Hallo,

Der Echtzeit-Scanner von AntiVir hat heute bei mir den Virus "EXP/CVE-2012-1723.A.5273" entdeckt, es wurde direkt in Quarantäne verschoben.

Ist das Problem damit behoben, oder was kann ich da machen?

Ich habe wenig Ahnung, was ich da tun kann

Grüße

Smile

Hi,

Avira meldet da erstmal nur einen Java-Exploit, das bedeutet für sich allein noch nicht viel.
Ohne Logs kann man da nichts weiter dazu sagen.


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST.txt


FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Kathi (administrator) on KATHI-PC on 09-10-2013 10:45:14
Running from C:\Users\Kathi\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Softex Inc.) C:\Program Files\Softex\OmniPass\OmniServ.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
() C:\Program Files\ICQ6Toolbar\ICQ Service.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron) C:\Program Files\Launch Manager\WButton.exe
(AVM Berlin GmbH) C:\Program Files\avmwlanstick\FRITZWLanMini.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Sony Corporation) C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\Softex\OmniPass\opvapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\MSN Messenger\msnmsgr.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(Dropbox, Inc.) C:\Users\Kathi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\system32\WerCon.exe
(Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-08-31] (Synaptics, Inc.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [LaunchAp] - C:\Program Files\Launch Manager\LaunchAp.exe [32768 2007-09-01] ()
HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [188416 2007-09-06] (Wistron)
HKLM\...\Run: [CtrlVol] - "C:\Program Files\Launch Manager\CtrlVol.exe"
HKLM\...\Run: [LMgrOSD] - C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [86016 2007-09-07] (Wistron)
HKLM\...\Run: [AVMWlanClient] - C:\Program Files\avmwlanstick\FRITZWLANMini.exe [343552 2006-06-23] (AVM Berlin GmbH)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4718592 2007-12-17] (Realtek Semiconductor)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-15] (Nero AG)
HKCU\...\Run: [msnmsgr] - C:\Program Files\MSN Messenger\msnmsgr.exe [5674352 2007-01-19] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-02-25] (Google Inc.)
HKCU\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: {0f1db785-ac4a-11dd-b138-0015af919d41} - H:\LaunchU3.exe -a
MountPoints2: {22eabb38-4dc8-11de-9e6b-000ae4ca7292} - G:\LaunchU3.exe -a
MountPoints2: {6ea0c691-1c6c-11e2-9cea-000ae4ca7292} - G:\LaunchU3.exe -a
MountPoints2: {bd31c6c7-f76b-11dc-b0b6-000ae4ca7292} - G:\pushinst.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\Kathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kathi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {BE9654C9-9D79-42ec-B55A-3CAEB12DBF58} URL = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (ICQ Inc.)
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: No Name - {7E853D72-626A-48EC-A868-BA8D5E23E045} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {8C922C73-FFFA-45A3-B2C2-BC1E30074267} hxxp://www.sony.de/bravia/RegistrationAgent.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-03] (Avira Operations GmbH & Co. KG)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [87336 2010-01-20] (Dassault Systèmes SolidWorks Corp.)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-06-19] (Cisco Systems, Inc.)
S3 FirebirdServerMAGIXInstance; C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [222968 2009-06-01] ()
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation)
R2 omniserv; C:\Program Files\Softex\OmniPass\OmniServ.exe [40960 2007-11-02] (Softex Inc.)
R2 Remote Solver for Flow Simulation 2010; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [71464 2009-11-23] (Mentor Graphics Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-02-28] (SolidWorks)
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH)
S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2007-09-11] (Wistron Corp.)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146560 2007-08-28] (AuthenTec, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-31] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [247352 2008-01-19] (Microsoft Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306299 2008-06-19] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
S3 EverestDriver; C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [22640 2007-10-17] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [264704 2006-04-06] (AVM GmbH)
R1 Hotkey; C:\Windows\System32\Drivers\Hotkey.sys [9867 2003-04-28] ()
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
S3 rt2500usb; C:\Windows\System32\DRIVERS\rt2500usb.sys [243456 2005-03-12] (Ralink Technology Inc.)
R0 Si3531; C:\Windows\System32\DRIVERS\Si3531.sys [210736 2007-06-01] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17328 2007-05-25] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12464 2007-05-25] (Silicon Image, Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-09 10:45 - 2013-10-09 10:45 - 00000000 ____D C:\FRST
2013-10-09 10:44 - 2013-10-09 10:44 - 01087213 _____ (Farbar) C:\Users\Kathi\Desktop\FRST.exe
2013-10-09 10:41 - 2013-10-09 10:41 - 00000000 ____D C:\Program Files\iMesh Applications
2013-10-09 10:34 - 2013-10-09 10:34 - 100120694 _____ C:\Windows\system32\쥏쒯᭄�
2013-10-08 13:33 - 2013-10-08 13:33 - 99859239 _____ C:\Windows\system32\緂�᭄“
2013-09-27 16:31 - 2013-09-27 16:39 - 00000000 ____D C:\Users\Kathi\Desktop\Violet
2013-09-18 16:52 - 2013-09-18 16:52 - 00001891 _____ C:\Users\Public\Desktop\Adobe Reader 8.lnk
2013-09-18 16:22 - 2013-09-18 16:22 - 00000000 ____D C:\Users\Kathi\AppData\Roaming\PDF Architect

