19:19.0654 0x14c8 LanmanServer - ok
08:19:19.0685 0x14c8 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:19:19.0700 0x14c8 LanmanWorkstation - ok
08:19:19.0747 0x14c8 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:19:19.0747 0x14c8 lltdio - ok
08:19:19.0778 0x14c8 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:19:19.0794 0x14c8 lltdsvc - ok
08:19:19.0810 0x14c8 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:19:19.0810 0x14c8 lmhosts - ok
08:19:19.0888 0x14c8 [ 1E2F802846EB944E0333EFEE7C9532A8, 86EB59BF238E3DB8AF9E379B0BAE5AEC734C15598E665062B2E19C0A58BEF783 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:19:19.0903 0x14c8 LMS - ok
08:19:19.0966 0x14c8 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:19:19.0966 0x14c8 LSI_FC - ok
08:19:19.0997 0x14c8 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:19:20.0012 0x14c8 LSI_SAS - ok
08:19:20.0028 0x14c8 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:19:20.0044 0x14c8 LSI_SAS2 - ok
08:19:20.0075 0x14c8 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:19:20.0075 0x14c8 LSI_SCSI - ok
08:19:20.0106 0x14c8 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
08:19:20.0106 0x14c8 luafv - ok
08:19:20.0168 0x14c8 [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:19:20.0168 0x14c8 MBAMProtector - ok
08:19:20.0278 0x14c8 [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
08:19:20.0356 0x14c8 MBAMService - ok
08:19:20.0418 0x14c8 [ 167BCE00050B19DA25065335645A3C7A, 5CD3EA3E09B4ED318AB6151F56A17B0E4C8CE32DBB77342A39DEF53908F7D2F0 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
08:19:20.0418 0x14c8 MBAMWebAccessControl - ok
08:19:20.0465 0x14c8 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:19:20.0480 0x14c8 Mcx2Svc - ok
08:19:20.0496 0x14c8 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:19:20.0496 0x14c8 megasas - ok
08:19:20.0558 0x14c8 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:19:20.0590 0x14c8 MegaSR - ok
08:19:20.0621 0x14c8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
08:19:20.0621 0x14c8 MMCSS - ok
08:19:20.0699 0x14c8 [ 5B9CA81817E046666E7ABF8B9B101545, 6DD02C4C991198AC515847DAAEF7A3DF379636649FDB2623A0FBD8B51DADD523 ] mod7700 C:\Windows\system32\DRIVERS\mod7700.sys
08:19:20.0746 0x14c8 mod7700 - ok
08:19:20.0777 0x14c8 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
08:19:20.0777 0x14c8 Modem - ok
08:19:20.0792 0x14c8 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:19:20.0792 0x14c8 monitor - ok
08:19:20.0839 0x14c8 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\drivers\mouclass.sys
08:19:20.0855 0x14c8 mouclass - ok
08:19:20.0870 0x14c8 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:19:20.0870 0x14c8 mouhid - ok
08:19:20.0902 0x14c8 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:19:20.0902 0x14c8 mountmgr - ok
08:19:20.0948 0x14c8 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
08:19:20.0948 0x14c8 mpio - ok
08:19:20.0980 0x14c8 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:19:20.0980 0x14c8 mpsdrv - ok
08:19:21.0042 0x14c8 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:19:21.0104 0x14c8 MpsSvc - ok
08:19:21.0136 0x14c8 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:19:21.0136 0x14c8 MRxDAV - ok
08:19:21.0182 0x14c8 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:19:21.0182 0x14c8 mrxsmb - ok
08:19:21.0229 0x14c8 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:19:21.0229 0x14c8 mrxsmb10 - ok
08:19:21.0245 0x14c8 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:19:21.0260 0x14c8 mrxsmb20 - ok
08:19:21.0292 0x14c8 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
08:19:21.0292 0x14c8 msahci - ok
08:19:21.0307 0x14c8 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:19:21.0323 0x14c8 msdsm - ok
08:19:21.0354 0x14c8 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
08:19:21.0354 0x14c8 MSDTC - ok
08:19:21.0385 0x14c8 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:19:21.0401 0x14c8 Msfs - ok
08:19:21.0416 0x14c8 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:19:21.0416 0x14c8 mshidkmdf - ok
08:19:21.0448 0x14c8 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:19:21.0448 0x14c8 msisadrv - ok
08:19:21.0494 0x14c8 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:19:21.0510 0x14c8 MSiSCSI - ok
08:19:21.0510 0x14c8 msiserver - ok
08:19:21.0557 0x14c8 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:19:21.0557 0x14c8 MSKSSRV - ok
08:19:21.0588 0x14c8 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:19:21.0588 0x14c8 MSPCLOCK - ok
08:19:21.0604 0x14c8 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:19:21.0604 0x14c8 MSPQM - ok
08:19:21.0619 0x14c8 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:19:21.0635 0x14c8 MsRPC - ok
08:19:21.0666 0x14c8 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:19:21.0666 0x14c8 mssmbios - ok
08:19:21.0682 0x14c8 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:19:21.0682 0x14c8 MSTEE - ok
08:19:21.0713 0x14c8 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:19:21.0713 0x14c8 MTConfig - ok
08:19:21.0744 0x14c8 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
08:19:21.0744 0x14c8 Mup - ok
08:19:21.0916 0x14c8 [ ED3C7037BF8AEA20291C01B66078FF77, A052ED91C26746D236219785C1932394A769F0A34BCBDBE12B960484F532FB9D ] N360 C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe
08:19:21.0931 0x14c8 N360 - ok
08:19:21.0978 0x14c8 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
08:19:22.0025 0x14c8 napagent - ok
08:19:22.0072 0x14c8 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:19:22.0103 0x14c8 NativeWifiP - ok
08:19:22.0212 0x14c8 [ 18AD0AC87FF266B5E5616FCD6C577311, 8B97F1C95FDD650F14974CF16D8756CE5ABD9D8306D703C2AD5AC3BC6B6DF992 ] NAVENG C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150707.001\NAVENG.SYS
08:19:22.0212 0x14c8 NAVENG - ok
08:19:22.0321 0x14c8 [ 9EDB941A9FA181C4C3DEFF0A0559A056, 1EDC562955EE2D9A464F82A38F82555FE9021ABAC4B0DED99AE6E611EB750AF1 ] NAVEX15 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150707.001\NAVEX15.SYS
08:19:22.0368 0x14c8 NAVEX15 - ok
08:19:22.0425 0x14c8 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:19:22.0470 0x14c8 NDIS - ok
08:19:22.0495 0x14c8 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:19:22.0495 0x14c8 NdisCap - ok
08:19:22.0515 0x14c8 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:19:22.0515 0x14c8 NdisTapi - ok
08:19:22.0555 0x14c8 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:19:22.0560 0x14c8 Ndisuio - ok
08:19:22.0595 0x14c8 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:19:22.0605 0x14c8 NdisWan - ok
08:19:22.0620 0x14c8 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:19:22.0625 0x14c8 NDProxy - ok
08:19:22.0650 0x14c8 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:19:22.0655 0x14c8 NetBIOS - ok
08:19:22.0690 0x14c8 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:19:22.0700 0x14c8 NetBT - ok
08:19:22.0720 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] Netlogon C:\Windows\system32\lsass.exe
08:19:22.0725 0x14c8 Netlogon - ok
08:19:22.0765 0x14c8 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
08:19:22.0780 0x14c8 Netman - ok
08:19:22.0825 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0835 0x14c8 NetMsmqActivator - ok
08:19:22.0860 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0865 0x14c8 NetPipeActivator - ok
08:19:22.0915 0x14c8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
08:19:22.0950 0x14c8 netprofm - ok
08:19:22.0960 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0970 0x14c8 NetTcpActivator - ok
08:19:22.0980 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0990 0x14c8 NetTcpPortSharing - ok
08:19:23.0025 0x14c8 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:19:23.0030 0x14c8 nfrd960 - ok
08:19:23.0075 0x14c8 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:19:23.0090 0x14c8 NlaSvc - ok
08:19:23.0115 0x14c8 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:19:23.0120 0x14c8 Npfs - ok
08:19:23.0145 0x14c8 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
08:19:23.0150 0x14c8 nsi - ok
08:19:23.0160 0x14c8 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:19:23.0160 0x14c8 nsiproxy - ok
08:19:23.0250 0x14c8 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:19:23.0340 0x14c8 Ntfs - ok
08:19:23.0355 0x14c8 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
08:19:23.0360 0x14c8 Null - ok
08:19:23.0400 0x14c8 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:19:23.0410 0x14c8 nvraid - ok
08:19:23.0460 0x14c8 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:19:23.0470 0x14c8 nvstor - ok
08:19:23.0495 0x14c8 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:19:23.0500 0x14c8 nv_agp - ok
08:19:23.0535 0x14c8 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:19:23.0540 0x14c8 ohci1394 - ok
08:19:23.0585 0x14c8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:19:23.0605 0x14c8 p2pimsvc - ok
08:19:23.0645 0x14c8 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
08:19:23.0665 0x14c8 p2psvc - ok
08:19:23.0700 0x14c8 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:19:23.0705 0x14c8 Parport - ok
08:19:23.0740 0x14c8 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:19:23.0745 0x14c8 partmgr - ok
08:19:23.0770 0x14c8 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
08:19:23.0770 0x14c8 Parvdm - ok
08:19:23.0805 0x14c8 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
08:19:23.0815 0x14c8 PcaSvc - ok
08:19:23.0855 0x14c8 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
08:19:23.0865 0x14c8 pci - ok
08:19:23.0900 0x14c8 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
08:19:23.0900 0x14c8 pciide - ok
08:19:23.0940 0x14c8 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:19:23.0950 0x14c8 pcmcia - ok
08:19:23.0990 0x14c8 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
08:19:23.0990 0x14c8 pcw - ok
08:19:24.0050 0x14c8 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:19:24.0145 0x14c8 PEAUTH - ok
08:19:24.0290 0x14c8 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
08:19:24.0365 0x14c8 pla - ok
08:19:24.0430 0x14c8 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:19:24.0460 0x14c8 PlugPlay - ok
08:19:24.0495 0x14c8 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:19:24.0500 0x14c8 PNRPAutoReg - ok
08:19:24.0540 0x14c8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:19:24.0555 0x14c8 PNRPsvc - ok
08:19:24.0605 0x14c8 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:19:24.0625 0x14c8 PolicyAgent - ok
08:19:24.0660 0x14c8 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
08:19:24.0670 0x14c8 Power - ok
08:19:24.0710 0x14c8 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:19:24.0715 0x14c8 PptpMiniport - ok
08:19:24.0740 0x14c8 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:19:24.0745 0x14c8 Processor - ok
08:19:24.0770 0x14c8 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
08:19:24.0780 0x14c8 ProfSvc - ok
08:19:24.0795 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:19:24.0800 0x14c8 ProtectedStorage - ok
08:19:24.0830 0x14c8 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:19:24.0835 0x14c8 Psched - ok
08:19:24.0900 0x14c8 [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI C:\Windows\system32\DRIVERS\psi_mf_x86.sys
08:19:24.0900 0x14c8 PSI - ok
08:19:24.0940 0x14c8 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
08:19:24.0955 0x14c8 PSI_SVC_2 - ok
08:19:25.0065 0x14c8 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:19:25.0160 0x14c8 ql2300 - ok
08:19:25.0190 0x14c8 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:19:25.0195 0x14c8 ql40xx - ok
08:19:25.0235 0x14c8 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
08:19:25.0245 0x14c8 QWAVE - ok
08:19:25.0265 0x14c8 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:19:25.0265 0x14c8 QWAVEdrv - ok
08:19:25.0285 0x14c8 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:19:25.0285 0x14c8 RasAcd - ok
08:19:25.0305 0x14c8 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:19:25.0305 0x14c8 RasAgileVpn - ok
08:19:25.0335 0x14c8 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
08:19:25.0345 0x14c8 RasAuto - ok
08:19:25.0370 0x14c8 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:19:25.0375 0x14c8 Rasl2tp - ok
08:19:25.0430 0x14c8 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
08:19:25.0450 0x14c8 RasMan - ok
08:19:25.0475 0x14c8 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:19:25.0480 0x14c8 RasPppoe - ok
08:19:25.0500 0x14c8 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:19:25.0505 0x14c8 RasSstp - ok
08:19:25.0525 0x14c8 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:19:25.0540 0x14c8 rdbss - ok
08:19:25.0575 0x14c8 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:19:25.0575 0x14c8 rdpbus - ok
08:19:25.0605 0x14c8 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:19:25.0605 0x14c8 RDPCDD - ok
08:19:25.0630 0x14c8 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:19:25.0635 0x14c8 RDPENCDD - ok
08:19:25.0645 0x14c8 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:19:25.0645 0x14c8 RDPREFMP - ok
08:19:25.0680 0x14c8 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:19:25.0690 0x14c8 RDPWD - ok
08:19:25.0745 0x14c8 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:19:25.0755 0x14c8 rdyboost - ok
08:19:25.0790 0x14c8 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:19:25.0800 0x14c8 RemoteAccess - ok
08:19:25.0830 0x14c8 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:19:25.0840 0x14c8 RemoteRegistry - ok
08:19:25.0855 0x14c8 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:19:25.0860 0x14c8 RpcEptMapper - ok
08:19:25.0890 0x14c8 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
08:19:25.0890 0x14c8 RpcLocator - ok
08:19:25.0930 0x14c8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
08:19:25.0940 0x14c8 RpcSs - ok
08:19:25.0975 0x14c8 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:19:25.0975 0x14c8 rspndr - ok
08:19:26.0025 0x14c8 [ A633399432491BB173BB3CF3B41B9C55, B4AD5D5B3801D026BE3FC4EAB97543193A90C2262EE0EF82261670149FCB58C6 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
08:19:26.0035 0x14c8 RSUSBSTOR - ok
08:19:26.0115 0x14c8 [ 7AC9F43613CD0EE40BEBBF150FF3A189, C8260E36BE5E156936273FA3FE02C996C06740843E663AFCB1904E4976B37581 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
08:19:26.0145 0x14c8 rtl8192se - ok
08:19:26.0165 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] SamSs C:\Windows\system32\lsass.exe
08:19:26.0165 0x14c8 SamSs - ok
08:19:26.0210 0x14c8 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:19:26.0215 0x14c8 sbp2port - ok
08:19:26.0255 0x14c8 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:19:26.0270 0x14c8 SCardSvr - ok
08:19:26.0290 0x14c8 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:19:26.0295 0x14c8 scfilter - ok
08:19:26.0355 0x14c8 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
08:19:26.0410 0x14c8 Schedule - ok
08:19:26.0450 0x14c8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:19:26.0455 0x14c8 SCPolicySvc - ok
08:19:26.0490 0x14c8 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:19:26.0500 0x14c8 SDRSVC - ok
08:19:26.0535 0x14c8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:19:26.0540 0x14c8 secdrv - ok
08:19:26.0570 0x14c8 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
08:19:26.0575 0x14c8 seclogon - ok
08:19:26.0745 0x14c8 [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
08:19:26.0790 0x14c8 Secunia PSI Agent - ok
08:19:26.0910 0x14c8 [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
08:19:26.0975 0x14c8 Secunia Update Agent - ok
08:19:27.0000 0x14c8 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
08:19:27.0005 0x14c8 SENS - ok
08:19:27.0020 0x14c8 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:19:27.0025 0x14c8 SensrSvc - ok
08:19:27.0060 0x14c8 [ B97E1D0E59A128394F24E9F31E227EF2, 4E3349407522F31D60ACF0BDC050A02D646905048471C43E1A4CFDB31F0D7C64 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl.sys
08:19:27.0070 0x14c8 Ser2pl - ok
08:19:27.0085 0x14c8 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:19:27.0085 0x14c8 Serenum - ok
08:19:27.0095 0x14c8 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:19:27.0100 0x14c8 Serial - ok
08:19:27.0115 0x14c8 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:19:27.0120 0x14c8 sermouse - ok
08:19:27.0150 0x14c8 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
08:19:27.0155 0x14c8 SessionEnv - ok
08:19:27.0175 0x14c8 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:19:27.0175 0x14c8 sffdisk - ok
08:19:27.0190 0x14c8 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:19:27.0190 0x14c8 sffp_mmc - ok
08:19:27.0205 0x14c8 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:19:27.0205 0x14c8 sffp_sd - ok
08:19:27.0245 0x14c8 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:19:27.0250 0x14c8 sfloppy - ok
08:19:27.0285 0x14c8 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:19:27.0310 0x14c8 SharedAccess - ok
08:19:27.0345 0x14c8 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:19:27.0370 0x14c8 ShellHWDetection - ok
08:19:27.0390 0x14c8 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
08:19:27.0395 0x14c8 sisagp - ok
08:19:27.0420 0x14c8 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:19:27.0425 0x14c8 SiSRaid2 - ok
08:19:27.0465 0x14c8 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:19:27.0470 0x14c8 SiSRaid4 - ok
08:19:27.0500 0x14c8 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:19:27.0505 0x14c8 Smb - ok
08:19:27.0565 0x14c8 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:19:27.0570 0x14c8 SNMPTRAP - ok
08:19:27.0590 0x14c8 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
08:19:27.0590 0x14c8 spldr - ok
08:19:27.0625 0x14c8 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
08:19:27.0660 0x14c8 Spooler - ok
08:19:27.0820 0x14c8 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
08:19:27.0925 0x14c8 sppsvc - ok
08:19:27.0965 0x14c8 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:19:27.0975 0x14c8 sppuinotify - ok
08:19:28.0000 0x14c8 [ 1C63FE706AB797BC3C24813FF969B4DE, 7AD2016E1A8119B3E6063F8D065BA16D558E8DA4293604BE4CF7D1C493F5CEED ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys
08:19:28.0005 0x14c8 Spyder3 - ok
08:19:28.0170 0x14c8 [ F0910D9F11A5C1A32B05C8A5B3FB1571, 55E605DEE056966981E93F39BD7851C5F97949A7C6D9E3BEFC1933CB074C3F4D ] SRTSP C:\Windows\System32\Drivers\N360\1605000.07C\SRTSP.SYS
08:19:28.0195 0x14c8 SRTSP - ok
08:19:28.0215 0x14c8 [ 8360A8AF7AA0FCDC67C82FDEF7C38A4B, 9C74DC0B079C2ECD48D9DAD51269DE1DA3F9967EE2706BB39004B9984C4BB6CA ] SRTSPX C:\Windows\system32\drivers\N360\1605000.07C\SRTSPX.SYS
08:19:28.0215 0x14c8 SRTSPX - ok
08:19:28.0250 0x14c8 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:19:28.0265 0x14c8 srv - ok
08:19:28.0295 0x14c8 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:19:28.0305 0x14c8 srv2 - ok
08:19:28.0320 0x14c8 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:19:28.0325 0x14c8 srvnet - ok
08:19:28.0355 0x14c8 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:19:28.0360 0x14c8 SSDPSRV - ok
08:19:28.0380 0x14c8 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:19:28.0385 0x14c8 SstpSvc - ok
08:19:28.0400 0x14c8 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:19:28.0405 0x14c8 stexstor - ok
08:19:28.0452 0x14c8 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
08:19:28.0483 0x14c8 StiSvc - ok
08:19:28.0514 0x14c8 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
08:19:28.0514 0x14c8 swenum - ok
08:19:28.0545 0x14c8 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
08:19:28.0545 0x14c8 swprv - ok
08:19:28.0701 0x14c8 [ 1B92C102E6F6D28D9A4B86BE1160D6F0, 672D383D3396E9380E6E39839586D20EDC02C6E2EA4CDE9F3282F366B331E603 ] SymEFASI C:\Windows\system32\drivers\N360\1605000.07C\SYMEFASI.SYS
08:19:28.0764 0x14c8 SymEFASI - ok
08:19:28.0826 0x14c8 [ 3A6653DD91E159476409D567CB9D4708, D4F1D331D8A2455A03070B46A52FED10BC3FEF37750099F72CD35331CCE6B1DD ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
08:19:28.0826 0x14c8 SymEvent - ok
08:19:28.0873 0x14c8 [ D31541BE604898F04B86278010E834DE, E29D10BC138D0607EC9FC6ACCA6AEA1071FE41139F429499C3081C6A51C8C5DC ] SymIRON C:\Windows\system32\drivers\N360\1605000.07C\Ironx86.SYS
08:19:28.0888 0x14c8 SymIRON - ok
08:19:28.0966 0x14c8 [ 30DA051C81788C1091A70BF0E2989777, 4295EE071E5C5582D0A0D39F306D364497E04E88FEA749D048D0B094586FEFC6 ] SymNetS C:\Windows\System32\Drivers\N360\1605000.07C\SYMNETS.SYS
08:19:28.0982 0x14c8 SymNetS - ok
08:19:29.0029 0x14c8 [ D776EB85A20696D9D43129CCF6E703E2, F4C16C6EE09DA173A8FE3FD85E3F81E68AB4FF66D996FA3CCC47989052DD69C2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:19:29.0044 0x14c8 SynTP - ok
08:19:29.0138 0x14c8 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
08:19:29.0200 0x14c8 SysMain - ok
08:19:29.0247 0x14c8 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
08:19:29.0263 0x14c8 TabletInputService - ok
08:19:29.0294 0x14c8 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
08:19:29.0325 0x14c8 TapiSrv - ok
08:19:29.0356 0x14c8 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
08:19:29.0356 0x14c8 TBS - ok
08:19:29.0450 0x14c8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:19:29.0544 0x14c8 Tcpip - ok
08:19:29.0590 0x14c8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:19:29.0637 0x14c8 TCPIP6 - ok
08:19:29.0653 0x14c8 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:19:29.0653 0x14c8 tcpipreg - ok
08:19:29.0684 0x14c8 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:19:29.0684 0x14c8 TDPIPE - ok
08:19:29.0715 0x14c8 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:19:29.0715 0x14c8 TDTCP - ok
08:19:29.0746 0x14c8 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:19:29.0746 0x14c8 tdx - ok
08:19:29.0778 0x14c8 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:19:29.0778 0x14c8 TermDD - ok
08:19:29.0840 0x14c8 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
08:19:29.0887 0x14c8 TermService - ok
08:19:29.0934 0x14c8 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
08:19:29.0934 0x14c8 Themes - ok
08:19:29.0965 0x14c8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
08:19:29.0965 0x14c8 THREADORDER - ok
08:19:29.0996 0x14c8 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
08:19:29.0996 0x14c8 TrkWks - ok
08:19:30.0058 0x14c8 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:19:30.0074 0x14c8 TrustedInstaller - ok
08:19:30.0105 0x14c8 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:19:30.0105 0x14c8 tssecsrv - ok
08:19:30.0136 0x14c8 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:19:30.0136 0x14c8 TsUsbFlt - ok
08:19:30.0246 0x14c8 [ C1A64414DB4E49D41D9DF9359ED9369B, 9AD4971380D4B76089363A66E2CE220139DB6B5D96334CBCF2B7FAEDA3A386F0 ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
08:19:30.0292 0x14c8 TuneUp.Defrag - ok
08:19:30.0386 0x14c8 [ DC653CF2D70827C4EBC2B157DA25CF57, 2361101B2E5D15FB7E3690681E402C23E1A149442D1907D5C9DB8BEF19E70C29 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
08:19:30.0417 0x14c8 TuneUp.UtilitiesSvc - ok
08:19:30.0464 0x14c8 [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
08:19:30.0464 0x14c8 TuneUpUtilitiesDrv - ok
08:19:30.0511 0x14c8 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:19:30.0511 0x14c8 tunnel - ok
08:19:30.0542 0x14c8 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:19:30.0558 0x14c8 uagp35 - ok
08:19:30.0573 0x14c8 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:19:30.0589 0x14c8 udfs - ok
08:19:30.0620 0x14c8 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:19:30.0620 0x14c8 UI0Detect - ok
08:19:30.0667 0x14c8 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:19:30.0667 0x14c8 uliagpkx - ok
08:19:30.0714 0x14c8 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
08:19:30.0714 0x14c8 umbus - ok
08:19:30.0760 0x14c8 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:19:30.0760 0x14c8 UmPass - ok
08:19:30.0916 0x14c8 [ AF905F4966CFC8B973623AB150CD4B2B, E1BF0481A584C10AE4A927A01A1E6B76036C18FAF7AB38D9B78641F5808D9888 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:19:31.0041 0x14c8 UNS - ok
08:19:31.0072 0x14c8 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
08:19:31.0088 0x14c8 upnphost - ok
08:19:31.0119 0x14c8 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:19:31.0119 0x14c8 usbccgp - ok
08:19:31.0166 0x14c8 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:19:31.0166 0x14c8 usbcir - ok
08:19:31.0182 0x14c8 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:19:31.0182 0x14c8 usbehci - ok
08:19:31.0213 0x14c8 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:19:31.0228 0x14c8 usbhub - ok
08:19:31.0244 0x14c8 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:19:31.0244 0x14c8 usbohci - ok
08:19:31.0275 0x14c8 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:19:31.0275 0x14c8 usbprint - ok
08:19:31.0306 0x14c8 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:19:31.0322 0x14c8 USBSTOR - ok
08:19:31.0322 0x14c8 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:19:31.0322 0x14c8 usbuhci - ok
08:19:31.0353 0x14c8 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
08:19:31.0353 0x14c8 UxSms - ok
08:19:31.0400 0x14c8 [ DC2172ACCB384C6A3D59342050422102, 64B7CA9383FD3D6F4F6B5EC55E483C72D6BAF47BA4A3AF33F802E7A1DFDC359B ] UxTuneUp C:\Windows\System32\uxtuneup.dll
08:19:31.0416 0x14c8 UxTuneUp - ok
08:19:31.0431 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] VaultSvc C:\Windows\system32\lsass.exe
08:19:31.0431 0x14c8 VaultSvc - ok
08:19:31.0462 0x14c8 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:19:31.0462 0x14c8 vdrvroot - ok
08:19:31.0525 0x14c8 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
08:19:31.0587 0x14c8 vds - ok
08:19:31.0618 0x14c8 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:19:31.0618 0x14c8 vga - ok
08:19:31.0634 0x14c8 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:19:31.0634 0x14c8 VgaSave - ok
08:19:31.0665 0x14c8 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:19:31.0681 0x14c8 vhdmp - ok
08:19:31.0696 0x14c8 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
08:19:31.0696 0x14c8 viaagp - ok
08:19:31.0743 0x14c8 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
08:19:31.0743 0x14c8 ViaC7 - ok
08:19:31.0774 0x14c8 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
08:19:31.0774 0x14c8 viaide - ok
08:19:31.0806 0x14c8 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:19:31.0806 0x14c8 volmgr - ok
08:19:31.0868 0x14c8 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:19:31.0868 0x14c8 volmgrx - ok
08:19:31.0899 0x14c8 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:19:31.0915 0x14c8 volsnap - ok
08:19:31.0946 0x14c8 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:19:31.0946 0x14c8 vsmraid - ok
08:19:32.0024 0x14c8 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
08:19:32.0086 0x14c8 VSS - ok
08:19:32.0118 0x14c8 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:19:32.0118 0x14c8 vwifibus - ok
08:19:32.0149 0x14c8 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:19:32.0149 0x14c8 vwififlt - ok
08:19:32.0180 0x14c8 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
08:19:32.0196 0x14c8 W32Time - ok
08:19:32.0289 0x14c8 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
08:19:32.0320 0x14c8 W3SVC - ok
08:19:32.0352 0x14c8 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:19:32.0367 0x14c8 WacomPen - ok
08:19:32.0398 0x14c8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:19:32.0398 0x14c8 WANARP - ok
08:19:32.0398 0x14c8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:19:32.0414 0x14c8 Wanarpv6 - ok
08:19:32.0461 0x14c8 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
08:19:32.0476 0x14c8 WAS - ok
08:19:32.0554 0x14c8 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
08:19:32.0632 0x14c8 wbengine - ok
08:19:32.0664 0x14c8 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:19:32.0664 0x14c8 WbioSrvc - ok
08:19:32.0695 0x14c8 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:19:32.0710 0x14c8 wcncsvc - ok
08:19:32.0726 0x14c8 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:19:32.0726 0x14c8 WcsPlugInService - ok
08:19:32.0757 0x14c8 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:19:32.0757 0x14c8 Wd - ok
08:19:32.0820 0x14c8 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:19:32.0866 0x14c8 Wdf01000 - ok
08:19:32.0913 0x14c8 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:19:32.0913 0x14c8 WdiServiceHost - ok
08:19:32.0929 0x14c8 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:19:32.0929 0x14c8 WdiSystemHost - ok
08:19:32.0976 0x14c8 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
08:19:32.0991 0x14c8 WebClient - ok
08:19:33.0038 0x14c8 [ A0F28966756F161290B7320BAFD92CC8, F5D590792DBFB39FA57E59F900712FE672D2A67B5C7AB99E6913ECBD4EDE7D10 ] WebUpdate4 C:\Windows\system32\WebUpdateSvc4.exe
08:19:33.0054 0x14c8 WebUpdate4 - ok
08:19:33.0085 0x14c8 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:19:33.0100 0x14c8 Wecsvc - ok
08:19:33.0116 0x14c8 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:19:33.0132 0x14c8 wercplsupport - ok
08:19:33.0147 0x14c8 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
08:19:33.0163 0x14c8 WerSvc - ok
08:19:33.0194 0x14c8 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:19:33.0194 0x14c8 WfpLwf - ok
08:19:33.0210 0x14c8 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:19:33.0210 0x14c8 WIMMount - ok
08:19:33.0319 0x14c8 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
08:19:33.0381 0x14c8 WinDefend - ok
08:19:33.0397 0x14c8 WinHttpAutoProxySvc - ok
08:19:33.0490 0x14c8 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:19:33.0506 0x14c8 Winmgmt - ok
08:19:33.0600 0x14c8 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
08:19:33.0709 0x14c8 WinRM - ok
08:19:33.0802 0x14c8 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C, 235C7A41425846EFE4966490EB7F72AA768B3FE1665843BF58520DDBD6822A74 ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe
08:19:33.0802 0x14c8 WisLMSvc - ok
08:19:33.0880 0x14c8 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:19:33.0990 0x14c8 Wlansvc - ok
08:19:34.0036 0x14c8 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:19:34.0036 0x14c8 WmiAcpi - ok
08:19:34.0068 0x14c8 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:19:34.0083 0x14c8 wmiApSrv - ok
08:19:34.0192 0x14c8 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:19:34.0255 0x14c8 WMPNetworkSvc - ok
08:19:34.0286 0x14c8 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:19:34.0286 0x14c8 WPCSvc - ok
08:19:34.0317 0x14c8 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:19:34.0333 0x14c8 WPDBusEnum - ok
08:19:34.0364 0x14c8 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:19:34.0364 0x14c8 ws2ifsl - ok
08:19:34.0380 0x14c8 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
08:19:34.0380 0x14c8 wscsvc - ok
08:19:34.0395 0x14c8 WSearch - ok
08:19:34.0536 0x14c8 [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv C:\Windows\system32\wuaueng.dll
08:19:34.0660 0x14c8 wuauserv - ok
08:19:34.0692 0x14c8 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:19:34.0692 0x14c8 WudfPf - ok
08:19:34.0723 0x14c8 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:19:34.0738 0x14c8 wudfsvc - ok
08:19:34.0770 0x14c8 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
08:19:34.0785 0x14c8 WwanSvc - ok
08:19:34.0816 0x14c8 [ 1F93FCB5BAB3A921ECBA522F63586F4A, 0340B73DBC953B50572666EC603E87F253B9CEB9B0489A441A6A2171A04595D8 ] X10Hid C:\Windows\System32\Drivers\x10hid.sys
08:19:34.0816 0x14c8 X10Hid - ok
08:19:34.0863 0x14c8 [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
08:19:34.0863 0x14c8 x10nets - ok
08:19:34.0894 0x14c8 [ 378DC1B0B1F62A7488EE8D31A3C6E949, 8334CBC479797DC82551D38DFF1AEF5E41E4C6427D410C633DECC95C4FB84C0E ] XUIF C:\Windows\System32\Drivers\x10ufx2.sys
08:19:34.0894 0x14c8 XUIF - ok
08:19:34.0926 0x14c8 ================ Scan global ===============================
08:19:34.0957 0x14c8 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
08:19:34.0988 0x14c8 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
08:19:35.0019 0x14c8 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
08:19:35.0050 0x14c8 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
08:19:35.0097 0x14c8 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
08:19:35.0097 0x14c8 [ Global ] - ok
08:19:35.0097 0x14c8 ================ Scan MBR ==================================
08:19:35.0113 0x14c8 [ 8A1C59E4DFEF87510470928550466632 ] \Device\Harddisk0\DR0
08:19:38.0248 0x14c8 \Device\Harddisk0\DR0 - ok
08:19:38.0248 0x14c8 ================ Scan VBR ==================================
08:19:38.0248 0x14c8 [ 8C93A2D9E95CB4B1D841C00D39061704 ] \Device\Harddisk0\DR0\Partition1
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition1 - ok
08:19:38.0264 0x14c8 [ AD83B5DA10D3E8F55EF494AC8169BA32 ] \Device\Harddisk0\DR0\Partition2
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition2 - ok
08:19:38.0264 0x14c8 [ 9769CDCD7A7B1A6898FAAAF7C4A6A7FF ] \Device\Harddisk0\DR0\Partition3
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition3 - ok
08:19:38.0264 0x14c8 ================ Scan generic autorun ======================
08:19:38.0342 0x14c8 [ 852F12CA7C4FC7E3D77B606492435556, CCDA88794836D40701BF5B0A6872686DDE19C54AFCE6A954C9D83102BB12AEAF ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
08:19:38.0373 0x14c8 IAStorIcon - ok
08:19:38.0732 0x14c8 [ 750C7CEC215C3DACCBD52CF0AB80EC8F, 6086D9311529228CF3CC5DDFF1CF91D478AC16831572385E6930D15B19C3A727 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
08:19:39.0091 0x14c8 RtHDVCpl - ok
08:19:39.0138 0x14c8 [ 2F0ED11A907837A4F5393058AB4490D8, 62A2F9172712ABB2332461F50851D36649F48A3DC6058B073C4E6B01409EAF91 ] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
08:19:39.0169 0x14c8 RtHDVBg - ok
08:19:39.0184 0x14c8 [ 8D2851FC8807D456319C721AE3809824, 3AB40A5538C04CC536523E1AB890BBD4BA648134BB594B852EB8434DCE80632C ] C:\Program Files\Launch Manager\HotkeyApp.exe
08:19:39.0184 0x14c8 HotkeyApp - ok
08:19:39.0216 0x14c8 [ DFA1067EA4157BCCCFD48F052066A076, 5E5B60C20CFF1F3F9D45588B0E0AEB59C3F4C11089CCB52AA92890773BAA081F ] C:\Program Files\Launch Manager\OSD.exe
08:19:39.0216 0x14c8 LMgrVolOSD - ok
08:19:39.0247 0x14c8 [ 9A50FDA9859695E0938EB85E050BCAAF, 36026AF31C905EB9425275D553455FAE0724537F8C3287B8802E910BFE57046E ] C:\Program Files\Launch Manager\Wbutton.exe
08:19:39.0262 0x14c8 Wbutton - ok
08:19:39.0387 0x14c8 [ B2D2DB4C716665691816C77557AD685C, F8B919FED0B4E979DC3F39578D59CFB2D984AFBDD67A6A4D850F71930C28016D ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
08:19:39.0481 0x14c8 SynTPEnh - ok
08:19:39.0512 0x14c8 [ 1029B84ECBE4B95ACB8491A3FE63D70F, DF765BEE2B20800646F70B9E473B95F52457316CB331A3E0BF6974D827AB989D ] C:\Windows\system32\igfxtray.exe
08:19:39.0528 0x14c8 IgfxTray - ok
08:19:39.0543 0x14c8 [ 3CD5BBDA19A1AB4EBA359E0A14FDF0F0, 992E7322C86DA533F6DB9192427EBDC5A8F4D1A878F4B30A17ABD54656CFF6C1 ] C:\Windows\system32\hkcmd.exe
08:19:39.0559 0x14c8 HotKeysCmds - ok
08:19:39.0590 0x14c8 [ 3142195521FEE436088EE8A5748DE1B1, EE8E65977AA0EAC0BF48F7C4620946E48679F047EFC515D5F2E52EA4B88C5731 ] C:\Windows\system32\igfxpers.exe
08:19:39.0606 0x14c8 Persistence - ok
08:19:39.0668 0x14c8 [ E6DEED311D830678E1A0B4889F3C2F0E, 99D34ED089BCC653DE3941C179C4201CC7158F1E4CAE50604908DBB11ACB3905 ] C:\Program Files\Silvercrest NM1005 driver\StartAutorun.exe
08:19:39.0684 0x14c8 KMCONFIG - ok
08:19:39.0980 0x14c8 [ EE526B0428581B57FFC571FF57309E28, 1CF4DD251E78F2B67C4B1973E3378D6B87C5698EEC398CA4043621842ACC426C ] C:\Program Files\CCleaner\CCleaner.exe
08:19:40.0245 0x14c8 CCleaner Monitoring - ok
08:19:40.0354 0x14c8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
08:19:40.0448 0x14c8 Sidebar - ok
08:19:40.0479 0x14c8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
08:19:40.0479 0x14c8 mctadmin - ok
08:19:40.0495 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:41.0509 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:42.0523 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:43.0552 0x14c8 AV detected via SS2: Norton 360 Premier, C:\Program Files\Norton 360\Engine\22.5.0.124\WSCStub.exe ( 22.5.0.0 ), 0x50000 ( disabled : updated )
08:19:43.0552 0x14c8 FW detected via SS2: Norton 360 Premier, C:\Program Files\Norton 360\Engine\22.5.0.124\WSCStub.exe ( 22.5.0.0 ), 0x50010 ( disabled )
08:19:43.0568 0x14c8 Win FW state via NFP2: enabled
08:19:46.0017 0x14c8 ============================================================
08:19:46.0017 0x14c8 Scan finished
08:19:46.0017 0x14c8 ============================================================
08:19:46.0033 0x14c0 Detected object count: 0
08:19:46.0033 0x14c0 Actual detected object count: 0