==================== One Month Modified Files and Folders =======

2013-10-09 10:45 - 2013-10-09 10:45 - 00000000 ____D C:\FRST
2013-10-09 10:45 - 2008-04-03 19:01 - 00000418 ____H C:\Windows\Tasks\User_Feed_Synchronization-{1C129506-3973-4B3F-A2FB-B141B4E7BE42}.job
2013-10-09 10:44 - 2013-10-09 10:44 - 01087213 _____ (Farbar) C:\Users\Kathi\Desktop\FRST.exe
2013-10-09 10:41 - 2013-10-09 10:41 - 00000000 ____D C:\Program Files\iMesh Applications
2013-10-09 10:41 - 2008-03-19 22:08 - 01369927 _____ C:\Windows\WindowsUpdate.log
2013-10-09 10:36 - 2006-11-02 14:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-09 10:36 - 2006-11-02 14:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-09 10:34 - 2013-10-09 10:34 - 100120694 _____ C:\Windows\system32\쥏쒯᭄�
2013-10-09 10:33 - 2012-10-22 20:04 - 00000000 ___RD C:\Users\Kathi\Dropbox
2013-10-09 10:33 - 2012-10-22 19:59 - 00000000 ____D C:\Users\Kathi\AppData\Roaming\Dropbox
2013-10-09 10:31 - 2010-02-26 01:02 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-09 10:31 - 2008-03-19 22:11 - 00000000 ____D C:\Users\Kathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2013-10-09 10:30 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-08 23:45 - 2006-11-02 15:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-08 22:59 - 2010-02-26 09:49 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-08 13:33 - 2013-10-08 13:33 - 99859239 _____ C:\Windows\system32\緂�᭄“
2013-09-27 18:48 - 2013-06-01 22:29 - 00000000 ____D C:\Users\Kathi\Desktop\Forst'13
2013-09-27 16:39 - 2013-09-27 16:31 - 00000000 ____D C:\Users\Kathi\Desktop\Violet
2013-09-20 13:56 - 2012-11-14 12:36 - 00000000 ____D C:\Users\Kathi\Desktop\Ordner für Alles
2013-09-19 11:13 - 2008-01-14 18:41 - 00047216 _____ C:\Windows\PFRO.log
2013-09-18 16:52 - 2013-09-18 16:52 - 00001891 _____ C:\Users\Public\Desktop\Adobe Reader 8.lnk
2013-09-18 16:52 - 2008-11-23 19:40 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-09-18 16:52 - 2008-11-23 19:40 - 00000000 ____D C:\Program Files\Adobe
2013-09-18 16:52 - 2008-01-14 16:16 - 00000000 ____D C:\ProgramData\Adobe
2013-09-18 16:37 - 2013-09-03 15:01 - 00000000 ____D C:\Program Files\PDF Architect
2013-09-18 16:22 - 2013-09-18 16:22 - 00000000 ____D C:\Users\Kathi\AppData\Roaming\PDF Architect
2013-09-18 14:54 - 2008-01-14 18:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-18 14:51 - 2013-08-16 10:49 - 00000000 ____D C:\Windows\system32\MRT
2013-09-18 14:41 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\Kathi\AppData\Local\Temp\718631~1.exe
C:\Users\Kathi\AppData\Local\Temp\a2eruuyd.dll
C:\Users\Kathi\AppData\Local\Temp\AskSLib.dll
C:\Users\Kathi\AppData\Local\Temp\GDMD25E.exe
C:\Users\Kathi\AppData\Local\Temp\GfxDbMash.dll
C:\Users\Kathi\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Kathi\AppData\Local\Temp\readSTILog.dll
C:\Users\Kathi\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Kathi\AppData\Local\Temp\unwise.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 10:37

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Addition.txt

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013
Ran by Kathi at 2013-10-09 10:48:24
Running from C:\Users\Kathi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