Frusti 08.07.2015 07:50
Sorry, ich habe "Quote" vergessen. Also nochmal:

--> Die Prozedur ist für einen "Halblaien" schon recht bis sehr aufwendig!!!



Zitat:
Wie gesagt, sollte bereits aus der Datenbank von JRT draußen sein....
Kann nicht sein, ich habe kein Heimnetzwerk, Laptop und PC sind isoliert - "TuneUp' ist also auf dem Laptop NOCH drauf!! - Und ich würde es sehr gerne auch drauflassen und nicht ungewollt löschen. Kriegen wir das hin?


============================
===========================

Zitat:
08:18:42.0713 0x148c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
08:18:48.0157 0x148c ============================================================
08:18:48.0157 0x148c Current date / time: 2015/07/08 08:18:48.0157
08:18:48.0157 0x148c SystemInfo:
08:18:48.0157 0x148c
08:18:48.0157 0x148c OS Version: 6.1.7601 ServicePack: 1.0
08:18:48.0157 0x148c Product type: Workstation
08:18:48.0157 0x148c ComputerName: PC
08:18:48.0157 0x148c UserName: GHM
08:18:48.0157 0x148c Windows directory: C:\Windows
08:18:48.0157 0x148c System windows directory: C:\Windows
08:18:48.0157 0x148c Processor architecture: Intel x86
08:18:48.0157 0x148c Number of processors: 4
08:18:48.0157 0x148c Page size: 0x1000
08:18:48.0157 0x148c Boot type: Normal boot
08:18:48.0157 0x148c ============================================================
08:18:48.0469 0x148c KLMD registered as C:\Windows\system32\drivers\14673167.sys
08:18:48.0766 0x148c System UUID: {4ECAA060-4151-19AE-4A30-A0627BFFA00F}
08:18:49.0280 0x148c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:18:49.0280 0x148c ============================================================
08:18:49.0280 0x148c \Device\Harddisk0\DR0:
08:18:49.0280 0x148c MBR partitions:
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x35152000
08:18:49.0280 0x148c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x35184800, BlocksNum 0x5000000
08:18:49.0280 0x148c ============================================================
08:18:49.0312 0x148c C: <-> \Device\Harddisk0\DR0\Partition2
08:18:49.0358 0x148c D: <-> \Device\Harddisk0\DR0\Partition3
08:18:49.0358 0x148c ============================================================
08:18:49.0358 0x148c Initialize success
08:18:49.0358 0x148c ============================================================
08:18:53.0258 0x14c8 ============================================================
08:18:53.0258 0x14c8 Scan started
08:18:53.0258 0x14c8 Mode: Manual;
08:18:53.0258 0x14c8 ============================================================
08:18:53.0258 0x14c8 KSN ping started
08:19:08.0656 0x14c8 KSN ping finished: true
08:19:09.0295 0x14c8 ================ Scan system memory ========================
08:19:09.0295 0x14c8 System memory - ok
08:19:09.0295 0x14c8 ================ Scan services =============================
08:19:09.0529 0x14c8 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:19:09.0545 0x14c8 1394ohci - ok
08:19:09.0623 0x14c8 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:19:09.0638 0x14c8 ACPI - ok
08:19:09.0670 0x14c8 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:19:09.0670 0x14c8 AcpiPmi - ok
08:19:09.0794 0x14c8 [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:19:09.0810 0x14c8 AdobeARMservice - ok
08:19:09.0888 0x14c8 [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:19:09.0919 0x14c8 AdobeFlashPlayerUpdateSvc - ok
08:19:09.0997 0x14c8 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:19:10.0044 0x14c8 adp94xx - ok
08:19:10.0106 0x14c8 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:19:10.0138 0x14c8 adpahci - ok
08:19:10.0216 0x14c8 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:19:10.0216 0x14c8 adpu320 - ok
08:19:10.0262 0x14c8 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:19:10.0278 0x14c8 AeLookupSvc - ok
08:19:10.0325 0x14c8 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
08:19:10.0372 0x14c8 AFD - ok
08:19:10.0387 0x14c8 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
08:19:10.0403 0x14c8 agp440 - ok
08:19:10.0434 0x14c8 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
08:19:10.0450 0x14c8 aic78xx - ok
08:19:10.0496 0x14c8 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
08:19:10.0496 0x14c8 ALG - ok
08:19:10.0512 0x14c8 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
08:19:10.0528 0x14c8 aliide - ok
08:19:10.0543 0x14c8 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
08:19:10.0543 0x14c8 amdagp - ok
08:19:10.0574 0x14c8 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
08:19:10.0590 0x14c8 amdide - ok
08:19:10.0606 0x14c8 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:19:10.0621 0x14c8 AmdK8 - ok
08:19:10.0621 0x14c8 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:19:10.0637 0x14c8 AmdPPM - ok
08:19:10.0668 0x14c8 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:19:10.0684 0x14c8 amdsata - ok
08:19:10.0699 0x14c8 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:19:10.0699 0x14c8 amdsbs - ok
08:19:10.0730 0x14c8 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:19:10.0730 0x14c8 amdxata - ok
08:19:10.0793 0x14c8 [ D1AF38FBAC0DC7E6D796B0ED01707EE0, FAFD2C36594A1628293E7623C8CAB2D47EDF8C6C0E18CC2FB37F9A6CA1F0E57C ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
08:19:10.0793 0x14c8 AppHostSvc - ok
08:19:10.0824 0x14c8 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
08:19:10.0824 0x14c8 AppID - ok
08:19:10.0871 0x14c8 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:19:10.0886 0x14c8 AppIDSvc - ok
08:19:10.0918 0x14c8 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
08:19:10.0918 0x14c8 Appinfo - ok
08:19:10.0964 0x14c8 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
08:19:10.0964 0x14c8 arc - ok
08:19:11.0011 0x14c8 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:19:11.0011 0x14c8 arcsas - ok
08:19:11.0136 0x14c8 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:19:11.0136 0x14c8 aspnet_state - ok
08:19:11.0183 0x14c8 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:19:11.0183 0x14c8 AsyncMac - ok
08:19:11.0230 0x14c8 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
08:19:11.0230 0x14c8 atapi - ok
08:19:11.0292 0x14c8 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:19:11.0339 0x14c8 AudioEndpointBuilder - ok
08:19:11.0354 0x14c8 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:19:11.0386 0x14c8 Audiosrv - ok
08:19:11.0432 0x14c8 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:19:11.0432 0x14c8 AxInstSV - ok
08:19:11.0479 0x14c8 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
08:19:11.0495 0x14c8 b06bdrv - ok
08:19:11.0573 0x14c8 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
08:19:11.0573 0x14c8 b57nd60x - ok
08:19:11.0651 0x14c8 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
08:19:11.0666 0x14c8 BDESVC - ok
08:19:11.0682 0x14c8 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
08:19:11.0682 0x14c8 Beep - ok
08:19:11.0744 0x14c8 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
08:19:11.0791 0x14c8 BFE - ok
08:19:11.0994 0x14c8 [ 69D90F57C6E40EA593F5E24AA586E4C4, 51DB6B08FFBBF563AF11DCDE28464FB5B317EEB45F33F881510FFB3ADFB8B754 ] BHDrvx86 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150706.001\BHDrvx86.sys
08:19:12.0025 0x14c8 BHDrvx86 - ok
08:19:12.0103 0x14c8 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
08:19:12.0150 0x14c8 BITS - ok
08:19:12.0197 0x14c8 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:19:12.0197 0x14c8 blbdrive - ok
08:19:12.0228 0x14c8 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:19:12.0228 0x14c8 bowser - ok
08:19:12.0259 0x14c8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:19:12.0259 0x14c8 BrFiltLo - ok
08:19:12.0275 0x14c8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:19:12.0275 0x14c8 BrFiltUp - ok
08:19:12.0322 0x14c8 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:19:12.0322 0x14c8 BridgeMP - ok
08:19:12.0368 0x14c8 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
08:19:12.0368 0x14c8 Browser - ok
08:19:12.0400 0x14c8 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:19:12.0415 0x14c8 Brserid - ok
08:19:12.0431 0x14c8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:19:12.0431 0x14c8 BrSerWdm - ok
08:19:12.0478 0x14c8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:19:12.0478 0x14c8 BrUsbMdm - ok
08:19:12.0509 0x14c8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:19:12.0509 0x14c8 BrUsbSer - ok
08:19:12.0540 0x14c8 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:19:12.0540 0x14c8 BTHMODEM - ok
08:19:12.0587 0x14c8 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
08:19:12.0587 0x14c8 bthserv - ok
08:19:12.0680 0x14c8 catchme - ok
08:19:12.0758 0x14c8 [ 2D63DABE3805F1C644494913DE285BC7, 87EC4A94F32DCC41EBFB2BDAC26C649A433DA41E42C2B516B08358FA3D341781 ] ccSet_N360 C:\Windows\system32\drivers\N360\1605000.07C\ccSetx86.sys
08:19:12.0758 0x14c8 ccSet_N360 - ok
08:19:12.0805 0x14c8 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:19:12.0805 0x14c8 cdfs - ok
08:19:12.0852 0x14c8 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:19:12.0868 0x14c8 cdrom - ok
08:19:12.0914 0x14c8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
08:19:12.0914 0x14c8 CertPropSvc - ok
08:19:12.0961 0x14c8 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:19:12.0961 0x14c8 circlass - ok
08:19:13.0008 0x14c8 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
08:19:13.0024 0x14c8 CLFS - ok
08:19:13.0102 0x14c8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:19:13.0102 0x14c8 clr_optimization_v2.0.50727_32 - ok
08:19:13.0148 0x14c8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:19:13.0148 0x14c8 clr_optimization_v4.0.30319_32 - ok
08:19:13.0195 0x14c8 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:19:13.0195 0x14c8 CmBatt - ok
08:19:13.0211 0x14c8 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:19:13.0211 0x14c8 cmdide - ok
08:19:13.0258 0x14c8 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
08:19:13.0289 0x14c8 CNG - ok
08:19:13.0351 0x14c8 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:19:13.0351 0x14c8 Compbatt - ok
08:19:13.0382 0x14c8 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:19:13.0382 0x14c8 CompositeBus - ok
08:19:13.0398 0x14c8 COMSysApp - ok
08:19:13.0398 0x14c8 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:19:13.0414 0x14c8 crcdisk - ok
08:19:13.0460 0x14c8 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:19:13.0460 0x14c8 CryptSvc - ok
08:19:13.0507 0x14c8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
08:19:13.0538 0x14c8 DcomLaunch - ok
08:19:13.0570 0x14c8 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
08:19:13.0585 0x14c8 defragsvc - ok
08:19:13.0616 0x14c8 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:19:13.0632 0x14c8 DfsC - ok
08:19:13.0679 0x14c8 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:19:13.0694 0x14c8 Dhcp - ok
08:19:13.0804 0x14c8 [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack C:\Windows\system32\diagtrack.dll
08:19:13.0897 0x14c8 DiagTrack - ok
08:19:13.0928 0x14c8 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
08:19:13.0928 0x14c8 discache - ok
08:19:13.0975 0x14c8 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:19:13.0975 0x14c8 Disk - ok
08:19:14.0022 0x14c8 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:19:14.0038 0x14c8 Dnscache - ok
08:19:14.0069 0x14c8 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
08:19:14.0084 0x14c8 dot3svc - ok
08:19:14.0116 0x14c8 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
08:19:14.0116 0x14c8 DPS - ok
08:19:14.0162 0x14c8 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:19:14.0162 0x14c8 drmkaud - ok
08:19:14.0209 0x14c8 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:19:14.0240 0x14c8 DXGKrnl - ok
08:19:14.0272 0x14c8 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
08:19:14.0272 0x14c8 EapHost - ok
08:19:14.0459 0x14c8 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
08:19:14.0615 0x14c8 ebdrv - ok
08:19:14.0724 0x14c8 [ 0CD77CB89473151E6A0201DA7B063EAC, ADE268EB7DE6A07327E74B5F89A087249C6BD5DDEDB7EA2745D54849FF2AF549 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
08:19:14.0740 0x14c8 eeCtrl - ok
08:19:14.0771 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] EFS C:\Windows\System32\lsass.exe
08:19:14.0771 0x14c8 EFS - ok
08:19:14.0864 0x14c8 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:19:14.0911 0x14c8 ehRecvr - ok
08:19:14.0942 0x14c8 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
08:19:14.0942 0x14c8 ehSched - ok
08:19:15.0005 0x14c8 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:19:15.0052 0x14c8 elxstor - ok
08:19:15.0130 0x14c8 [ 94DB911F59E7FA1806DC0408B5EF5720, 9E36A506B8FBE8F2998A4A01A621C33D16911FBBB3CE3C0A106072B456EDA179 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:19:15.0130 0x14c8 EraserUtilRebootDrv - ok
08:19:15.0176 0x14c8 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:19:15.0176 0x14c8 ErrDev - ok
08:19:15.0239 0x14c8 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
08:19:15.0254 0x14c8 EventSystem - ok
08:19:15.0286 0x14c8 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
08:19:15.0301 0x14c8 exfat - ok
08:19:15.0317 0x14c8 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:19:15.0332 0x14c8 fastfat - ok
08:19:15.0395 0x14c8 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
08:19:15.0457 0x14c8 Fax - ok
08:19:15.0488 0x14c8 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:19:15.0504 0x14c8 fdc - ok
08:19:15.0520 0x14c8 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
08:19:15.0520 0x14c8 fdPHost - ok
08:19:15.0551 0x14c8 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
08:19:15.0551 0x14c8 FDResPub - ok
08:19:15.0582 0x14c8 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:19:15.0582 0x14c8 FileInfo - ok
08:19:15.0598 0x14c8 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:19:15.0613 0x14c8 Filetrace - ok
08:19:15.0644 0x14c8 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:19:15.0644 0x14c8 flpydisk - ok
08:19:15.0660 0x14c8 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:19:15.0676 0x14c8 FltMgr - ok
08:19:15.0754 0x14c8 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache C:\Windows\system32\FntCache.dll
08:19:15.0800 0x14c8 FontCache - ok
08:19:15.0863 0x14c8 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:19:15.0878 0x14c8 FontCache3.0.0.0 - ok
08:19:15.0910 0x14c8 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:19:15.0910 0x14c8 FsDepends - ok
08:19:15.0941 0x14c8 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:19:15.0941 0x14c8 Fs_Rec - ok
08:19:15.0972 0x14c8 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:19:15.0988 0x14c8 fvevol - ok
08:19:16.0019 0x14c8 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:19:16.0019 0x14c8 gagp30kx - ok
08:19:16.0081 0x14c8 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
08:19:16.0159 0x14c8 gpsvc - ok
08:19:16.0237 0x14c8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:19:16.0237 0x14c8 gusvc - ok
08:19:16.0268 0x14c8 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:19:16.0268 0x14c8 hcw85cir - ok
08:19:16.0315 0x14c8 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:19:16.0346 0x14c8 HdAudAddService - ok
08:19:16.0378 0x14c8 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:19:16.0378 0x14c8 HDAudBus - ok
08:19:16.0409 0x14c8 [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
08:19:16.0409 0x14c8 HECI - ok
08:19:16.0440 0x14c8 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:19:16.0440 0x14c8 HidBatt - ok
08:19:16.0456 0x14c8 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:19:16.0456 0x14c8 HidBth - ok
08:19:16.0487 0x14c8 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:19:16.0502 0x14c8 HidIr - ok
08:19:16.0534 0x14c8 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
08:19:16.0534 0x14c8 hidserv - ok
08:19:16.0580 0x14c8 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
08:19:16.0580 0x14c8 HidUsb - ok
08:19:16.0612 0x14c8 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
08:19:16.0627 0x14c8 hkmsvc - ok
08:19:16.0658 0x14c8 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:19:16.0674 0x14c8 HomeGroupListener - ok
08:19:16.0705 0x14c8 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:19:16.0721 0x14c8 HomeGroupProvider - ok
08:19:16.0752 0x14c8 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:19:16.0768 0x14c8 HpSAMD - ok
08:19:16.0830 0x14c8 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:19:16.0877 0x14c8 HTTP - ok
08:19:16.0892 0x14c8 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:19:16.0908 0x14c8 hwpolicy - ok
08:19:16.0939 0x14c8 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:19:16.0939 0x14c8 i8042prt - ok
08:19:17.0002 0x14c8 [ D5EDB998656E6ECF1A17C78DAB019A3C, 59A6A658218CE098D28D2202DEE178973C91C5C008AE83391DD6EB64D97DA6A3 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
08:19:17.0017 0x14c8 iaStor - ok
08:19:17.0064 0x14c8 [ 7493EA4DE41348F7D3EDBF9DB298F56A, D40BE4E8D90B5F6EF0B16F3B9E9F63273FE558492A560CB291C7DE2864794CCB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:19:17.0064 0x14c8 IAStorDataMgrSvc - ok
08:19:17.0111 0x14c8 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:19:17.0142 0x14c8 iaStorV - ok
08:19:17.0220 0x14c8 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:19:17.0298 0x14c8 idsvc - ok
08:19:17.0392 0x14c8 [ BA459F9D857B493D29B01A1BD6C9167A, C9C085018629DE508BCC38DFCF4459057BEA015ECDEB69B8FCF8751A80AAC09D ] IDSVix86 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150706.001\IDSvix86.sys
08:19:17.0423 0x14c8 IDSVix86 - ok
08:19:17.0454 0x14c8 IEEtwCollectorService - ok
08:19:17.0860 0x14c8 [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
08:19:18.0250 0x14c8 igfx - ok
08:19:18.0281 0x14c8 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:19:18.0296 0x14c8 iirsp - ok
08:19:18.0359 0x14c8 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
08:19:18.0406 0x14c8 IKEEXT - ok
08:19:18.0452 0x14c8 [ 03C0D99BC2913226F1CEA7CB0D984659, DB42313E98D789634C83A1B8F90D815AA625A970E7C6D3B753386A94BBDAA3EE ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
08:19:18.0468 0x14c8 Impcd - ok
08:19:18.0640 0x14c8 [ 2A4EB3167A071A67D3F56E94663544EC, 0610929670CE2209995813473BB8380500763F328952E4DDDDAF9FF73379A294 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
08:19:18.0718 0x14c8 IntcAzAudAddService - ok
08:19:18.0764 0x14c8 [ 4EA6B57A3B71FD1A208AF054E97FBA37, 590AF022F02083996FA06187BE470CDEC11DA91BE077EA52B1415C048B8BE720 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:19:18.0780 0x14c8 IntcDAud - ok
08:19:18.0811 0x14c8 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
08:19:18.0811 0x14c8 intelide - ok
08:19:18.0858 0x14c8 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:19:18.0858 0x14c8 intelppm - ok
08:19:18.0889 0x14c8 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:19:18.0905 0x14c8 IPBusEnum - ok
08:19:18.0920 0x14c8 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:19:18.0920 0x14c8 IpFilterDriver - ok
08:19:18.0967 0x14c8 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:19:18.0998 0x14c8 iphlpsvc - ok
08:19:19.0030 0x14c8 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:19:19.0030 0x14c8 IPMIDRV - ok
08:19:19.0045 0x14c8 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:19:19.0061 0x14c8 IPNAT - ok