!rc Parcoursplaner (Version: 2.03.0000)
3531-W-D (Version: 1.5.18)
AAC Decoder (Version: 7.1.0)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Photoshop Elements 11 (Version: 11.0)
Adobe Photoshop Lightroom 3.5 (Version: 3.5.1)
Adobe Reader 8.1.3 - Deutsch (Version: 8.1.3)
Adobe Shockwave Player (Version: 10.3.0.24)
Agere Systems HDA Modem
Apple Application Support (Version: 1.2.1)
Apple Software Update (Version: 2.1.1.116)
Audacity 1.3.13 (Unicode)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.9.2)
AutoUpdate (Version: 1.1)
Avira Free Antivirus (Version: 13.0.0.4052)
Canon Utilities Digital Photo Professional 3.11 (Version: 3.11.30.3)
Canon Utilities EOS Sample Music (Version: 1.0.1.1)
Canon Utilities EOS Utility (Version: 2.11.3.0)
Canon Utilities ImageBrowser EX (Version: 1.1.1.19)
Canon Utilities PhotoStitch (Version: 3.1.23.47)
Canon Utilities Picture Style Editor (Version: 1.10.2.0)
Cisco Systems VPN Client 5.0.03.0560 (Version: 5.0.3)
Content Transfer (Version: 1.3.0.23190)
CyberLink Power2Go (Version: 6.0.1109a)
Derive 5
Designer 2.0 (Version: 7.8.4)
DivX Codec (Version: 6.8.5)
DivX Converter (Version: 7.0.0)
DivX Player (Version: 7.1.0)
DivX Plus DirectShow Filters
DivX Version Checker (Version: 7.0.0.19)
DivX Web Player (Version: 1.4.3)
Dropbox (HKCU Version: 2.0.22)
Elements 11 Organizer (Version: 11.0)
EVEREST Ultimate Edition v4.20 (Version: 4.20)
Firebird SQL Server - MAGIX Edition (Version: 2.0.1.8)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4413.1752)
Google Update Helper (Version: 1.3.21.153)
H.264 Decoder (Version: 1.0.0)
ICQ Toolbar (Version: 3.0.0)
Inst5657 (Version: 5.00.91)
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Jahrbuch Sport und Zucht 2010 (Version: 1.01.0000)
Java(TM) 6 Update 3 (Version: 1.6.0.30)
Launch Manager V1.4.9 (Version: 1.4.9)
Letstrade (Version: 1.00.0000)
MakeDisc (Version: 3.0.2320)
MATLAB Student R2008b (Version: 7.7)
MDESIGN Explorer 5 (Version:  5.2)
MediaShow (Version: 3.0.4325)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2003 Web Components (Version: 12.0.6213.1000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Applications - ENU
Microsoft Visual Studio 2005 Tools for Applications - ENU (Version: 8.0.50727.146)
MKV Splitter (Version: 1.0.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MWSnap 3 (Version: 3.0.0.74)
Nero 8 Essentials (Version: 8.10.124)
neroxml (Version: 1.0.0)
NWZ-E440 WALKMAN Guide (Version: 2.0.00.07010)
OmniPass 5.00.91 (Version: 5.00.91)
PDFCreator (Version: 1.7.1)
PhotoNow! (Version: 1.0.4310)
PhotoView 360 (Version: 18.21.12)
PowerDirector (Version: 6.5.2209a)
PowerDVD (Version: 7.0.3118.0)
PowerProducer (Version: 4.2.2219)
ProtectDisc Driver, Version 11 (Version: 11.0.0.14)
PSE11 STI Installer (Version: 11.0)
QuickTime (Version: 7.66.71.0)
Ralink Wireless LAN (Version: 1.00.0000)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5532)
Realtek USB 2.0 Card Reader (Version: )
Sceneo AbsolutTV
SolidWorks 2010 SP02.1 (Version: 18.121.12)
SolidWorks 2010 SP02.1 (Version: 18.2.1.12)
SolidWorks eDrawings 2010 (Version: 10.2.122)
SolidWorks Flow Simulation 2010 SP02.1 (Version: 18.21.13)
Synaptics Pointing Device Driver (Version: 10.0.14.0)
TVsweeper 3 (Version: 3.0.3)
Ulead PhotoImpact 12 (Version: 12.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
VCRedistSetup (Version: 1.0.0)
Windows Live Messenger (Version: 8.1.0178.00)
WinRAR 4.10 (32-Bit) (Version: 4.10.0)
WinZip 15.0 (Version: 15.0.9411)
WISO Mein Geld 2008 Professional (Version: 9.00.01.0023)

==================== Restore Points  =========================

19-09-2013 10:02:12 Geplanter Prüfpunkt
20-09-2013 10:31:06 Geplanter Prüfpunkt
07-10-2013 10:42:09 Geplanter Prüfpunkt
08-10-2013 18:43:28 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {05E23326-3630-4C8E-BC36-9D84F4650BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {187084E2-FE64-47CC-ACA7-0632718522E4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4F928097-BB26-4C31-9945-C1F3CA52C5A7} - System32\Tasks\AdobeAAMUpdater-1.0-Kathi-PC-Kathi => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {6BB2BE05-339B-4E68-8E91-5D93F723D89B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {A600F746-E89C-45F5-BD6E-371EF4C6769D} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EE4FFC4D-0992-4069-9022-7620CCA061CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{1C129506-3973-4B3F-A2FB-B141B4E7BE42}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2013-01-03 19:42 - 2012-11-27 14:38 - 00112128 _____ () C:\Program Files\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Kathi\AppData\Roaming\Dropbox\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2013 01:33:28 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung NMIndexingService.exe, Version 3.1.2.0, Zeitstempel 0x470f754b, fehlerhaftes Modul NMIndexingService.exe, Version 3.1.2.0, Zeitstempel 0x470f754b, Ausnahmecode 0xc0000005, Fehleroffset 0x00011d69,
Prozess-ID 0x140c, Anwendungsstartzeit NMIndexingService.exe0.

Error: (09/20/2013 01:53:43 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6001.18164, Zeitstempel 0x4907e242, fehlerhaftes Modul OLEAUT32.dll, Version 6.0.6001.18565, Zeitstempel 0x4d0f78bd, Ausnahmecode 0xc0000094, Fehleroffset 0x000219a1,
Prozess-ID 0xb5c, Anwendungsstartzeit Explorer.EXE0.