08:19:19.0092 0x14c8 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:19:19.0092 0x14c8 IRENUM - ok
08:19:19.0123 0x14c8 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:19:19.0123 0x14c8 isapnp - ok
08:19:19.0170 0x14c8 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:19:19.0186 0x14c8 iScsiPrt - ok
08:19:19.0201 0x14c8 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
08:19:19.0201 0x14c8 kbdclass - ok
08:19:19.0248 0x14c8 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:19:19.0248 0x14c8 kbdhid - ok
08:19:19.0264 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] KeyIso C:\Windows\system32\lsass.exe
08:19:19.0264 0x14c8 KeyIso - ok
08:19:19.0310 0x14c8 [ D8DF201E64B455DE473FEFD4A7A7AF0C, A6608EA1DD00AC280E655BF1C50067778FD0FCAF919F9C5C3F0B4AABFF54DA4B ] KMWDFilter C:\Windows\System32\Drivers\KMWDFilter.SYS
08:19:19.0310 0x14c8 KMWDFilter - ok
08:19:19.0373 0x14c8 [ 393B6C708B318C457317A32A1F45C545, 18A88519CB883169EEFECA0F8CA19DAD35D9201DFE00AF9230FEBD7C342395FC ] KMWDSERVICE C:\Program Files\Silvercrest NM1005 driver\KMWDSrv.exe
08:19:19.0388 0x14c8 KMWDSERVICE - ok
08:19:19.0420 0x14c8 [ 3C9D9DFCF517103677D7B6255C727B48, F03252C1EF131AC4FEB83983B7BB3BAAACE0EEB0B1CFA06D0E04A156D527A0FD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:19:19.0420 0x14c8 KSecDD - ok
08:19:19.0451 0x14c8 [ 0DFC56491C8B56A35AD52EAF770752FE, C887D6A06DD691DB6E6DC73D2ED0072FE5430F46F85111338196CF342C5892D0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:19:19.0451 0x14c8 KSecPkg - ok
08:19:19.0498 0x14c8 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
08:19:19.0529 0x14c8 KtmRm - ok
08:19:19.0591 0x14c8 [ 4566FD5F4416E7FEF3600E4B30D086C3, 8AF3E81D4BFE974D7419D1C7EFA7D2910AEA38A44C932A5EC83DAAAD995B7AB7 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
08:19:19.0591 0x14c8 L1C - ok
08:19:19.0638 0x14c8 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:19:19.0654 0x14c8 LanmanServer - ok
08:19:19.0685 0x14c8 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:19:19.0700 0x14c8 LanmanWorkstation - ok
08:19:19.0747 0x14c8 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:19:19.0747 0x14c8 lltdio - ok
08:19:19.0778 0x14c8 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:19:19.0794 0x14c8 lltdsvc - ok
08:19:19.0810 0x14c8 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:19:19.0810 0x14c8 lmhosts - ok
08:19:19.0888 0x14c8 [ 1E2F802846EB944E0333EFEE7C9532A8, 86EB59BF238E3DB8AF9E379B0BAE5AEC734C15598E665062B2E19C0A58BEF783 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:19:19.0903 0x14c8 LMS - ok
08:19:19.0966 0x14c8 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:19:19.0966 0x14c8 LSI_FC - ok
08:19:19.0997 0x14c8 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:19:20.0012 0x14c8 LSI_SAS - ok
08:19:20.0028 0x14c8 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:19:20.0044 0x14c8 LSI_SAS2 - ok
08:19:20.0075 0x14c8 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:19:20.0075 0x14c8 LSI_SCSI - ok
08:19:20.0106 0x14c8 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
08:19:20.0106 0x14c8 luafv - ok
08:19:20.0168 0x14c8 [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:19:20.0168 0x14c8 MBAMProtector - ok
08:19:20.0278 0x14c8 [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
08:19:20.0356 0x14c8 MBAMService - ok
08:19:20.0418 0x14c8 [ 167BCE00050B19DA25065335645A3C7A, 5CD3EA3E09B4ED318AB6151F56A17B0E4C8CE32DBB77342A39DEF53908F7D2F0 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
08:19:20.0418 0x14c8 MBAMWebAccessControl - ok
08:19:20.0465 0x14c8 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:19:20.0480 0x14c8 Mcx2Svc - ok
08:19:20.0496 0x14c8 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:19:20.0496 0x14c8 megasas - ok
08:19:20.0558 0x14c8 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:19:20.0590 0x14c8 MegaSR - ok
08:19:20.0621 0x14c8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
08:19:20.0621 0x14c8 MMCSS - ok
08:19:20.0699 0x14c8 [ 5B9CA81817E046666E7ABF8B9B101545, 6DD02C4C991198AC515847DAAEF7A3DF379636649FDB2623A0FBD8B51DADD523 ] mod7700 C:\Windows\system32\DRIVERS\mod7700.sys
08:19:20.0746 0x14c8 mod7700 - ok
08:19:20.0777 0x14c8 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
08:19:20.0777 0x14c8 Modem - ok
08:19:20.0792 0x14c8 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:19:20.0792 0x14c8 monitor - ok
08:19:20.0839 0x14c8 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\drivers\mouclass.sys
08:19:20.0855 0x14c8 mouclass - ok
08:19:20.0870 0x14c8 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:19:20.0870 0x14c8 mouhid - ok
08:19:20.0902 0x14c8 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:19:20.0902 0x14c8 mountmgr - ok
08:19:20.0948 0x14c8 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
08:19:20.0948 0x14c8 mpio - ok
08:19:20.0980 0x14c8 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:19:20.0980 0x14c8 mpsdrv - ok
08:19:21.0042 0x14c8 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:19:21.0104 0x14c8 MpsSvc - ok
08:19:21.0136 0x14c8 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:19:21.0136 0x14c8 MRxDAV - ok
08:19:21.0182 0x14c8 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:19:21.0182 0x14c8 mrxsmb - ok
08:19:21.0229 0x14c8 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:19:21.0229 0x14c8 mrxsmb10 - ok
08:19:21.0245 0x14c8 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:19:21.0260 0x14c8 mrxsmb20 - ok
08:19:21.0292 0x14c8 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
08:19:21.0292 0x14c8 msahci - ok
08:19:21.0307 0x14c8 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:19:21.0323 0x14c8 msdsm - ok
08:19:21.0354 0x14c8 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
08:19:21.0354 0x14c8 MSDTC - ok
08:19:21.0385 0x14c8 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:19:21.0401 0x14c8 Msfs - ok
08:19:21.0416 0x14c8 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:19:21.0416 0x14c8 mshidkmdf - ok
08:19:21.0448 0x14c8 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:19:21.0448 0x14c8 msisadrv - ok
08:19:21.0494 0x14c8 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:19:21.0510 0x14c8 MSiSCSI - ok
08:19:21.0510 0x14c8 msiserver - ok
08:19:21.0557 0x14c8 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:19:21.0557 0x14c8 MSKSSRV - ok
08:19:21.0588 0x14c8 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:19:21.0588 0x14c8 MSPCLOCK - ok
08:19:21.0604 0x14c8 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:19:21.0604 0x14c8 MSPQM - ok
08:19:21.0619 0x14c8 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:19:21.0635 0x14c8 MsRPC - ok
08:19:21.0666 0x14c8 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:19:21.0666 0x14c8 mssmbios - ok
08:19:21.0682 0x14c8 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:19:21.0682 0x14c8 MSTEE - ok
08:19:21.0713 0x14c8 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:19:21.0713 0x14c8 MTConfig - ok
08:19:21.0744 0x14c8 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
08:19:21.0744 0x14c8 Mup - ok
08:19:21.0916 0x14c8 [ ED3C7037BF8AEA20291C01B66078FF77, A052ED91C26746D236219785C1932394A769F0A34BCBDBE12B960484F532FB9D ] N360 C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe
08:19:21.0931 0x14c8 N360 - ok
08:19:21.0978 0x14c8 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
08:19:22.0025 0x14c8 napagent - ok
08:19:22.0072 0x14c8 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:19:22.0103 0x14c8 NativeWifiP - ok
08:19:22.0212 0x14c8 [ 18AD0AC87FF266B5E5616FCD6C577311, 8B97F1C95FDD650F14974CF16D8756CE5ABD9D8306D703C2AD5AC3BC6B6DF992 ] NAVENG C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150707.001\NAVENG.SYS
08:19:22.0212 0x14c8 NAVENG - ok
08:19:22.0321 0x14c8 [ 9EDB941A9FA181C4C3DEFF0A0559A056, 1EDC562955EE2D9A464F82A38F82555FE9021ABAC4B0DED99AE6E611EB750AF1 ] NAVEX15 C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150707.001\NAVEX15.SYS
08:19:22.0368 0x14c8 NAVEX15 - ok
08:19:22.0425 0x14c8 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:19:22.0470 0x14c8 NDIS - ok
08:19:22.0495 0x14c8 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:19:22.0495 0x14c8 NdisCap - ok
08:19:22.0515 0x14c8 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:19:22.0515 0x14c8 NdisTapi - ok
08:19:22.0555 0x14c8 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:19:22.0560 0x14c8 Ndisuio - ok
08:19:22.0595 0x14c8 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:19:22.0605 0x14c8 NdisWan - ok
08:19:22.0620 0x14c8 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:19:22.0625 0x14c8 NDProxy - ok
08:19:22.0650 0x14c8 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:19:22.0655 0x14c8 NetBIOS - ok
08:19:22.0690 0x14c8 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:19:22.0700 0x14c8 NetBT - ok
08:19:22.0720 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] Netlogon C:\Windows\system32\lsass.exe
08:19:22.0725 0x14c8 Netlogon - ok
08:19:22.0765 0x14c8 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
08:19:22.0780 0x14c8 Netman - ok
08:19:22.0825 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0835 0x14c8 NetMsmqActivator - ok
08:19:22.0860 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0865 0x14c8 NetPipeActivator - ok
08:19:22.0915 0x14c8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
08:19:22.0950 0x14c8 netprofm - ok
08:19:22.0960 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0970 0x14c8 NetTcpActivator - ok
08:19:22.0980 0x14c8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:19:22.0990 0x14c8 NetTcpPortSharing - ok
08:19:23.0025 0x14c8 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:19:23.0030 0x14c8 nfrd960 - ok
08:19:23.0075 0x14c8 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:19:23.0090 0x14c8 NlaSvc - ok
08:19:23.0115 0x14c8 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:19:23.0120 0x14c8 Npfs - ok
08:19:23.0145 0x14c8 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
08:19:23.0150 0x14c8 nsi - ok
08:19:23.0160 0x14c8 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:19:23.0160 0x14c8 nsiproxy - ok
08:19:23.0250 0x14c8 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:19:23.0340 0x14c8 Ntfs - ok
08:19:23.0355 0x14c8 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
08:19:23.0360 0x14c8 Null - ok
08:19:23.0400 0x14c8 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:19:23.0410 0x14c8 nvraid - ok
08:19:23.0460 0x14c8 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:19:23.0470 0x14c8 nvstor - ok
08:19:23.0495 0x14c8 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:19:23.0500 0x14c8 nv_agp - ok
08:19:23.0535 0x14c8 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:19:23.0540 0x14c8 ohci1394 - ok
08:19:23.0585 0x14c8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:19:23.0605 0x14c8 p2pimsvc - ok
08:19:23.0645 0x14c8 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
08:19:23.0665 0x14c8 p2psvc - ok
08:19:23.0700 0x14c8 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:19:23.0705 0x14c8 Parport - ok
08:19:23.0740 0x14c8 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:19:23.0745 0x14c8 partmgr - ok
08:19:23.0770 0x14c8 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
08:19:23.0770 0x14c8 Parvdm - ok
08:19:23.0805 0x14c8 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
08:19:23.0815 0x14c8 PcaSvc - ok
08:19:23.0855 0x14c8 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
08:19:23.0865 0x14c8 pci - ok
08:19:23.0900 0x14c8 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
08:19:23.0900 0x14c8 pciide - ok
08:19:23.0940 0x14c8 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:19:23.0950 0x14c8 pcmcia - ok
08:19:23.0990 0x14c8 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
08:19:23.0990 0x14c8 pcw - ok
08:19:24.0050 0x14c8 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:19:24.0145 0x14c8 PEAUTH - ok
08:19:24.0290 0x14c8 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
08:19:24.0365 0x14c8 pla - ok
08:19:24.0430 0x14c8 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:19:24.0460 0x14c8 PlugPlay - ok
08:19:24.0495 0x14c8 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:19:24.0500 0x14c8 PNRPAutoReg - ok
08:19:24.0540 0x14c8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:19:24.0555 0x14c8 PNRPsvc - ok
08:19:24.0605 0x14c8 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:19:24.0625 0x14c8 PolicyAgent - ok
08:19:24.0660 0x14c8 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
08:19:24.0670 0x14c8 Power - ok
08:19:24.0710 0x14c8 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:19:24.0715 0x14c8 PptpMiniport - ok
08:19:24.0740 0x14c8 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:19:24.0745 0x14c8 Processor - ok
08:19:24.0770 0x14c8 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
08:19:24.0780 0x14c8 ProfSvc - ok
08:19:24.0795 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:19:24.0800 0x14c8 ProtectedStorage - ok
08:19:24.0830 0x14c8 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:19:24.0835 0x14c8 Psched - ok
08:19:24.0900 0x14c8 [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI C:\Windows\system32\DRIVERS\psi_mf_x86.sys
08:19:24.0900 0x14c8 PSI - ok
08:19:24.0940 0x14c8 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
08:19:24.0955 0x14c8 PSI_SVC_2 - ok
08:19:25.0065 0x14c8 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:19:25.0160 0x14c8 ql2300 - ok
08:19:25.0190 0x14c8 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:19:25.0195 0x14c8 ql40xx - ok
08:19:25.0235 0x14c8 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
08:19:25.0245 0x14c8 QWAVE - ok
08:19:25.0265 0x14c8 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:19:25.0265 0x14c8 QWAVEdrv - ok
08:19:25.0285 0x14c8 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:19:25.0285 0x14c8 RasAcd - ok
08:19:25.0305 0x14c8 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:19:25.0305 0x14c8 RasAgileVpn - ok
08:19:25.0335 0x14c8 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
08:19:25.0345 0x14c8 RasAuto - ok
08:19:25.0370 0x14c8 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:19:25.0375 0x14c8 Rasl2tp - ok
08:19:25.0430 0x14c8 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
08:19:25.0450 0x14c8 RasMan - ok
08:19:25.0475 0x14c8 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:19:25.0480 0x14c8 RasPppoe - ok
08:19:25.0500 0x14c8 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:19:25.0505 0x14c8 RasSstp - ok
08:19:25.0525 0x14c8 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:19:25.0540 0x14c8 rdbss - ok
08:19:25.0575 0x14c8 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:19:25.0575 0x14c8 rdpbus - ok
08:19:25.0605 0x14c8 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:19:25.0605 0x14c8 RDPCDD - ok
08:19:25.0630 0x14c8 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:19:25.0635 0x14c8 RDPENCDD - ok
08:19:25.0645 0x14c8 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:19:25.0645 0x14c8 RDPREFMP - ok
08:19:25.0680 0x14c8 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:19:25.0690 0x14c8 RDPWD - ok
08:19:25.0745 0x14c8 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:19:25.0755 0x14c8 rdyboost - ok
08:19:25.0790 0x14c8 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:19:25.0800 0x14c8 RemoteAccess - ok
08:19:25.0830 0x14c8 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:19:25.0840 0x14c8 RemoteRegistry - ok
08:19:25.0855 0x14c8 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:19:25.0860 0x14c8 RpcEptMapper - ok
08:19:25.0890 0x14c8 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
08:19:25.0890 0x14c8 RpcLocator - ok
08:19:25.0930 0x14c8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
08:19:25.0940 0x14c8 RpcSs - ok
08:19:25.0975 0x14c8 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:19:25.0975 0x14c8 rspndr - ok
08:19:26.0025 0x14c8 [ A633399432491BB173BB3CF3B41B9C55, B4AD5D5B3801D026BE3FC4EAB97543193A90C2262EE0EF82261670149FCB58C6 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
08:19:26.0035 0x14c8 RSUSBSTOR - ok
08:19:26.0115 0x14c8 [ 7AC9F43613CD0EE40BEBBF150FF3A189, C8260E36BE5E156936273FA3FE02C996C06740843E663AFCB1904E4976B37581 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
08:19:26.0145 0x14c8 rtl8192se - ok
08:19:26.0165 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] SamSs C:\Windows\system32\lsass.exe
08:19:26.0165 0x14c8 SamSs - ok
08:19:26.0210 0x14c8 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:19:26.0215 0x14c8 sbp2port - ok
08:19:26.0255 0x14c8 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:19:26.0270 0x14c8 SCardSvr - ok
08:19:26.0290 0x14c8 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:19:26.0295 0x14c8 scfilter - ok
08:19:26.0355 0x14c8 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
08:19:26.0410 0x14c8 Schedule - ok
08:19:26.0450 0x14c8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:19:26.0455 0x14c8 SCPolicySvc - ok
08:19:26.0490 0x14c8 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:19:26.0500 0x14c8 SDRSVC - ok
08:19:26.0535 0x14c8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:19:26.0540 0x14c8 secdrv - ok
08:19:26.0570 0x14c8 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
08:19:26.0575 0x14c8 seclogon - ok
08:19:26.0745 0x14c8 [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
08:19:26.0790 0x14c8 Secunia PSI Agent - ok
08:19:26.0910 0x14c8 [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
08:19:26.0975 0x14c8 Secunia Update Agent - ok
08:19:27.0000 0x14c8 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
08:19:27.0005 0x14c8 SENS - ok
08:19:27.0020 0x14c8 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:19:27.0025 0x14c8 SensrSvc - ok
08:19:27.0060 0x14c8 [ B97E1D0E59A128394F24E9F31E227EF2, 4E3349407522F31D60ACF0BDC050A02D646905048471C43E1A4CFDB31F0D7C64 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl.sys
08:19:27.0070 0x14c8 Ser2pl - ok
08:19:27.0085 0x14c8 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:19:27.0085 0x14c8 Serenum - ok
08:19:27.0095 0x14c8 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:19:27.0100 0x14c8 Serial - ok
08:19:27.0115 0x14c8 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:19:27.0120 0x14c8 sermouse - ok
08:19:27.0150 0x14c8 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
08:19:27.0155 0x14c8 SessionEnv - ok
08:19:27.0175 0x14c8 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:19:27.0175 0x14c8 sffdisk - ok
08:19:27.0190 0x14c8 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:19:27.0190 0x14c8 sffp_mmc - ok
08:19:27.0205 0x14c8 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:19:27.0205 0x14c8 sffp_sd - ok
08:19:27.0245 0x14c8 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:19:27.0250 0x14c8 sfloppy - ok
08:19:27.0285 0x14c8 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:19:27.0310 0x14c8 SharedAccess - ok
08:19:27.0345 0x14c8 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:19:27.0370 0x14c8 ShellHWDetection - ok
08:19:27.0390 0x14c8 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
08:19:27.0395 0x14c8 sisagp - ok
08:19:27.0420 0x14c8 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:19:27.0425 0x14c8 SiSRaid2 - ok
08:19:27.0465 0x14c8 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:19:27.0470 0x14c8 SiSRaid4 - ok
08:19:27.0500 0x14c8 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:19:27.0505 0x14c8 Smb - ok
08:19:27.0565 0x14c8 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:19:27.0570 0x14c8 SNMPTRAP - ok
08:19:27.0590 0x14c8 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
08:19:27.0590 0x14c8 spldr - ok
08:19:27.0625 0x14c8 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
08:19:27.0660 0x14c8 Spooler - ok
08:19:27.0820 0x14c8 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
08:19:27.0925 0x14c8 sppsvc - ok
08:19:27.0965 0x14c8 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:19:27.0975 0x14c8 sppuinotify - ok
08:19:28.0000 0x14c8 [ 1C63FE706AB797BC3C24813FF969B4DE, 7AD2016E1A8119B3E6063F8D065BA16D558E8DA4293604BE4CF7D1C493F5CEED ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys
08:19:28.0005 0x14c8 Spyder3 - ok
08:19:28.0170 0x14c8 [ F0910D9F11A5C1A32B05C8A5B3FB1571, 55E605DEE056966981E93F39BD7851C5F97949A7C6D9E3BEFC1933CB074C3F4D ] SRTSP C:\Windows\System32\Drivers\N360\1605000.07C\SRTSP.SYS
08:19:28.0195 0x14c8 SRTSP - ok
08:19:28.0215 0x14c8 [ 8360A8AF7AA0FCDC67C82FDEF7C38A4B, 9C74DC0B079C2ECD48D9DAD51269DE1DA3F9967EE2706BB39004B9984C4BB6CA ] SRTSPX C:\Windows\system32\drivers\N360\1605000.07C\SRTSPX.SYS
08:19:28.0215 0x14c8 SRTSPX - ok
08:19:28.0250 0x14c8 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:19:28.0265 0x14c8 srv - ok
08:19:28.0295 0x14c8 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:19:28.0305 0x14c8 srv2 - ok
08:19:28.0320 0x14c8 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:19:28.0325 0x14c8 srvnet - ok
08:19:28.0355 0x14c8 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:19:28.0360 0x14c8 SSDPSRV - ok
08:19:28.0380 0x14c8 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:19:28.0385 0x14c8 SstpSvc - ok
08:19:28.0400 0x14c8 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:19:28.0405 0x14c8 stexstor - ok
08:19:28.0452 0x14c8 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
08:19:28.0483 0x14c8 StiSvc - ok
08:19:28.0514 0x14c8 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
08:19:28.0514 0x14c8 swenum - ok
08:19:28.0545 0x14c8 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
08:19:28.0545 0x14c8 swprv - ok
08:19:28.0701 0x14c8 [ 1B92C102E6F6D28D9A4B86BE1160D6F0, 672D383D3396E9380E6E39839586D20EDC02C6E2EA4CDE9F3282F366B331E603 ] SymEFASI C:\Windows\system32\drivers\N360\1605000.07C\SYMEFASI.SYS
08:19:28.0764 0x14c8 SymEFASI - ok
08:19:28.0826 0x14c8 [ 3A6653DD91E159476409D567CB9D4708, D4F1D331D8A2455A03070B46A52FED10BC3FEF37750099F72CD35331CCE6B1DD ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
08:19:28.0826 0x14c8 SymEvent - ok
08:19:28.0873 0x14c8 [ D31541BE604898F04B86278010E834DE, E29D10BC138D0607EC9FC6ACCA6AEA1071FE41139F429499C3081C6A51C8C5DC ] SymIRON C:\Windows\system32\drivers\N360\1605000.07C\Ironx86.SYS
08:19:28.0888 0x14c8 SymIRON - ok
08:19:28.0966 0x14c8 [ 30DA051C81788C1091A70BF0E2989777, 4295EE071E5C5582D0A0D39F306D364497E04E88FEA749D048D0B094586FEFC6 ] SymNetS C:\Windows\System32\Drivers\N360\1605000.07C\SYMNETS.SYS
08:19:28.0982 0x14c8 SymNetS - ok
08:19:29.0029 0x14c8 [ D776EB85A20696D9D43129CCF6E703E2, F4C16C6EE09DA173A8FE3FD85E3F81E68AB4FF66D996FA3CCC47989052DD69C2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:19:29.0044 0x14c8 SynTP - ok
08:19:29.0138 0x14c8 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
08:19:29.0200 0x14c8 SysMain - ok
08:19:29.0247 0x14c8 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
08:19:29.0263 0x14c8 TabletInputService - ok
08:19:29.0294 0x14c8 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
08:19:29.0325 0x14c8 TapiSrv - ok
08:19:29.0356 0x14c8 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
08:19:29.0356 0x14c8 TBS - ok
08:19:29.0450 0x14c8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:19:29.0544 0x14c8 Tcpip - ok
08:19:29.0590 0x14c8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:19:29.0637 0x14c8 TCPIP6 - ok
08:19:29.0653 0x14c8 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:19:29.0653 0x14c8 tcpipreg - ok
08:19:29.0684 0x14c8 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:19:29.0684 0x14c8 TDPIPE - ok
08:19:29.0715 0x14c8 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:19:29.0715 0x14c8 TDTCP - ok
08:19:29.0746 0x14c8 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:19:29.0746 0x14c8 tdx - ok
08:19:29.0778 0x14c8 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:19:29.0778 0x14c8 TermDD - ok
08:19:29.0840 0x14c8 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
08:19:29.0887 0x14c8 TermService - ok
08:19:29.0934 0x14c8 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
08:19:29.0934 0x14c8 Themes - ok
08:19:29.0965 0x14c8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
08:19:29.0965 0x14c8 THREADORDER - ok
08:19:29.0996 0x14c8 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
08:19:29.0996 0x14c8 TrkWks - ok
08:19:30.0058 0x14c8 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:19:30.0074 0x14c8 TrustedInstaller - ok
08:19:30.0105 0x14c8 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:19:30.0105 0x14c8 tssecsrv - ok
08:19:30.0136 0x14c8 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:19:30.0136 0x14c8 TsUsbFlt - ok
08:19:30.0246 0x14c8 [ C1A64414DB4E49D41D9DF9359ED9369B, 9AD4971380D4B76089363A66E2CE220139DB6B5D96334CBCF2B7FAEDA3A386F0 ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
08:19:30.0292 0x14c8 TuneUp.Defrag - ok
08:19:30.0386 0x14c8 [ DC653CF2D70827C4EBC2B157DA25CF57, 2361101B2E5D15FB7E3690681E402C23E1A149442D1907D5C9DB8BEF19E70C29 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
08:19:30.0417 0x14c8 TuneUp.UtilitiesSvc - ok
08:19:30.0464 0x14c8 [ F2107C9D85EC0DF116939CCCE06AE697, 4608E3D0CA0B252130B4DF2505DB4D89635C327A343B470FCB81B8B02CD9FA44 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
08:19:30.0464 0x14c8 TuneUpUtilitiesDrv - ok
08:19:30.0511 0x14c8 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:19:30.0511 0x14c8 tunnel - ok
08:19:30.0542 0x14c8 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:19:30.0558 0x14c8 uagp35 - ok
08:19:30.0573 0x14c8 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:19:30.0589 0x14c8 udfs - ok
08:19:30.0620 0x14c8 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:19:30.0620 0x14c8 UI0Detect - ok
08:19:30.0667 0x14c8 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:19:30.0667 0x14c8 uliagpkx - ok
08:19:30.0714 0x14c8 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
08:19:30.0714 0x14c8 umbus - ok
08:19:30.0760 0x14c8 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:19:30.0760 0x14c8 UmPass - ok
08:19:30.0916 0x14c8 [ AF905F4966CFC8B973623AB150CD4B2B, E1BF0481A584C10AE4A927A01A1E6B76036C18FAF7AB38D9B78641F5808D9888 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:19:31.0041 0x14c8 UNS - ok
08:19:31.0072 0x14c8 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
08:19:31.0088 0x14c8 upnphost - ok
08:19:31.0119 0x14c8 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:19:31.0119 0x14c8 usbccgp - ok
08:19:31.0166 0x14c8 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:19:31.0166 0x14c8 usbcir - ok
08:19:31.0182 0x14c8 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:19:31.0182 0x14c8 usbehci - ok
08:19:31.0213 0x14c8 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:19:31.0228 0x14c8 usbhub - ok
08:19:31.0244 0x14c8 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:19:31.0244 0x14c8 usbohci - ok
08:19:31.0275 0x14c8 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:19:31.0275 0x14c8 usbprint - ok
08:19:31.0306 0x14c8 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:19:31.0322 0x14c8 USBSTOR - ok
08:19:31.0322 0x14c8 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:19:31.0322 0x14c8 usbuhci - ok
08:19:31.0353 0x14c8 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
08:19:31.0353 0x14c8 UxSms - ok
08:19:31.0400 0x14c8 [ DC2172ACCB384C6A3D59342050422102, 64B7CA9383FD3D6F4F6B5EC55E483C72D6BAF47BA4A3AF33F802E7A1DFDC359B ] UxTuneUp C:\Windows\System32\uxtuneup.dll
08:19:31.0416 0x14c8 UxTuneUp - ok
08:19:31.0431 0x14c8 [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] VaultSvc C:\Windows\system32\lsass.exe
08:19:31.0431 0x14c8 VaultSvc - ok
08:19:31.0462 0x14c8 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:19:31.0462 0x14c8 vdrvroot - ok
08:19:31.0525 0x14c8 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
08:19:31.0587 0x14c8 vds - ok
08:19:31.0618 0x14c8 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:19:31.0618 0x14c8 vga - ok
08:19:31.0634 0x14c8 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:19:31.0634 0x14c8 VgaSave - ok
08:19:31.0665 0x14c8 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:19:31.0681 0x14c8 vhdmp - ok
08:19:31.0696 0x14c8 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
08:19:31.0696 0x14c8 viaagp - ok
08:19:31.0743 0x14c8 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
08:19:31.0743 0x14c8 ViaC7 - ok
08:19:31.0774 0x14c8 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
08:19:31.0774 0x14c8 viaide - ok
08:19:31.0806 0x14c8 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:19:31.0806 0x14c8 volmgr - ok
08:19:31.0868 0x14c8 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:19:31.0868 0x14c8 volmgrx - ok
08:19:31.0899 0x14c8 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:19:31.0915 0x14c8 volsnap - ok
08:19:31.0946 0x14c8 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:19:31.0946 0x14c8 vsmraid - ok
08:19:32.0024 0x14c8 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
08:19:32.0086 0x14c8 VSS - ok
08:19:32.0118 0x14c8 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:19:32.0118 0x14c8 vwifibus - ok
08:19:32.0149 0x14c8 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:19:32.0149 0x14c8 vwififlt - ok
08:19:32.0180 0x14c8 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
08:19:32.0196 0x14c8 W32Time - ok
08:19:32.0289 0x14c8 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
08:19:32.0320 0x14c8 W3SVC - ok
08:19:32.0352 0x14c8 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:19:32.0367 0x14c8 WacomPen - ok
08:19:32.0398 0x14c8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:19:32.0398 0x14c8 WANARP - ok
08:19:32.0398 0x14c8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:19:32.0414 0x14c8 Wanarpv6 - ok
08:19:32.0461 0x14c8 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
08:19:32.0476 0x14c8 WAS - ok
08:19:32.0554 0x14c8 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
08:19:32.0632 0x14c8 wbengine - ok
08:19:32.0664 0x14c8 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:19:32.0664 0x14c8 WbioSrvc - ok
08:19:32.0695 0x14c8 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:19:32.0710 0x14c8 wcncsvc - ok
08:19:32.0726 0x14c8 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:19:32.0726 0x14c8 WcsPlugInService - ok
08:19:32.0757 0x14c8 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:19:32.0757 0x14c8 Wd - ok
08:19:32.0820 0x14c8 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:19:32.0866 0x14c8 Wdf01000 - ok
08:19:32.0913 0x14c8 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:19:32.0913 0x14c8 WdiServiceHost - ok
08:19:32.0929 0x14c8 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:19:32.0929 0x14c8 WdiSystemHost - ok
08:19:32.0976 0x14c8 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
08:19:32.0991 0x14c8 WebClient - ok
08:19:33.0038 0x14c8 [ A0F28966756F161290B7320BAFD92CC8, F5D590792DBFB39FA57E59F900712FE672D2A67B5C7AB99E6913ECBD4EDE7D10 ] WebUpdate4 C:\Windows\system32\WebUpdateSvc4.exe
08:19:33.0054 0x14c8 WebUpdate4 - ok
08:19:33.0085 0x14c8 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:19:33.0100 0x14c8 Wecsvc - ok
08:19:33.0116 0x14c8 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:19:33.0132 0x14c8 wercplsupport - ok
08:19:33.0147 0x14c8 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
08:19:33.0163 0x14c8 WerSvc - ok
08:19:33.0194 0x14c8 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:19:33.0194 0x14c8 WfpLwf - ok
08:19:33.0210 0x14c8 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:19:33.0210 0x14c8 WIMMount - ok
08:19:33.0319 0x14c8 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
08:19:33.0381 0x14c8 WinDefend - ok
08:19:33.0397 0x14c8 WinHttpAutoProxySvc - ok
08:19:33.0490 0x14c8 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:19:33.0506 0x14c8 Winmgmt - ok
08:19:33.0600 0x14c8 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
08:19:33.0709 0x14c8 WinRM - ok
08:19:33.0802 0x14c8 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C, 235C7A41425846EFE4966490EB7F72AA768B3FE1665843BF58520DDBD6822A74 ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe
08:19:33.0802 0x14c8 WisLMSvc - ok
08:19:33.0880 0x14c8 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:19:33.0990 0x14c8 Wlansvc - ok
08:19:34.0036 0x14c8 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:19:34.0036 0x14c8 WmiAcpi - ok
08:19:34.0068 0x14c8 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:19:34.0083 0x14c8 wmiApSrv - ok
08:19:34.0192 0x14c8 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:19:34.0255 0x14c8 WMPNetworkSvc - ok
08:19:34.0286 0x14c8 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:19:34.0286 0x14c8 WPCSvc - ok
08:19:34.0317 0x14c8 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:19:34.0333 0x14c8 WPDBusEnum - ok
08:19:34.0364 0x14c8 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:19:34.0364 0x14c8 ws2ifsl - ok
08:19:34.0380 0x14c8 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
08:19:34.0380 0x14c8 wscsvc - ok
08:19:34.0395 0x14c8 WSearch - ok
08:19:34.0536 0x14c8 [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv C:\Windows\system32\wuaueng.dll
08:19:34.0660 0x14c8 wuauserv - ok
08:19:34.0692 0x14c8 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:19:34.0692 0x14c8 WudfPf - ok
08:19:34.0723 0x14c8 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:19:34.0738 0x14c8 wudfsvc - ok
08:19:34.0770 0x14c8 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
08:19:34.0785 0x14c8 WwanSvc - ok
08:19:34.0816 0x14c8 [ 1F93FCB5BAB3A921ECBA522F63586F4A, 0340B73DBC953B50572666EC603E87F253B9CEB9B0489A441A6A2171A04595D8 ] X10Hid C:\Windows\System32\Drivers\x10hid.sys
08:19:34.0816 0x14c8 X10Hid - ok
08:19:34.0863 0x14c8 [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
08:19:34.0863 0x14c8 x10nets - ok
08:19:34.0894 0x14c8 [ 378DC1B0B1F62A7488EE8D31A3C6E949, 8334CBC479797DC82551D38DFF1AEF5E41E4C6427D410C633DECC95C4FB84C0E ] XUIF C:\Windows\System32\Drivers\x10ufx2.sys
08:19:34.0894 0x14c8 XUIF - ok
08:19:34.0926 0x14c8 ================ Scan global ===============================
08:19:34.0957 0x14c8 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
08:19:34.0988 0x14c8 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
08:19:35.0019 0x14c8 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
08:19:35.0050 0x14c8 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
08:19:35.0097 0x14c8 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
08:19:35.0097 0x14c8 [ Global ] - ok
08:19:35.0097 0x14c8 ================ Scan MBR ==================================
08:19:35.0113 0x14c8 [ 8A1C59E4DFEF87510470928550466632 ] \Device\Harddisk0\DR0
08:19:38.0248 0x14c8 \Device\Harddisk0\DR0 - ok
08:19:38.0248 0x14c8 ================ Scan VBR ==================================
08:19:38.0248 0x14c8 [ 8C93A2D9E95CB4B1D841C00D39061704 ] \Device\Harddisk0\DR0\Partition1
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition1 - ok
08:19:38.0264 0x14c8 [ AD83B5DA10D3E8F55EF494AC8169BA32 ] \Device\Harddisk0\DR0\Partition2
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition2 - ok
08:19:38.0264 0x14c8 [ 9769CDCD7A7B1A6898FAAAF7C4A6A7FF ] \Device\Harddisk0\DR0\Partition3
08:19:38.0264 0x14c8 \Device\Harddisk0\DR0\Partition3 - ok
08:19:38.0264 0x14c8 ================ Scan generic autorun ======================
08:19:38.0342 0x14c8 [ 852F12CA7C4FC7E3D77B606492435556, CCDA88794836D40701BF5B0A6872686DDE19C54AFCE6A954C9D83102BB12AEAF ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
08:19:38.0373 0x14c8 IAStorIcon - ok
08:19:38.0732 0x14c8 [ 750C7CEC215C3DACCBD52CF0AB80EC8F, 6086D9311529228CF3CC5DDFF1CF91D478AC16831572385E6930D15B19C3A727 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
08:19:39.0091 0x14c8 RtHDVCpl - ok
08:19:39.0138 0x14c8 [ 2F0ED11A907837A4F5393058AB4490D8, 62A2F9172712ABB2332461F50851D36649F48A3DC6058B073C4E6B01409EAF91 ] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
08:19:39.0169 0x14c8 RtHDVBg - ok
08:19:39.0184 0x14c8 [ 8D2851FC8807D456319C721AE3809824, 3AB40A5538C04CC536523E1AB890BBD4BA648134BB594B852EB8434DCE80632C ] C:\Program Files\Launch Manager\HotkeyApp.exe
08:19:39.0184 0x14c8 HotkeyApp - ok
08:19:39.0216 0x14c8 [ DFA1067EA4157BCCCFD48F052066A076, 5E5B60C20CFF1F3F9D45588B0E0AEB59C3F4C11089CCB52AA92890773BAA081F ] C:\Program Files\Launch Manager\OSD.exe
08:19:39.0216 0x14c8 LMgrVolOSD - ok
08:19:39.0247 0x14c8 [ 9A50FDA9859695E0938EB85E050BCAAF, 36026AF31C905EB9425275D553455FAE0724537F8C3287B8802E910BFE57046E ] C:\Program Files\Launch Manager\Wbutton.exe
08:19:39.0262 0x14c8 Wbutton - ok
08:19:39.0387 0x14c8 [ B2D2DB4C716665691816C77557AD685C, F8B919FED0B4E979DC3F39578D59CFB2D984AFBDD67A6A4D850F71930C28016D ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
08:19:39.0481 0x14c8 SynTPEnh - ok
08:19:39.0512 0x14c8 [ 1029B84ECBE4B95ACB8491A3FE63D70F, DF765BEE2B20800646F70B9E473B95F52457316CB331A3E0BF6974D827AB989D ] C:\Windows\system32\igfxtray.exe
08:19:39.0528 0x14c8 IgfxTray - ok
08:19:39.0543 0x14c8 [ 3CD5BBDA19A1AB4EBA359E0A14FDF0F0, 992E7322C86DA533F6DB9192427EBDC5A8F4D1A878F4B30A17ABD54656CFF6C1 ] C:\Windows\system32\hkcmd.exe
08:19:39.0559 0x14c8 HotKeysCmds - ok
08:19:39.0590 0x14c8 [ 3142195521FEE436088EE8A5748DE1B1, EE8E65977AA0EAC0BF48F7C4620946E48679F047EFC515D5F2E52EA4B88C5731 ] C:\Windows\system32\igfxpers.exe
08:19:39.0606 0x14c8 Persistence - ok
08:19:39.0668 0x14c8 [ E6DEED311D830678E1A0B4889F3C2F0E, 99D34ED089BCC653DE3941C179C4201CC7158F1E4CAE50604908DBB11ACB3905 ] C:\Program Files\Silvercrest NM1005 driver\StartAutorun.exe
08:19:39.0684 0x14c8 KMCONFIG - ok
08:19:39.0980 0x14c8 [ EE526B0428581B57FFC571FF57309E28, 1CF4DD251E78F2B67C4B1973E3378D6B87C5698EEC398CA4043621842ACC426C ] C:\Program Files\CCleaner\CCleaner.exe
08:19:40.0245 0x14c8 CCleaner Monitoring - ok
08:19:40.0354 0x14c8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
08:19:40.0448 0x14c8 Sidebar - ok
08:19:40.0479 0x14c8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
08:19:40.0479 0x14c8 mctadmin - ok
08:19:40.0495 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:41.0509 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:42.0523 0x14c8 Waiting for KSN requests completion. In queue: 14
08:19:43.0552 0x14c8 AV detected via SS2: Norton 360 Premier, C:\Program Files\Norton 360\Engine\22.5.0.124\WSCStub.exe ( 22.5.0.0 ), 0x50000 ( disabled : updated )
08:19:43.0552 0x14c8 FW detected via SS2: Norton 360 Premier, C:\Program Files\Norton 360\Engine\22.5.0.124\WSCStub.exe ( 22.5.0.0 ), 0x50010 ( disabled )
08:19:43.0568 0x14c8 Win FW state via NFP2: enabled
08:19:46.0017 0x14c8 ============================================================
08:19:46.0017 0x14c8 Scan finished
08:19:46.0017 0x14c8 ============================================================
08:19:46.0033 0x14c0 Detected object count: 0
08:19:46.0033 0x14c0 Actual detected object count: 0