Error: (09/06/2013 04:20:41 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6001.18164, Zeitstempel 0x4907e242, fehlerhaftes Modul ntdll.dll, Version 6.0.6001.18538, Zeitstempel 0x4cb733dc, Ausnahmecode 0xc0000005, Fehleroffset 0x00068755,
Prozess-ID 0xc20, Anwendungsstartzeit Explorer.EXE0.

Error: (09/05/2013 11:29:44 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung avnotify.exe, Version 13.6.20.2100, Zeitstempel 0x51e6b921, fehlerhaftes Modul avnotify.exe, Version 13.6.20.2100, Zeitstempel 0x51e6b921, Ausnahmecode 0xc0000005, Fehleroffset 0x00011380,
Prozess-ID 0x14c0, Anwendungsstartzeit avnotify.exe0.

Error: (09/04/2013 09:22:18 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung avnotify.exe, Version 13.6.20.2100, Zeitstempel 0x51e6b921, fehlerhaftes Modul avnotify.exe, Version 13.6.20.2100, Zeitstempel 0x51e6b921, Ausnahmecode 0xc0000005, Fehleroffset 0x00011380,
Prozess-ID 0x13a8, Anwendungsstartzeit avnotify.exe0.

Error: (09/03/2013 10:46:21 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel 0x4de07b1b, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x023b0ef2,
Prozess-ID 0x16e4, Anwendungsstartzeit iexplore.exe0.

Error: (09/03/2013 02:36:06 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel 0x4de07b1b, fehlerhaftes Modul MSVCR80.dll, Version 8.0.50727.6195, Zeitstempel 0x4dcddbf3, Ausnahmecode 0xc0000005, Fehleroffset 0x0001459b,
Prozess-ID 0x1160, Anwendungsstartzeit iexplore.exe0.

Error: (09/03/2013 01:45:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel 0x4de07b1b, fehlerhaftes Modul ntdll.dll, Version 6.0.6001.18538, Zeitstempel 0x4cb733dc, Ausnahmecode 0xc0000374, Fehleroffset 0x000b0dbc,
Prozess-ID 0x1450, Anwendungsstartzeit iexplore.exe0.

Error: (08/25/2013 02:41:23 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung WButton.exe, Version 1.0.8.6, Zeitstempel 0x46e0a8dc, fehlerhaftes Modul kernel32.dll, Version 6.0.6001.18631, Zeitstempel 0x4da467f0, Ausnahmecode 0xe06d7363, Fehleroffset 0x00044503,
Prozess-ID 0xc78, Anwendungsstartzeit WButton.exe0.

Error: (08/16/2013 10:37:46 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel 0x4de07b1b, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.19088, Zeitstempel 0x4de090ed, Ausnahmecode 0xc0000005, Fehleroffset 0x00070fe6,
Prozess-ID 0x1244, Anwendungsstartzeit iexplore.exe0.


System errors:
=============
Error: (10/09/2013 10:32:24 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/09/2013 10:30:42 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (10/08/2013 11:45:40 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (10/08/2013 10:16:54 PM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.2 für die Netzwerkkarte mit der Netzwerkadresse 0015AF919D41 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (10/08/2013 06:56:57 PM) (Source: Dhcp) (User: )
Description: Die IP-Adresslease 192.168.1.6 für die Netzwerkkarte mit der Netzwerkadresse 0015AF919D41 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (10/08/2013 04:02:39 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/08/2013 04:01:48 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (10/08/2013 04:01:46 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 08.10.2013 um 15:22:15 unerwartet heruntergefahren.

Error: (10/08/2013 01:34:12 PM) (Source: Service Control Manager) (User: )
Description: NMIndexingService1

Error: (10/08/2013 01:33:11 PM) (Source: Service Control Manager) (User: )
Description: NMIndexingService%%1053


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-10-09 10:46:36.148
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-09 10:46:35.834
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-09 10:46:35.523
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-09 10:46:35.207
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-09 10:46:34.849
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-09 10:46:34.533
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-09 10:46:34.210
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-10-09 10:46:33.848
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-05-14 20:29:50.119
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-05-14 20:29:49.694
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 57%
Total physical RAM: 2037.69 MB
Available physical RAM: 868.18 MB
Total Pagefile: 4316.66 MB
Available Pagefile: 2855.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.32 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:126.37 GB) (Free:25.98 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:22.66 GB) (Free:12.69 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 0FF4BC04)
Partition 1: (Not Active) - (Size=23 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=126 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Nicht viel zu sehen bisher. Läuft der Rechner denn normal?


Schritt 1

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2


ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Also normal läuft er nicht, teilweise schonmal sehr langsam vorallem im Internet hängt er andauernd.

So Schritt 1 hab ich gemacht.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.09.02

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Kathi :: KATHI-PC [Administrator]

Schutz: Aktiviert

09.10.2013 11:12:52
mbam-log-2013-10-09 (11-12-52).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 208299
Laufzeit: 12 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ToolBand.XTTBPos00 (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\$Recycle.Bin\S-1-5-21-595641031-776160148-3981033198-1003\$RCUZ0XV.exe (PUP.Optional.iMeshMusicBoxTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\ICQToolbar\toolbaru.dll (Trojan.BHO) -> Löschen bei Neustart.