Frusti 08.07.2015 07:52
2.Tranche:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by GHM (administrator) on PC on 08-07-2015 08:23:02
Running from C:\Users\GHM\Desktop
Loaded Profiles: GHM (Available Profiles: GHM & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(UASSOFT.COM) C:\Program Files\Silvercrest NM1005 driver\KMWDSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
(Data Perceptions / PowerProgrammer) C:\Windows\System32\WebUpdateSvc4.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(UASSOFT.COM) C:\Program Files\Silvercrest NM1005 driver\StartAutorun.exe
(UASSOFT.COM) C:\Program Files\Silvercrest NM1005 driver\KMCONFIG.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(UASSOFT.COM) C:\Program Files\Silvercrest NM1005 driver\KMProcess.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_194_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Kaspersky Lab ZAO) C:\Users\GHM\Desktop\tdsskiller.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8546848 2010-03-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [686624 2010-03-17] (Realtek Semiconductor)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM\...\Run: [LMgrVolOSD] => C:\Program Files\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [413696 2010-01-13] (Wistron Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [KMCONFIG] => C:\Program Files\Silvercrest NM1005 driver\StartAutorun.exe KMConfig.exe
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264480 2013-10-31] (Jaksta Technologies Pty Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-03-03]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> DefaultScope {C4C2BA6A-B414-4A4C-B39B-87AF0CC54637} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> {A579A8A7-DB00-4081-B65A-CF52EDA72252} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> {C4C2BA6A-B414-4A4C-B39B-87AF0CC54637} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> {E5C4ECBB-88B4-40A1-B8E0-0220F5DD43A3} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{41AAA96B-0BDB-4A4A-B7C4-B603FCC6E19F}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4F301F15-6AB4-45E6-A5F0-46D2B36A1A6D}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-12-11] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn [2015-07-08]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton 360\Engine\22.5.0.124\Exts\Chrome.crx [2015-07-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 KMWDSERVICE; C:\Program Files\Silvercrest NM1005 driver\KMWDSrv.exe [208896 2007-06-16] (UASSOFT.COM) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 N360; C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe [282016 2015-06-18] (Symantec Corporation)
S2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435008 2011-12-23] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1052480 2011-11-21] (TuneUp Software)
R2 WebUpdate4; C:\Windows\system32\WebUpdateSvc4.exe [262360 2009-01-08] (Data Perceptions / PowerProgrammer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150706.001\BHDrvx86.sys [1181424 2015-06-22] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1605000.07C\ccSetx86.sys [128728 2015-06-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-06-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [122192 2015-06-16] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150706.001\IDSvix86.sys [523512 2015-07-01] (Symantec Corporation)
R3 KMWDFilter; C:\Windows\System32\Drivers\KMWDFilter.SYS [17280 2007-06-13] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [786400 2009-08-13] (DiBcom SA)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150707.001\NAVENG.SYS [104440 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150707.001\NAVEX15.SYS [1645432 2015-05-20] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [12288 2008-09-08] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360\1605000.07C\SRTSP.SYS [702680 2015-06-04] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1605000.07C\SRTSPX.SYS [36056 2015-06-04] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360\1605000.07C\SYMEFASI.SYS [1278168 2015-06-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [94424 2015-07-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1605000.07C\Ironx86.SYS [226008 2015-06-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360\1605000.07C\SYMNETS.SYS [421080 2015-06-04] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2010-02-24] (TuneUp Software)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\GHM\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 08:23 - 2015-07-08 08:23 - 00015038 _____ C:\Users\GHM\Desktop\FRST.txt
2015-07-08 08:22 - 2015-07-08 08:23 - 00000000 ____D C:\FRST
2015-07-08 08:22 - 2015-07-08 08:22 - 01636352 _____ (Farbar) C:\Users\GHM\Desktop\FRST.exe
2015-07-08 08:16 - 2015-07-08 08:16 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\GHM\Desktop\tdsskiller.exe
2015-07-07 09:58 - 2015-07-07 09:58 - 00023210 _____ C:\Users\GHM\Desktop\fernOst - von Berlin bis Tokio.odt
2015-07-05 16:28 - 2015-07-05 16:29 - 00011762 _____ C:\Users\GHM\Desktop\Von Sabine - 05.07.15.odt
2015-07-02 07:29 - 2015-07-02 07:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-07-01 18:20 - 2015-07-01 18:34 - 00021113 _____ C:\Users\GHM\Desktop\Zu dem Fernsehfilm - Paradies.odt
2015-07-01 17:52 - 2015-07-04 11:59 - 00022182 _____ C:\Users\GHM\Desktop\Christian.odt
2015-07-01 17:38 - 2015-07-01 17:38 - 00023430 _____ C:\Users\GHM\Desktop\Juris Zarins.odt
2015-07-01 15:59 - 2015-07-01 15:59 - 00021284 _____ C:\Users\GHM\Desktop\Kreative Visualisierung.odt
2015-06-30 09:27 - 2015-06-30 09:27 - 00125268 _____ C:\Users\GHM\Desktop\Selbstbew..odt
2015-06-29 17:40 - 2015-06-29 17:41 - 00012383 _____ C:\Users\GHM\Desktop\Stoffsammlung Chr..odt
2015-06-19 10:01 - 2015-06-19 10:03 - 00000000 ____D C:\Users\GHM\Desktop\Meine HELFER
2015-06-19 09:55 - 2015-06-29 10:50 - 00000000 ____D C:\Users\GHM\Desktop\HEUTE
2015-06-18 09:02 - 2015-06-18 09:02 - 00028478 _____ C:\Users\GHM\Desktop\Benzodiazepine.odt
2015-06-17 10:45 - 2015-06-17 16:02 - 00023185 _____ C:\Users\GHM\Desktop\Nicole - Saartalk, 08.06.2015, SR-Fernsehen.odt
2015-06-15 16:15 - 2015-07-07 15:29 - 00006278 _____ C:\Windows\PFRO.log
2015-06-14 08:00 - 2015-07-08 08:03 - 00001624 _____ C:\Windows\setupact.log
2015-06-14 08:00 - 2015-06-14 08:00 - 00000000 _____ C:\Windows\setuperr.log
2015-06-10 15:09 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 15:09 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 15:09 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 15:09 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:09 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 15:09 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 15:09 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:09 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 15:09 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:09 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 15:09 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 15:09 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 15:09 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 15:09 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 15:09 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 15:09 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:09 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 15:09 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:09 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 15:09 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:09 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 15:09 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 15:09 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 15:09 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 15:09 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 15:09 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 15:09 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 15:09 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:09 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 15:09 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 15:09 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 15:09 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 15:08 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:08 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:06 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 15:06 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:06 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:06 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:06 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:06 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:06 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:06 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:06 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:06 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:06 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:06 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:06 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:06 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:06 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:06 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:06 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:06 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:06 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:06 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:06 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:06 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 08:19 - 2009-07-14 06:34 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-08 08:19 - 2009-07-14 06:34 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-08 08:05 - 2010-09-18 18:25 - 01604020 _____ C:\Windows\WindowsUpdate.log
2015-07-08 08:03 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-08 07:41 - 2010-06-11 00:37 - 01729694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-07 21:03 - 2013-11-22 18:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-07 11:47 - 2014-02-28 20:27 - 00000000 ____D C:\Users\GHM\Desktop\TAGTÄGLICH ROUTINE-1
2015-07-05 19:38 - 2013-11-22 19:36 - 00000000 ____D C:\Users\GHM\AppData\Local\CrashDumps
2015-07-05 19:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-07-03 18:16 - 2014-05-16 11:00 - 00000000 ____D C:\Users\GHM\Desktop\aktuelle Ordner
2015-07-02 15:13 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\Silvercrest NM1005 driver
2015-07-02 15:13 - 2010-10-03 11:35 - 00000000 ____D C:\Program Files\TuneUp Utilities 2010
2015-07-02 15:13 - 2010-06-11 18:16 - 00000000 ____D C:\Program Files\Launch Manager
2015-07-02 09:02 - 2014-12-11 11:43 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-02 07:30 - 2014-12-11 11:41 - 00000000 ____D C:\Windows\system32\Drivers\N360
2015-07-01 16:32 - 2014-12-11 11:43 - 00094424 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2015-07-01 16:32 - 2014-12-11 11:43 - 00008138 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2015-07-01 16:32 - 2010-10-02 20:23 - 00000000 ____D C:\ProgramData\Norton
2015-07-01 16:12 - 2011-01-24 09:15 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-06-24 11:56 - 2013-11-22 18:40 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-24 11:56 - 2012-01-03 11:01 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-22 00:00 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-19 10:06 - 2014-06-29 10:22 - 00000000 ____D C:\Users\GHM\Desktop\Pog-Schib
2015-06-19 10:02 - 2015-03-02 16:34 - 00000000 ____D C:\Users\GHM\Desktop\Aktuelles
2015-06-19 10:02 - 2014-12-14 18:09 - 00000000 ____D C:\Users\GHM\Desktop\ALLES ZU MEINER SITUATION
2015-06-19 09:57 - 2015-05-13 11:09 - 00000000 ____D C:\Users\GHM\Desktop\Interessantes
2015-06-18 14:56 - 2015-05-11 16:28 - 00015354 _____ C:\Users\GHM\Desktop\Währungsreform von 1948.odt
2015-06-15 14:01 - 2015-05-29 16:37 - 00000000 ____D C:\Users\GHM\Desktop\Licht-Smog
2015-06-13 18:27 - 2014-05-27 08:54 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-13 08:21 - 2014-06-17 18:00 - 00000000 ____D C:\Users\GHM\AppData\Local\Adobe
2015-06-11 14:45 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-10 19:05 - 2014-11-13 10:40 - 00000000 __SHD C:\Users\GHM\AppData\Local\EmieBrowserModeList
2015-06-10 19:05 - 2014-04-24 16:26 - 00000000 __SHD C:\Users\GHM\AppData\Local\EmieUserList
2015-06-10 19:05 - 2014-04-24 16:26 - 00000000 __SHD C:\Users\GHM\AppData\Local\EmieSiteList
2015-06-10 18:59 - 2009-07-14 06:33 - 00315128 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 18:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-10 17:24 - 2013-09-11 18:41 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 17:20 - 2010-06-11 19:09 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-03-13 13:39 - 2011-03-13 13:39 - 0000091 _____ () C:\Users\GHM\AppData\Local\fusioncache.dat
2011-01-24 09:16 - 2011-01-24 09:16 - 0001940 _____ () C:\Users\GHM\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 10:48

==================== End of log ============================
--- --- ---


===============================
=================================
Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x86) Version: 05-07-2015
Ran by GHM at 2015-07-08 08:23:37
Running from C:\Users\GHM\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3599072517-1776181473-3531619768-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3599072517-1776181473-3531619768-1002 - Limited - Enabled)
Gast (S-1-5-21-3599072517-1776181473-3531619768-501 - Limited - Disabled)
GHM (S-1-5-21-3599072517-1776181473-3531619768-1000 - Administrator - Enabled) => C:\Users\GHM

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Premier (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AM-DeadLink 4.6 (HKLM\...\aignesamdeadlink_is1) (Version: 4.6 - www.aignes.com)
Applian FLV and Media Player 3.1.1.12 (HKLM\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
Freecorder 8 Applications (8.0.1.19) (HKLM\...\Freecorder 8 Applications) (Version: 8.0.1.19 - Applian Technologies) <==== ATTENTION
Google Earth (HKLM\...\{C768790F-04FB-11E0-9B2C-001AA037B01E}) (Version: 6.0.1.2032 - Google)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2092 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 79 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager V1.5.0.8 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.0.8 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Meade LPI (HKLM\...\{23484C5A-E7AE-4F59-B7DF-88D63BEF18F4}) (Version: 2.46.3.0 - )
Microsoft .NET Compact Framework 2.0 SP2 (HKLM\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Norton 360 Premier (HKLM\...\N360) (Version: 22.5.0.124 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30117 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0145 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Silvercrest NM1005 driver (HKLM\...\InstallShield_{1C5E457F-2009-4673-8DF4-135898ABA870}) (Version: 5.10.17 - Targa GmbH)
Silvercrest NM1005 driver (Version: 5.10.17 - Targa GmbH) Hidden
Software Update Wizard (Redist) 4.5 (HKLM\...\Software Update Wizard (Redist)) (Version: 4.5 - PowerProgrammer)
Stellarium 0.13.2 (HKLM\...\Stellarium_is1) (Version: 0.13.2 - Stellarium team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TuneUp Utilities (HKLM\...\TuneUp Utilities) (Version: 9.0.6030.1 - TuneUp Software)
TuneUp Utilities (Version: 9.0.6030.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 9.0.6030.1 - TuneUp Software) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