(Ende)
         

So, jetzt ist auch Schritt 2 fertig.

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f14f26b5a3154e44844219acfe26deff
# engine=15413
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-09 12:34:11
# local_time=2013-10-09 02:34:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=1799 16775165 100 97 14482 246741741 7191 0
# compatibility_mode=5892 16776574 100 100 28308838 218854779 0 0
# scanned=314756
# found=1
# cleaned=0
# scan_time=9162
sh=180D50419DE85D6417657E950CF6B3BC1ACF665C ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2013-1493.HL trojan" ac=I fn="C:\Users\Kathi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\531e0243-4811cf3d"
         

Und wie lange läuft er schon so unrund? Ist das schleichend passiert oder plötzlich?


Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Also ich persönlich habs eher so empfunden als wenn das schleichend gekommen wäre, also immer schlimmer wurde. Und ich würd sagen seit einigen Wochen.

So hier

Code: Alles auswählenAufklappen

ATTFilter

10:55:23.0624 3488  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:55:23.0884 3488  ============================================================
10:55:23.0884 3488  Current date / time: 2013/10/10 10:55:23.0884
10:55:23.0884 3488  SystemInfo:
10:55:23.0884 3488  
10:55:23.0884 3488  OS Version: 6.0.6001 ServicePack: 1.0
10:55:23.0884 3488  Product type: Workstation
10:55:23.0884 3488  ComputerName: KATHI-PC
10:55:23.0884 3488  UserName: Kathi
10:55:23.0884 3488  Windows directory: C:\Windows
10:55:23.0884 3488  System windows directory: C:\Windows
10:55:23.0884 3488  Processor architecture: Intel x86
10:55:23.0884 3488  Number of processors: 2
10:55:23.0884 3488  Page size: 0x1000
10:55:23.0884 3488  Boot type: Normal boot
10:55:23.0884 3488  ============================================================
10:55:25.0231 3488  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:55:25.0250 3488  ============================================================
10:55:25.0250 3488  \Device\Harddisk0\DR0:
10:55:25.0250 3488  MBR partitions:
10:55:25.0275 3488  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0xFCBF370, BlocksNum 0x2D59751
10:55:25.0275 3488  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFCBF2F2
10:55:25.0275 3488  ============================================================
10:55:25.0343 3488  C: <-> \Device\Harddisk0\DR0\Partition2
10:55:25.0343 3488  D: <-> \Device\Harddisk0\DR0\Partition1
10:55:25.0344 3488  ============================================================
10:55:25.0344 3488  Initialize success
10:55:25.0344 3488  ============================================================
10:56:13.0298 3824  ============================================================
10:56:13.0298 3824  Scan started
10:56:13.0298 3824  Mode: Manual; SigCheck; TDLFS; 
10:56:13.0298 3824  ============================================================
10:56:14.0615 3824  ================ Scan system memory ========================
10:56:14.0615 3824  System memory - ok
10:56:14.0616 3824  ================ Scan services =============================
10:56:14.0880 3824  [ E6F53D6C0DEA3D375362265E175CA638 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
10:56:15.0292 3824  acedrv11 - ok
10:56:15.0344 3824  [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:56:15.0385 3824  ACPI - ok
10:56:15.0525 3824  [ BF3818B441955E4D438EC72F06F1FE61 ] AdobeActiveFileMonitor11.0 C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
10:56:15.0587 3824  AdobeActiveFileMonitor11.0 - ok
10:56:15.0683 3824  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:56:15.0756 3824  adp94xx - ok
10:56:15.0806 3824  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:56:15.0872 3824  adpahci - ok
10:56:15.0906 3824  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:56:15.0947 3824  adpu160m - ok
10:56:15.0983 3824  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:56:16.0009 3824  adpu320 - ok
10:56:16.0060 3824  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:56:16.0233 3824  AeLookupSvc - ok
10:56:16.0288 3824  [ 48EB99503533C27AC6135648E5474457 ] AFD             C:\Windows\system32\drivers\afd.sys
10:56:16.0412 3824  AFD - ok
10:56:16.0473 3824  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
10:56:16.0594 3824  AgereModemAudio - ok
10:56:16.0671 3824  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
10:56:16.0901 3824  AgereSoftModem - ok
10:56:16.0962 3824  [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:56:16.0989 3824  agp440 - ok
10:56:17.0062 3824  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:56:17.0095 3824  aic78xx - ok
10:56:17.0139 3824  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
10:56:17.0338 3824  ALG - ok
10:56:17.0375 3824  [ 496EDA16A127AC9A38BB285BEF17DBB5 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:56:17.0412 3824  aliide - ok
10:56:17.0452 3824  [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:56:17.0474 3824  amdagp - ok
10:56:17.0508 3824  [ 6F65F4147C54398D7280B18CEBBED215 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:56:17.0529 3824  amdide - ok
10:56:17.0602 3824  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:56:17.0827 3824  AmdK7 - ok
10:56:17.0853 3824  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:56:17.0956 3824  AmdK8 - ok
10:56:18.0068 3824  [ 3EC77A3849350B40D2D9002BA560E554 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:56:18.0094 3824  AntiVirSchedulerService - ok
10:56:18.0184 3824  [ 1D6D44493488923CF6E82339E189EAD6 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:56:18.0198 3824  AntiVirService - ok
10:56:18.0259 3824  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
10:56:18.0316 3824  Appinfo - ok
10:56:18.0343 3824  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
10:56:18.0366 3824  arc - ok
10:56:18.0418 3824  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:56:18.0440 3824  arcsas - ok
10:56:18.0495 3824  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:56:18.0558 3824  AsyncMac - ok
10:56:18.0591 3824  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:56:18.0612 3824  atapi - ok
10:56:18.0673 3824  [ 69E65A2CE11619F0C868967CA9540B80 ] ATSWPDRV        C:\Windows\system32\DRIVERS\ATSwpDrv.sys
10:56:18.0704 3824  ATSWPDRV - ok
10:56:18.0749 3824  [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:56:18.0823 3824  AudioEndpointBuilder - ok
10:56:18.0860 3824  [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:56:18.0904 3824  Audiosrv - ok
10:56:18.0954 3824  [ 40A34E457431625086F7E161E59A0528 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:56:18.0979 3824  avgntflt - ok
10:56:19.0057 3824  [ F260F2EE3D21D00BEC0B08068E27BADB ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:56:19.0088 3824  avipbb - ok
10:56:19.0156 3824  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:56:19.0182 3824  avkmgr - ok
10:56:19.0224 3824  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:56:19.0304 3824  Beep - ok
10:56:19.0371 3824  [ 8582E233C346AEFE759833E8A30DD697 ] BFE             C:\Windows\System32\bfe.dll
10:56:19.0487 3824  BFE - ok
10:56:19.0585 3824  [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS            C:\Windows\System32\qmgr.dll
10:56:19.0755 3824  BITS - ok
10:56:19.0766 3824  blbdrive - ok
10:56:19.0819 3824  [ 8153396D5551276227FA146900F734E6 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:56:19.0910 3824  bowser - ok
10:56:19.0955 3824  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:56:20.0001 3824  BrFiltLo - ok
10:56:20.0022 3824  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:56:20.0110 3824  BrFiltUp - ok
10:56:20.0182 3824  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
10:56:20.0299 3824  Browser - ok
10:56:20.0350 3824  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:56:20.0501 3824  Brserid - ok
10:56:20.0557 3824  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:56:20.0678 3824  BrSerWdm - ok
10:56:20.0712 3824  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:56:20.0774 3824  BrUsbMdm - ok
10:56:20.0810 3824  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:56:20.0910 3824  BrUsbSer - ok
10:56:20.0942 3824  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:56:21.0005 3824  BTHMODEM - ok
10:56:21.0058 3824  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:56:21.0149 3824  cdfs - ok
10:56:21.0174 3824  [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:56:21.0230 3824  cdrom - ok
10:56:21.0322 3824  [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc     C:\Windows\System32\certprop.dll
10:56:21.0393 3824  CertPropSvc - ok
10:56:21.0442 3824  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:56:21.0556 3824  circlass - ok
10:56:21.0613 3824  [ 465745561C832B29F7C48B488AAB3842 ] CLFS            C:\Windows\system32\CLFS.sys
10:56:21.0657 3824  CLFS - ok
10:56:21.0753 3824  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:56:21.0867 3824  clr_optimization_v2.0.50727_32 - ok
10:56:21.0949 3824  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:56:21.0993 3824  clr_optimization_v4.0.30319_32 - ok
10:56:22.0043 3824  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:56:22.0125 3824  CmBatt - ok
10:56:22.0181 3824  [ 59172A0724F2AB769F31D61B0571D75B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:56:22.0202 3824  cmdide - ok
10:56:22.0260 3824  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:56:22.0280 3824  Compbatt - ok
10:56:22.0288 3824  COMSysApp - ok
10:56:22.0552 3824  [ 20D4DF9FB904CAE0DACDAA86FE6466B9 ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
10:56:22.0636 3824  CoordinatorServiceHost - ok
10:56:22.0648 3824  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:56:22.0684 3824  crcdisk - ok
10:56:22.0739 3824  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:56:22.0829 3824  Crusoe - ok
10:56:22.0888 3824  [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:56:22.0929 3824  CryptSvc - ok
10:56:22.0984 3824  [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
10:56:23.0079 3824  CVirtA - ok
10:56:23.0201 3824  [ 98B1B70E250EBCA7B7A0A56AD2A7E62F ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
10:56:23.0460 3824  CVPND - ok
10:56:23.0519 3824  [ 465CED77E7C4F9D71B81BA600EDAFAC1 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
10:56:23.0624 3824  CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
10:56:23.0624 3824  CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
10:56:23.0695 3824  [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:56:23.0858 3824  DcomLaunch - ok
10:56:23.0901 3824  [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:56:24.0012 3824  DfsC - ok
10:56:24.0134 3824  [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR            C:\Windows\system32\DFSR.exe
10:56:24.0468 3824  DFSR - ok
10:56:24.0537 3824  [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:56:24.0615 3824  Dhcp - ok
10:56:24.0663 3824  [ 64109E623ABD6955C8FB110B592E68B7 ] disk            C:\Windows\system32\drivers\disk.sys
10:56:24.0687 3824  disk - ok
10:56:24.0719 3824  [ 86D52C32A308F84BBC626BFF7C1FB710 ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
10:56:24.0748 3824  DNE - ok
10:56:24.0779 3824  [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:56:24.0870 3824  Dnscache - ok
10:56:24.0940 3824  [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:56:25.0005 3824  dot3svc - ok