21-05-2015 08:11:32 Windows Update
28-05-2015 09:38:09 Geplanter Prüfpunkt
05-06-2015 06:29:13 Geplanter Prüfpunkt
05-06-2015 10:43:37 Windows Update
10-06-2015 17:19:04 Windows Update
18-06-2015 12:00:50 Geplanter Prüfpunkt
26-06-2015 14:21:46 Geplanter Prüfpunkt
04-07-2015 13:03:40 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {165C5968-C88F-4A04-BDA0-84A7702F11D7} - System32\Tasks\{0CABE388-CA3B-4C03-8834-B23EA88582D2} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {1B58DD69-7CD8-428E-8AF1-F4561B60022B} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {22026F00-5371-495A-8955-B942E8F60D5A} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe
Task: {22274F06-45A8-47B0-AE2F-EDB35BD03C56} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {246B6664-6B31-4120-A649-A826330AC9A2} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe
Task: {2BE98043-7BF6-48C7-9E74-0FF27BAC3CFA} - System32\Tasks\{EE580633-7AF9-4B99-89EB-FC30E9C48A10} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {33948ED2-8750-4A4F-97A0-E6092E0D33CC} - System32\Tasks\{CACC66E8-773A-493F-B055-842E053CC2DD} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\uiStub.exe
Task: {343D5FFE-FC8D-4C67-AEB1-4D0045F7E59C} - System32\Tasks\{525B7F42-104F-452E-8957-6B83CBA039FD} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {43216073-228E-406F-B21E-5007D7B8260D} - System32\Tasks\{AE4EFF61-1333-44E0-B8A5-1533F4C293FF} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {442A651C-0FCE-469A-A5A0-D35DB52ACAC4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {5A965C5C-5429-4807-8939-6FA4C156E1AC} - System32\Tasks\{8981FB4E-AAEE-4A83-9B59-FD049634C066} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {62138DA7-CEED-482E-A53E-C53E167ECE4D} - System32\Tasks\{B9144F3B-BFC7-4043-A6BE-3D103109A325} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {6E995A92-5164-4362-8F9E-EBA604138AB2} - System32\Tasks\{941B04B0-B4A7-4E2C-AA4B-EB18D11FE7BD} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {78B0D134-4F5F-4303-9BA9-A26B416CA8B3} - System32\Tasks\{2F8AE86D-C16B-494B-B128-C3AF00304684} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {7D8473E7-3D1E-4218-958C-7A86982BE9C6} - System32\Tasks\{534F2751-BBB0-498C-B0BA-2FCACBD716E4} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {82E067F4-0E5A-4F8C-9606-8C6346B1D6B8} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\22.5.0.124\WSCStub.exe [2015-06-18] (Symantec Corporation)
Task: {8618C71B-1EFB-4A13-89C7-D5864FB04BAD} - System32\Tasks\{E5897B04-E0FD-4FF9-8028-D57EB918290F} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {88938DD2-E6E5-42C7-AC74-5F8B762D46E5} - System32\Tasks\{53766444-4A8D-4CAC-A3F3-769521C26451} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\uiStub.exe
Task: {88F7AC18-6143-4A8F-A09A-6430C4DFC104} - System32\Tasks\{36B47B9D-1D87-4C97-946E-DD937B1B15E8} => pcalua.exe -a "C:\Program Files\OpenOffice 4\program\swriter.exe" -d "C:\Program Files\OpenOffice 4\"
Task: {98800D62-F8B1-47C7-8718-0EF972BD62BF} - System32\Tasks\{873D580C-0E2D-45E2-A2C2-55A355D235B5} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {A560798D-0BE2-4A4E-A957-952851F616BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {AF6A920F-FD88-42B3-9F5A-144272260B12} - System32\Tasks\{06D416FB-73D1-4AA9-AAFB-69E84EF27B2F} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {B4DB4241-A5D0-4465-BEA8-12B6F8B3531E} - System32\Tasks\{D983DC3F-81BD-4C64-9ECC-4C2AFAEB299B} => C:\Medion\Fix Windows Update.exe [2009-11-26] ()
Task: {BF5946C2-EA02-42C6-8E4C-EC490016A363} - System32\Tasks\{29542231-EC11-4FEF-804B-18989C576D63} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {C0DD792B-584D-445A-A4E1-28A0A30D97E8} - System32\Tasks\{1DB9D2CE-0CB9-4C4F-9468-EAB0EB7066BD} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {C95EA6F7-107E-497D-8369-6DFCEBCD07C7} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {CCDCEA17-158D-4666-9B1A-6D8208F0D014} - System32\Tasks\{6E87E417-7283-4E75-A527-F31AD12A67CD} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {CE3E0DCA-0E9D-4255-981B-E27DDBD73ED8} - System32\Tasks\{5F0615FA-77BF-4D6D-A950-91BF2C45C215} => pcalua.exe -a C:\PROGRA~1\Meade\AUTOST~1\UNWISE.EXE -c C:\PROGRA~1\Meade\AUTOST~1\INSTALL.LOG
Task: {CEB0F449-6827-49D0-8429-4BB0C8B26CF0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {D80FF8E1-CFB4-4FB2-BB03-5895864A56D5} - System32\Tasks\{B5D4B8AF-20FC-48AD-9F57-7BB6AB1F2452} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {E8A9C5A7-997A-40B0-8961-1C99079F08D1} - System32\Tasks\{0A1C68F5-34E2-4CE4-A9AB-7C52159B7D80} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {F64CFA7A-E036-402D-88C1-61A835B612EA} - System32\Tasks\{E00BD7CB-9D61-44B1-A5DC-B723F3FC94F2} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {F9709670-1930-4A84-997D-7A5680FF8F6E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe [2011-11-21] (TuneUp Software)
Task: {F9E26035-D75C-4594-AC4D-850BDD3E5A1D} - System32\Tasks\{CCB33391-B9A7-4A99-A584-62895F17BE98} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {FEC8420A-B8BC-4ADF-B894-6B92558D1476} - System32\Tasks\{25D0679D-17AA-4042-9FC4-59ACC6A628FF} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2010-06-11 18:01 - 2009-10-02 22:18 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2007-03-29 13:17 - 2007-03-29 13:17 - 00106496 _____ () C:\Program Files\Silvercrest NM1005 driver\keydll.dll
2005-05-04 20:12 - 2005-05-04 20:12 - 00028672 _____ () C:\Program Files\Silvercrest NM1005 driver\MouseHook.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCDDFB51-A85C-4C8A-97C9-9E8C3C3CA351}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7B8DA88C-FD1E-45F9-A244-0EB95AFEFC27}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{4F297754-718F-4D8B-BA85-34FD252A15BC}] => (Allow) C:\Program Files\Applian Technologies\Freecorder 8 Applications\Torrent\aria2c.exe
FirewallRules: [{1187DA05-EC29-4E6A-B7D2-6FF0EB1660DD}] => (Allow) C:\Program Files\Applian Technologies\Freecorder 8 Applications\Torrent\aria2c.exe
FirewallRules: [{1B0FC091-9CEF-41A9-8039-C70DBDCBBB25}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/08/2015 08:09:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x1d8
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/08/2015 07:39:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x6ac
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/07/2015 03:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/07/2015 06:45:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x1cc
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/06/2015 07:31:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xeeffee01
ID des fehlerhaften Prozesses: 0x6ec
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/05/2015 07:37:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17813, Zeitstempel: 0x554a1601
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636303
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00032214
ID des fehlerhaften Prozesses: 0x1074
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3

Error: (07/05/2015 08:52:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000001
ID des fehlerhaften Prozesses: 0x4dc
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/04/2015 08:16:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x180
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/03/2015 08:34:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000001
ID des fehlerhaften Prozesses: 0x190
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/02/2015 00:08:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3


System errors:
=============
Error: (07/08/2015 08:09:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/08/2015 07:39:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/07/2015 06:53:27 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/07/2015 06:53:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/07/2015 06:53:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/07/2015 06:53:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/07/2015 06:53:22 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/07/2015 06:49:58 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/07/2015 06:49:58 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/07/2015 03:36:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (07/08/2015 08:09:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a8240000015000935341d801d0b943e391d2aaC:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exed9baeee0-2537-11e5-88f0-00262df85f3b

Error: (07/08/2015 07:39:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a8240000015000935346ac01d0b93fb826d9deC:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exeadb7cce3-2533-11e5-9e09-00262df85f3b

Error: (07/07/2015 03:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353472401d0b8b919e47c28C:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exe2ba7190c-24ad-11e5-9d9a-00262df85f3b

Error: (07/07/2015 06:45:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a8240000015000935341cc01d0b86ef9d4e3d3C:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exe04344b78-2463-11e5-9c0e-00262df85f3b

Error: (07/06/2015 07:31:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c0000005eeffee016ec01d0b7a07a59ecf0C:\Program Files\Secunia\PSI\PSIA.exeunknown4a8f363b-23a0-11e5-a85c-00262df85f3b

Error: (07/05/2015 07:37:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.17813554a1601ntdll.dll6.1.7601.1886955636303c000000500032214107401d0b7494b70696eC:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll8c03a1a4-233c-11e5-b04d-00262df85f3b

Error: (07/05/2015 08:52:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c0000005000000014dc01d0b6ee41dd077eC:\Program Files\Secunia\PSI\PSIA.exeunknown5c7f0e7e-22e2-11e5-b04d-00262df85f3b

Error: (07/04/2015 08:16:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c00000050000000018001d0b62024e6d4a9C:\Program Files\Secunia\PSI\PSIA.exeunknown3e72f425-2214-11e5-a4a5-00262df85f3b

Error: (07/03/2015 08:34:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c00000050000000119001d0b5596fc7d619C:\Program Files\Secunia\PSI\PSIA.exeunknown883aee0d-214d-11e5-8ef2-00262df85f3b

Error: (07/02/2015 00:08:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353479001d0b49f9318615aC:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exe539eccf3-20a2-11e5-91a0-00262df85f3b


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 41%
Total physical RAM: 3510.6 MB
Available physical RAM: 2056.7 MB
Total Virtual: 7019.52 MB
Available Virtual: 5549.44 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:424.66 GB) (Free:386.87 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:21.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=424.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================
--- --- ---

===============================
===============================
Ich hoffe es hat geklappt

Gruß
Frusti

M-K-D-B 08.07.2015 15:08
Servus,







Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Frusti 08.07.2015 17:24
Hallo,

AdwCleaner Logfile:
Code:
# AdwCleaner v4.207 - Bericht erstellt 08/07/2015 um 17:55:40
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-07-05.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : GHM - PC
# Gestarted von : C:\Users\GHM\Desktop\AdwCleaner_4.207.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
Ordner Gelöscht : C:\Program Files\Applian Technologies

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\System\CurrentControlSet\Services\Eventlog\Application\registry helper service
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ToolbarProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ToolbarProtector.1
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV and Media Player

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


*************************

AdwCleaner[R0].txt - [1754 Bytes] - [05/03/2015 14:23:49]
AdwCleaner[R1].txt - [928 Bytes] - [03/04/2015 15:13:34]
AdwCleaner[R2].txt - [1110 Bytes] - [03/04/2015 15:21:12]
AdwCleaner[R3].txt - [1632 Bytes] - [08/07/2015 17:54:25]
AdwCleaner[S0].txt - [1815 Bytes] - [05/03/2015 14:26:27]
AdwCleaner[S1].txt - [1552 Bytes] - [08/07/2015 17:55:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1611  Bytes] ##########
--- --- ---


==================================
===============================
Zitat:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 08.07.2015
Suchlauf-Zeit: 18:00:29
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.07.08.04
Rootkit Datenbank: v2015.07.07.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: GHM

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 377986
Verstrichene Zeit: 17 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Gruß
Frusti

M-K-D-B 08.07.2015 18:57
Servus,



  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

Frusti 09.07.2015 08:47
Hallo,


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by GHM (administrator) on PC on 09-07-2015 09:43:00
Running from C:\Users\GHM\Desktop
Loaded Profiles: GHM (Available Profiles: GHM & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(UASSOFT.COM) C:\Program Files\Silvercrest NM1005 driver\KMWDSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
(Data Perceptions / PowerProgrammer) C:\Windows\System32\WebUpdateSvc4.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(UASSOFT.COM) C:\Program Files\Silvercrest NM1005 driver\StartAutorun.exe
(UASSOFT.COM) C:\Program Files\Silvercrest NM1005 driver\KMCONFIG.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(UASSOFT.COM) C:\Program Files\Silvercrest NM1005 driver\KMProcess.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_194_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8546848 2010-03-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [686624 2010-03-17] (Realtek Semiconductor)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM\...\Run: [LMgrVolOSD] => C:\Program Files\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [413696 2010-01-13] (Wistron Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [KMCONFIG] => C:\Program Files\Silvercrest NM1005 driver\StartAutorun.exe KMConfig.exe
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs: C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264480 2013-10-31] (Jaksta Technologies Pty Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-03-03]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> {A579A8A7-DB00-4081-B65A-CF52EDA72252} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> {C4C2BA6A-B414-4A4C-B39B-87AF0CC54637} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> {E5C4ECBB-88B4-40A1-B8E0-0220F5DD43A3} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{41AAA96B-0BDB-4A4A-B7C4-B603FCC6E19F}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4F301F15-6AB4-45E6-A5F0-46D2B36A1A6D}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-12-11] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn [2015-07-09]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton 360\Engine\22.5.0.124\Exts\Chrome.crx [2015-07-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 KMWDSERVICE; C:\Program Files\Silvercrest NM1005 driver\KMWDSrv.exe [208896 2007-06-16] (UASSOFT.COM) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 N360; C:\Program Files\Norton 360\Engine\22.5.0.124\N360.exe [282016 2015-06-18] (Symantec Corporation)
S2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435008 2011-12-23] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1052480 2011-11-21] (TuneUp Software)
R2 WebUpdate4; C:\Windows\system32\WebUpdateSvc4.exe [262360 2009-01-08] (Data Perceptions / PowerProgrammer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150706.001\BHDrvx86.sys [1181424 2015-06-22] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1605000.07C\ccSetx86.sys [128728 2015-06-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-06-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [122192 2015-06-16] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150708.001\IDSvix86.sys [523512 2015-07-01] (Symantec Corporation)
R3 KMWDFilter; C:\Windows\System32\Drivers\KMWDFilter.SYS [17280 2007-06-13] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [786400 2009-08-13] (DiBcom SA)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150708.017\NAVENG.SYS [104440 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150708.017\NAVEX15.SYS [1645432 2015-05-20] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [12288 2008-09-08] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360\1605000.07C\SRTSP.SYS [702680 2015-06-04] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1605000.07C\SRTSPX.SYS [36056 2015-06-04] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360\1605000.07C\SYMEFASI.SYS [1278168 2015-06-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [94424 2015-07-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1605000.07C\Ironx86.SYS [226008 2015-06-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360\1605000.07C\SYMNETS.SYS [421080 2015-06-04] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2010-02-24] (TuneUp Software)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\GHM\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 09:42 - 2015-07-09 09:42 - 01636352 _____ (Farbar) C:\Users\GHM\Desktop\FRST.exe
2015-07-08 18:21 - 2015-07-08 18:21 - 00001206 _____ C:\Users\GHM\Desktop\mbam.txt
2015-07-08 17:59 - 2015-07-08 17:59 - 00001068 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-08 17:58 - 2015-07-08 17:58 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\GHM\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-08 17:53 - 2015-07-08 17:53 - 02244096 _____ C:\Users\GHM\Desktop\AdwCleaner_4.207.exe
2015-07-08 08:23 - 2015-07-09 09:43 - 00014832 _____ C:\Users\GHM\Desktop\FRST.txt
2015-07-08 08:23 - 2015-07-08 08:24 - 00030761 _____ C:\Users\GHM\Desktop\Addition.txt
2015-07-08 08:22 - 2015-07-09 09:43 - 00000000 ____D C:\FRST
2015-07-08 08:16 - 2015-07-08 08:16 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\GHM\Desktop\tdsskiller.exe
2015-07-07 09:58 - 2015-07-07 09:58 - 00023210 _____ C:\Users\GHM\Desktop\fernOst - von Berlin bis Tokio.odt
2015-07-05 16:28 - 2015-07-05 16:29 - 00011762 _____ C:\Users\GHM\Desktop\Von Sabine - 05.07.15.odt
2015-07-02 07:29 - 2015-07-02 07:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-07-01 18:20 - 2015-07-01 18:34 - 00021113 _____ C:\Users\GHM\Desktop\Zu dem Fernsehfilm - Paradies.odt
2015-07-01 17:52 - 2015-07-04 11:59 - 00022182 _____ C:\Users\GHM\Desktop\Christian.odt
2015-07-01 17:38 - 2015-07-01 17:38 - 00023430 _____ C:\Users\GHM\Desktop\Juris Zarins.odt
2015-07-01 15:59 - 2015-07-01 15:59 - 00021284 _____ C:\Users\GHM\Desktop\Kreative Visualisierung.odt
2015-06-30 09:27 - 2015-06-30 09:27 - 00125268 _____ C:\Users\GHM\Desktop\Selbstbew..odt
2015-06-29 17:40 - 2015-06-29 17:41 - 00012383 _____ C:\Users\GHM\Desktop\Stoffsammlung Chr..odt
2015-06-19 10:01 - 2015-06-19 10:03 - 00000000 ____D C:\Users\GHM\Desktop\Meine HELFER
2015-06-19 09:55 - 2015-06-29 10:50 - 00000000 ____D C:\Users\GHM\Desktop\HEUTE
2015-06-18 09:02 - 2015-06-18 09:02 - 00028478 _____ C:\Users\GHM\Desktop\Benzodiazepine.odt
2015-06-17 10:45 - 2015-06-17 16:02 - 00023185 _____ C:\Users\GHM\Desktop\Nicole - Saartalk, 08.06.2015, SR-Fernsehen.odt
2015-06-15 16:15 - 2015-07-07 15:29 - 00006278 _____ C:\Windows\PFRO.log
2015-06-14 08:00 - 2015-07-09 09:17 - 00001904 _____ C:\Windows\setupact.log
2015-06-14 08:00 - 2015-06-14 08:00 - 00000000 _____ C:\Windows\setuperr.log
2015-06-10 15:09 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 15:09 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 15:09 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 15:09 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:09 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 15:09 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 15:09 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:09 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 15:09 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:09 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 15:09 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 15:09 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 15:09 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 15:09 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 15:09 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 15:09 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:09 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 15:09 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:09 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 15:09 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:09 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 15:09 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 15:09 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 15:09 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 15:09 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 15:09 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 15:09 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 15:09 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:09 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 15:09 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 15:09 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 15:09 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 15:08 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:08 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:06 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 15:06 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:06 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:06 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:06 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:06 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:06 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:06 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:06 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:06 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:06 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:06 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:06 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:06 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:06 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:06 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:06 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:06 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:06 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:06 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:06 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:06 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:06 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:06 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:06 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 09:26 - 2009-07-14 06:34 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-09 09:26 - 2009-07-14 06:34 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 09:18 - 2010-09-18 18:25 - 01756440 _____ C:\Windows\WindowsUpdate.log
2015-07-09 09:17 - 2014-05-27 08:54 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-09 09:17 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-08 18:04 - 2010-06-11 00:37 - 01729694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-08 18:03 - 2013-11-22 18:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-08 18:00 - 2014-05-27 08:54 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-08 17:55 - 2015-03-05 14:21 - 00000000 ____D C:\AdwCleaner
2015-07-08 09:35 - 2014-02-28 20:27 - 00000000 ____D C:\Users\GHM\Desktop\TAGTÄGLICH ROUTINE-1
2015-07-08 09:24 - 2014-06-29 10:22 - 00000000 ____D C:\Users\GHM\Desktop\Pog-Schib
2015-07-08 09:17 - 2014-10-09 07:54 - 00000000 ____D C:\Users\GHM\Desktop\Einkäufe
2015-07-05 19:38 - 2013-11-22 19:36 - 00000000 ____D C:\Users\GHM\AppData\Local\CrashDumps
2015-07-05 19:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-07-03 18:16 - 2014-05-16 11:00 - 00000000 ____D C:\Users\GHM\Desktop\aktuelle Ordner
2015-07-02 15:13 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\Silvercrest NM1005 driver
2015-07-02 15:13 - 2010-10-03 11:35 - 00000000 ____D C:\Program Files\TuneUp Utilities 2010
2015-07-02 15:13 - 2010-06-11 18:16 - 00000000 ____D C:\Program Files\Launch Manager
2015-07-02 09:02 - 2014-12-11 11:43 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-02 07:30 - 2014-12-11 11:41 - 00000000 ____D C:\Windows\system32\Drivers\N360
2015-07-01 16:32 - 2014-12-11 11:43 - 00094424 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2015-07-01 16:32 - 2014-12-11 11:43 - 00008138 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2015-07-01 16:32 - 2010-10-02 20:23 - 00000000 ____D C:\ProgramData\Norton
2015-07-01 16:12 - 2011-01-24 09:15 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-06-24 11:56 - 2013-11-22 18:40 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-24 11:56 - 2012-01-03 11:01 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-22 00:00 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-19 10:02 - 2015-03-02 16:34 - 00000000 ____D C:\Users\GHM\Desktop\Aktuelles
2015-06-19 10:02 - 2014-12-14 18:09 - 00000000 ____D C:\Users\GHM\Desktop\ALLES ZU MEINER SITUATION
2015-06-19 09:57 - 2015-05-13 11:09 - 00000000 ____D C:\Users\GHM\Desktop\Interessantes
2015-06-18 14:56 - 2015-05-11 16:28 - 00015354 _____ C:\Users\GHM\Desktop\Währungsreform von 1948.odt
2015-06-15 14:01 - 2015-05-29 16:37 - 00000000 ____D C:\Users\GHM\Desktop\Licht-Smog
2015-06-13 08:21 - 2014-06-17 18:00 - 00000000 ____D C:\Users\GHM\AppData\Local\Adobe
2015-06-11 14:45 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-10 19:05 - 2014-11-13 10:40 - 00000000 __SHD C:\Users\GHM\AppData\Local\EmieBrowserModeList
2015-06-10 19:05 - 2014-04-24 16:26 - 00000000 __SHD C:\Users\GHM\AppData\Local\EmieUserList
2015-06-10 19:05 - 2014-04-24 16:26 - 00000000 __SHD C:\Users\GHM\AppData\Local\EmieSiteList
2015-06-10 18:59 - 2009-07-14 06:33 - 00315128 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 18:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-10 17:24 - 2013-09-11 18:41 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 17:20 - 2010-06-11 19:09 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-03-13 13:39 - 2011-03-13 13:39 - 0000091 _____ () C:\Users\GHM\AppData\Local\fusioncache.dat
2011-01-24 09:16 - 2011-01-24 09:16 - 0001940 _____ () C:\Users\GHM\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