10:56:25.0053 3824  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
10:56:25.0112 3824  DPS - ok
10:56:25.0155 3824  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:56:25.0197 3824  drmkaud - ok
10:56:25.0248 3824  [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:56:25.0394 3824  DXGKrnl - ok
10:56:25.0451 3824  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:56:25.0568 3824  E1G60 - ok
10:56:25.0615 3824  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
10:56:25.0695 3824  EapHost - ok
10:56:25.0763 3824  [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:56:25.0803 3824  Ecache - ok
10:56:25.0882 3824  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:56:26.0001 3824  ehRecvr - ok
10:56:26.0049 3824  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
10:56:26.0186 3824  ehSched - ok
10:56:26.0236 3824  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
10:56:26.0274 3824  ehstart - ok
10:56:26.0364 3824  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:56:26.0403 3824  elxstor - ok
10:56:26.0464 3824  [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:56:26.0561 3824  EMDMgmt - ok
10:56:26.0643 3824  [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem     C:\Windows\system32\es.dll
10:56:26.0743 3824  EventSystem - ok
10:56:26.0813 3824  [ 708C29170F6BEAA1592A78198BD6B50E ] EverestDriver   C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
10:56:26.0831 3824  EverestDriver - ok
10:56:26.0904 3824  [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat           C:\Windows\system32\drivers\exfat.sys
10:56:26.0998 3824  exfat - ok
10:56:27.0047 3824  [ 3C489390C2E2064563727752AF8EAB9E ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:56:27.0170 3824  fastfat - ok
10:56:27.0216 3824  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:56:27.0377 3824  fdc - ok
10:56:27.0417 3824  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:56:27.0531 3824  fdPHost - ok
10:56:27.0563 3824  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:56:27.0676 3824  FDResPub - ok
10:56:27.0711 3824  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:56:27.0735 3824  FileInfo - ok
10:56:27.0780 3824  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:56:27.0855 3824  Filetrace - ok
10:56:28.0020 3824  [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe
10:56:28.0231 3824  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
10:56:28.0232 3824  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
10:56:28.0341 3824  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:56:28.0469 3824  FLEXnet Licensing Service - ok
10:56:28.0524 3824  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:56:28.0665 3824  flpydisk - ok
10:56:28.0727 3824  [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:56:28.0789 3824  FltMgr - ok
10:56:28.0864 3824  [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:56:28.0886 3824  FontCache3.0.0.0 - ok
10:56:28.0931 3824  [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:56:28.0976 3824  Fs_Rec - ok
10:56:29.0055 3824  [ B45F1DF1CCE34E2AF422F0ED78CD70EF ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
10:56:29.0129 3824  FWLANUSB - ok
10:56:29.0165 3824  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:56:29.0196 3824  gagp30kx - ok
10:56:29.0241 3824  [ D9F1113D9401185245573350712F92FC ] gpsvc           C:\Windows\System32\gpsvc.dll
10:56:29.0446 3824  gpsvc - ok
10:56:29.0560 3824  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
10:56:29.0584 3824  gupdate - ok
10:56:29.0627 3824  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:56:29.0649 3824  gupdatem - ok
10:56:29.0732 3824  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:56:29.0759 3824  gusvc - ok
10:56:29.0810 3824  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:56:29.0939 3824  HdAudAddService - ok
10:56:29.0995 3824  [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:56:30.0092 3824  HDAudBus - ok
10:56:30.0162 3824  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:56:30.0293 3824  HidBth - ok
10:56:30.0319 3824  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:56:30.0388 3824  HidIr - ok
10:56:30.0456 3824  [ 8FA640195279ACE21BEA91396A0054FC ] hidserv         C:\Windows\system32\hidserv.dll
10:56:30.0528 3824  hidserv - ok
10:56:30.0571 3824  [ 854CA287AB7FAF949617A788306D967E ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:56:30.0633 3824  HidUsb - ok
10:56:30.0706 3824  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:56:30.0883 3824  hkmsvc - ok
10:56:30.0927 3824  [ 8B566EA71D5B76157A9CDB78F25A5731 ] Hotkey          C:\Windows\system32\drivers\Hotkey.sys
10:56:30.0948 3824  Hotkey ( UnsignedFile.Multi.Generic ) - warning
10:56:30.0948 3824  Hotkey - detected UnsignedFile.Multi.Generic (1)
10:56:30.0980 3824  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:56:31.0001 3824  HpCISSs - ok
10:56:31.0944 3824  [ 96E241624C71211A79C84F50A8E71CAB ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:56:32.0049 3824  HTTP - ok
10:56:32.0094 3824  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:56:32.0115 3824  i2omp - ok
10:56:32.0205 3824  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:56:32.0289 3824  i8042prt - ok
10:56:32.0399 3824  [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
10:56:32.0471 3824  IAANTMON - ok
10:56:32.0502 3824  [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:56:32.0518 3824  iaStor - ok
10:56:32.0574 3824  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:56:32.0610 3824  iaStorV - ok
10:56:32.0677 3824  [ F88E5DC5CA4C3F1AEB32169AB20D0B5A ] ICQ Service     C:\Program Files\ICQ6Toolbar\ICQ Service.exe
10:56:32.0722 3824  ICQ Service - ok