Some files in TEMP:
====================
C:\Users\GHM\AppData\Local\Temp\Quarantine.exe
C:\Users\GHM\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 10:48

==================== End of log ============================
--- --- ---


====================================
=====================================
[QUOTE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x86) Version: 05-07-2015
Ran by GHM at 2015-07-09 09:43:41
Running from C:\Users\GHM\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3599072517-1776181473-3531619768-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3599072517-1776181473-3531619768-1002 - Limited - Enabled)
Gast (S-1-5-21-3599072517-1776181473-3531619768-501 - Limited - Disabled)
GHM (S-1-5-21-3599072517-1776181473-3531619768-1000 - Administrator - Enabled) => C:\Users\GHM

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Premier (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AM-DeadLink 4.6 (HKLM\...\aignesamdeadlink_is1) (Version: 4.6 - www.aignes.com)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
Freecorder 8 Applications (8.0.1.19) (HKLM\...\Freecorder 8 Applications) (Version: 8.0.1.19 - Applian Technologies) <==== ATTENTION
Google Earth (HKLM\...\{C768790F-04FB-11E0-9B2C-001AA037B01E}) (Version: 6.0.1.2032 - Google)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2092 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 79 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager V1.5.0.8 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.0.8 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Meade LPI (HKLM\...\{23484C5A-E7AE-4F59-B7DF-88D63BEF18F4}) (Version: 2.46.3.0 - )
Microsoft .NET Compact Framework 2.0 SP2 (HKLM\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Norton 360 Premier (HKLM\...\N360) (Version: 22.5.0.124 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30117 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0145 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Silvercrest NM1005 driver (HKLM\...\InstallShield_{1C5E457F-2009-4673-8DF4-135898ABA870}) (Version: 5.10.17 - Targa GmbH)
Silvercrest NM1005 driver (Version: 5.10.17 - Targa GmbH) Hidden
Software Update Wizard (Redist) 4.5 (HKLM\...\Software Update Wizard (Redist)) (Version: 4.5 - PowerProgrammer)
Stellarium 0.13.2 (HKLM\...\Stellarium_is1) (Version: 0.13.2 - Stellarium team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TuneUp Utilities (HKLM\...\TuneUp Utilities) (Version: 9.0.6030.1 - TuneUp Software)
TuneUp Utilities (Version: 9.0.6030.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 9.0.6030.1 - TuneUp Software) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

21-05-2015 08:11:32 Windows Update
28-05-2015 09:38:09 Geplanter Prüfpunkt
05-06-2015 06:29:13 Geplanter Prüfpunkt
05-06-2015 10:43:37 Windows Update
10-06-2015 17:19:04 Windows Update
18-06-2015 12:00:50 Geplanter Prüfpunkt
26-06-2015 14:21:46 Geplanter Prüfpunkt
04-07-2015 13:03:40 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {165C5968-C88F-4A04-BDA0-84A7702F11D7} - System32\Tasks\{0CABE388-CA3B-4C03-8834-B23EA88582D2} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {1B58DD69-7CD8-428E-8AF1-F4561B60022B} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {22026F00-5371-495A-8955-B942E8F60D5A} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe
Task: {22274F06-45A8-47B0-AE2F-EDB35BD03C56} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {246B6664-6B31-4120-A649-A826330AC9A2} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe
Task: {2BE98043-7BF6-48C7-9E74-0FF27BAC3CFA} - System32\Tasks\{EE580633-7AF9-4B99-89EB-FC30E9C48A10} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {33948ED2-8750-4A4F-97A0-E6092E0D33CC} - System32\Tasks\{CACC66E8-773A-493F-B055-842E053CC2DD} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\uiStub.exe
Task: {343D5FFE-FC8D-4C67-AEB1-4D0045F7E59C} - System32\Tasks\{525B7F42-104F-452E-8957-6B83CBA039FD} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {43216073-228E-406F-B21E-5007D7B8260D} - System32\Tasks\{AE4EFF61-1333-44E0-B8A5-1533F4C293FF} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {442A651C-0FCE-469A-A5A0-D35DB52ACAC4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {5A965C5C-5429-4807-8939-6FA4C156E1AC} - System32\Tasks\{8981FB4E-AAEE-4A83-9B59-FD049634C066} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {62138DA7-CEED-482E-A53E-C53E167ECE4D} - System32\Tasks\{B9144F3B-BFC7-4043-A6BE-3D103109A325} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {6E995A92-5164-4362-8F9E-EBA604138AB2} - System32\Tasks\{941B04B0-B4A7-4E2C-AA4B-EB18D11FE7BD} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {78B0D134-4F5F-4303-9BA9-A26B416CA8B3} - System32\Tasks\{2F8AE86D-C16B-494B-B128-C3AF00304684} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {7D8473E7-3D1E-4218-958C-7A86982BE9C6} - System32\Tasks\{534F2751-BBB0-498C-B0BA-2FCACBD716E4} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {82E067F4-0E5A-4F8C-9606-8C6346B1D6B8} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\22.5.0.124\WSCStub.exe [2015-06-18] (Symantec Corporation)
Task: {8618C71B-1EFB-4A13-89C7-D5864FB04BAD} - System32\Tasks\{E5897B04-E0FD-4FF9-8028-D57EB918290F} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {88938DD2-E6E5-42C7-AC74-5F8B762D46E5} - System32\Tasks\{53766444-4A8D-4CAC-A3F3-769521C26451} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\uiStub.exe
Task: {88F7AC18-6143-4A8F-A09A-6430C4DFC104} - System32\Tasks\{36B47B9D-1D87-4C97-946E-DD937B1B15E8} => pcalua.exe -a "C:\Program Files\OpenOffice 4\program\swriter.exe" -d "C:\Program Files\OpenOffice 4\"
Task: {98800D62-F8B1-47C7-8718-0EF972BD62BF} - System32\Tasks\{873D580C-0E2D-45E2-A2C2-55A355D235B5} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {A560798D-0BE2-4A4E-A957-952851F616BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {AF6A920F-FD88-42B3-9F5A-144272260B12} - System32\Tasks\{06D416FB-73D1-4AA9-AAFB-69E84EF27B2F} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {B4DB4241-A5D0-4465-BEA8-12B6F8B3531E} - System32\Tasks\{D983DC3F-81BD-4C64-9ECC-4C2AFAEB299B} => C:\Medion\Fix Windows Update.exe [2009-11-26] ()
Task: {BF5946C2-EA02-42C6-8E4C-EC490016A363} - System32\Tasks\{29542231-EC11-4FEF-804B-18989C576D63} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {C0DD792B-584D-445A-A4E1-28A0A30D97E8} - System32\Tasks\{1DB9D2CE-0CB9-4C4F-9468-EAB0EB7066BD} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {C95EA6F7-107E-497D-8369-6DFCEBCD07C7} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {CCDCEA17-158D-4666-9B1A-6D8208F0D014} - System32\Tasks\{6E87E417-7283-4E75-A527-F31AD12A67CD} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {CE3E0DCA-0E9D-4255-981B-E27DDBD73ED8} - System32\Tasks\{5F0615FA-77BF-4D6D-A950-91BF2C45C215} => pcalua.exe -a C:\PROGRA~1\Meade\AUTOST~1\UNWISE.EXE -c C:\PROGRA~1\Meade\AUTOST~1\INSTALL.LOG
Task: {CEB0F449-6827-49D0-8429-4BB0C8B26CF0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {D80FF8E1-CFB4-4FB2-BB03-5895864A56D5} - System32\Tasks\{B5D4B8AF-20FC-48AD-9F57-7BB6AB1F2452} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {E8A9C5A7-997A-40B0-8961-1C99079F08D1} - System32\Tasks\{0A1C68F5-34E2-4CE4-A9AB-7C52159B7D80} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {F64CFA7A-E036-402D-88C1-61A835B612EA} - System32\Tasks\{E00BD7CB-9D61-44B1-A5DC-B723F3FC94F2} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {F9709670-1930-4A84-997D-7A5680FF8F6E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe [2011-11-21] (TuneUp Software)
Task: {F9E26035-D75C-4594-AC4D-850BDD3E5A1D} - System32\Tasks\{CCB33391-B9A7-4A99-A584-62895F17BE98} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()
Task: {FEC8420A-B8BC-4ADF-B894-6B92558D1476} - System32\Tasks\{25D0679D-17AA-4042-9FC4-59ACC6A628FF} => C:\Program Files\Meade\AutostarSuite\UNWISE.EXE [2001-09-28] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2010-06-11 18:01 - 2009-10-02 22:18 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2007-03-29 13:17 - 2007-03-29 13:17 - 00106496 _____ () C:\Program Files\Silvercrest NM1005 driver\keydll.dll
2005-05-04 20:12 - 2005-05-04 20:12 - 00028672 _____ () C:\Program Files\Silvercrest NM1005 driver\MouseHook.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FCDDFB51-A85C-4C8A-97C9-9E8C3C3CA351}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{7B8DA88C-FD1E-45F9-A244-0EB95AFEFC27}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{4F297754-718F-4D8B-BA85-34FD252A15BC}] => (Allow) C:\Program Files\Applian Technologies\Freecorder 8 Applications\Torrent\aria2c.exe
FirewallRules: [{1187DA05-EC29-4E6A-B7D2-6FF0EB1660DD}] => (Allow) C:\Program Files\Applian Technologies\Freecorder 8 Applications\Torrent\aria2c.exe
FirewallRules: [{1B0FC091-9CEF-41A9-8039-C70DBDCBBB25}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2015 09:22:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x618
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/08/2015 06:03:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x180
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/08/2015 05:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x498
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/08/2015 01:19:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1e0
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/08/2015 09:08:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x714
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/08/2015 08:09:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x1d8
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/08/2015 07:39:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x6ac
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/07/2015 03:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/07/2015 06:45:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x1cc
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (07/06/2015 07:31:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xeeffee01
ID des fehlerhaften Prozesses: 0x6ec
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3


System errors:
=============
Error: (07/09/2015 09:22:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/08/2015 06:03:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/08/2015 05:55:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2015 05:55:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management & Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/08/2015 05:55:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2015 05:55:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WisLMSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/08/2015 05:55:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/08/2015 05:55:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/08/2015 05:55:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "X10 Device Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/08/2015 05:55:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Web Update Wizard Service V4" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (07/09/2015 09:22:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353461801d0ba17522a54d0C:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exe48126075-260b-11e5-b03f-00262df85f3b

Error: (07/08/2015 06:03:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c00000050000000018001d0b996b637729eC:\Program Files\Secunia\PSI\PSIA.exeunknownce8a864f-258a-11e5-8851-00262df85f3b

Error: (07/08/2015 05:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c00000050000000049801d0b995a138ece2C:\Program Files\Secunia\PSI\PSIA.exeunknownbb5348cc-2589-11e5-a8f8-00262df85f3b

Error: (07/08/2015 01:19:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c0000005000000001e001d0b96f08bceef6C:\Program Files\Secunia\PSI\PSIA.exeunknown22727158-2563-11e5-9024-00262df85f3b

Error: (07/08/2015 09:08:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353471401d0b94c3355a5c6C:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exe2984305d-2540-11e5-9cd2-00262df85f3b

Error: (07/08/2015 08:09:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a8240000015000935341d801d0b943e391d2aaC:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exed9baeee0-2537-11e5-88f0-00262df85f3b

Error: (07/08/2015 07:39:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a8240000015000935346ac01d0b93fb826d9deC:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exeadb7cce3-2533-11e5-9e09-00262df85f3b

Error: (07/07/2015 03:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82400000150009353472401d0b8b919e47c28C:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exe2ba7190c-24ad-11e5-9d9a-00262df85f3b

Error: (07/07/2015 06:45:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a8240000015000935341cc01d0b86ef9d4e3d3C:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exe04344b78-2463-11e5-9c0e-00262df85f3b

Error: (07/06/2015 07:31:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c0000005eeffee016ec01d0b7a07a59ecf0C:\Program Files\Secunia\PSI\PSIA.exeunknown4a8f363b-23a0-11e5-a85c-00262df85f3b


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 43%
Total physical RAM: 3510.6 MB
Available physical RAM: 1970.4 MB
Total Virtual: 7019.52 MB
Available Virtual: 5448.64 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:424.66 GB) (Free:386.58 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:21.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=424.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End of log ============================
--- --- ---


Gruß
Frusti

M-K-D-B 09.07.2015 13:12
Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> {E5C4ECBB-88B4-40A1-B8E0-0220F5DD43A3} URL =
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} ->  No File
RemoveProxy:
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

Frusti 10.07.2015 10:50
Hallo,

Zitat:
Fix result of Farbar Recovery Scan Tool (x86) Version: 09-07-2015
Ran by GHM at 2015-07-10 10:07:17 Run:1
Running from C:\Users\GHM\Desktop
Loaded Profiles: GHM (Available Profiles: GHM & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3599072517-1776181473-3531619768-1000 -> {E5C4ECBB-88B4-40A1-B8E0-0220F5DD43A3} URL =
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
RemoveProxy:
EmptyTemp:
end

*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E5C4ECBB-88B4-40A1-B8E0-0220F5DD43A3}" => key removed successfully.
HKCR\CLSID\{E5C4ECBB-88B4-40A1-B8E0-0220F5DD43A3} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => key removed successfully.
"HKCR\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => key removed successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-3599072517-1776181473-3531619768-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.


========= End of RemoveProxy: =========

EmptyTemp: => 238.2 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:07:28 ====
======================================
======================================
Zitat:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6e03170a2db53479130eb19fc27f124
# end=init
# utc_time=2015-07-10 08:14:23
# local_time=2015-07-10 10:14:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24731
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a6e03170a2db53479130eb19fc27f124
# end=updated
# utc_time=2015-07-10 08:15:26
# local_time=2015-07-10 10:15:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a6e03170a2db53479130eb19fc27f124
# engine=24731
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-10 09:37:10
# local_time=2015-07-10 11:37:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 61 530794 199117615 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 57599037 188152221 0 0
# scanned=148587
# found=0
# cleaned=0
# scan_time=4903
=========================================
========================================
Zitat:
Results of screen317's Security Check version 1.004
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Norton 360 Premier
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.10004)
TuneUp Utilities
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities
CCleaner
Java 7 Update 79
Java version 32-bit out of Date!
Adobe Reader XI
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
================================
==================================
Ich hoffe, ich habe alles richtig gemacht!

Gruß
Frusti

M-K-D-B 10.07.2015 20:51

Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall TuneUp Utilities
CCleaner .

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über
Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
zu deinstallieren.







Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. :daumenhoc
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
   


Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/adblock_firefox.pngAdblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
http://filepony.de/icon/noscript.png NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/ghostery_chrome.pngGhostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Frusti 12.07.2015 11:05
Eine Frage hätte ich noch:

Im 37. posting kam bei security check" der Satz:
Zitat:
Java version 32-bit out of Date!
Welche Bedeutung hat der Satz? Was ist zu tun?

Gruß
Frusti

M-K-D-B 12.07.2015 11:23
Servus,



Java 7 Update 79/80 über Systemsteuerung deinstallieren und die Version 8 von Java downloaden (siehe Link in meinem letzten Post).



Ich bin froh, dass wir helfen konnten :abklatsch:

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! :)

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:17 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131