10:56:32.0795 3824  [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:56:32.0954 3824  idsvc - ok
10:56:33.0070 3824  [ C134E69CE901422D1F2D7EA8D69098FE ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
10:56:33.0361 3824  igfx - ok
10:56:33.0410 3824  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:56:33.0431 3824  iirsp - ok
10:56:33.0481 3824  [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT          C:\Windows\System32\ikeext.dll
10:56:33.0563 3824  IKEEXT - ok
10:56:33.0669 3824  [ A82C70CBAEC7B10E4C9C1341D729640F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:56:33.0868 3824  IntcAzAudAddService - ok
10:56:33.0916 3824  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:56:33.0950 3824  intelide - ok
10:56:33.0982 3824  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:56:34.0038 3824  intelppm - ok
10:56:34.0073 3824  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:56:34.0117 3824  IPBusEnum - ok
10:56:34.0151 3824  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:56:34.0192 3824  IpFilterDriver - ok
10:56:34.0232 3824  [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:56:34.0288 3824  iphlpsvc - ok
10:56:34.0296 3824  IpInIp - ok
10:56:34.0361 3824  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:56:34.0469 3824  IPMIDRV - ok
10:56:34.0513 3824  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:56:34.0575 3824  IPNAT - ok
10:56:34.0615 3824  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:56:34.0675 3824  IRENUM - ok
10:56:34.0703 3824  [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:56:34.0728 3824  isapnp - ok
10:56:34.0785 3824  [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:56:34.0820 3824  iScsiPrt - ok
10:56:34.0849 3824  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:56:34.0874 3824  iteatapi - ok
10:56:34.0918 3824  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:56:34.0943 3824  iteraid - ok
10:56:34.0979 3824  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:56:35.0008 3824  kbdclass - ok
10:56:35.0040 3824  [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:56:35.0128 3824  kbdhid - ok
10:56:35.0168 3824  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso          C:\Windows\system32\lsass.exe
10:56:35.0231 3824  KeyIso - ok
10:56:35.0288 3824  [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:56:35.0364 3824  KSecDD - ok
10:56:35.0393 3824  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:56:35.0479 3824  KtmRm - ok
10:56:35.0520 3824  [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:56:35.0574 3824  LanmanServer - ok
10:56:35.0624 3824  [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:56:35.0675 3824  LanmanWorkstation - ok
10:56:35.0699 3824  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:56:35.0742 3824  lltdio - ok
10:56:35.0787 3824  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:56:35.0873 3824  lltdsvc - ok
10:56:35.0913 3824  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:56:35.0979 3824  lmhosts - ok
10:56:36.0094 3824  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:56:36.0121 3824  LSI_FC - ok
10:56:36.0142 3824  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:56:36.0172 3824  LSI_SAS - ok
10:56:36.0194 3824  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:56:36.0228 3824  LSI_SCSI - ok
10:56:36.0271 3824  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
10:56:36.0341 3824  luafv - ok
10:56:36.0390 3824  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:56:36.0421 3824  MBAMProtector - ok
10:56:36.0576 3824  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:56:36.0679 3824  MBAMScheduler - ok
10:56:36.0743 3824  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:56:36.0816 3824  MBAMService - ok
10:56:36.0855 3824  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:56:36.0903 3824  Mcx2Svc - ok
10:56:36.0957 3824  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
10:56:36.0983 3824  megasas - ok
10:56:37.0026 3824  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
10:56:37.0081 3824  MMCSS - ok
10:56:37.0115 3824  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
10:56:37.0187 3824  Modem - ok
10:56:37.0238 3824  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:56:37.0306 3824  monitor - ok
10:56:37.0331 3824  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:56:37.0362 3824  mouclass - ok
10:56:37.0424 3824  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:56:37.0496 3824  mouhid - ok
10:56:37.0542 3824  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:56:37.0580 3824  MountMgr - ok
10:56:37.0620 3824  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:56:37.0663 3824  mpio - ok
10:56:37.0700 3824  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:56:37.0757 3824  mpsdrv - ok
10:56:37.0801 3824  [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:56:37.0902 3824  MpsSvc - ok
10:56:37.0925 3824  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:56:37.0945 3824  Mraid35x - ok
10:56:37.0978 3824  [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:56:38.0076 3824  MRxDAV - ok
10:56:38.0111 3824  [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:56:38.0173 3824  mrxsmb - ok
10:56:38.0212 3824  [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:56:38.0290 3824  mrxsmb10 - ok
10:56:38.0326 3824  [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:56:38.0373 3824  mrxsmb20 - ok
10:56:38.0393 3824  [ 86068B8B54A5EB092F51657F00B2222A ] msahci          C:\Windows\system32\drivers\msahci.sys
10:56:38.0415 3824  msahci - ok
10:56:38.0441 3824  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:56:38.0469 3824  msdsm - ok
10:56:38.0513 3824  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
10:56:38.0585 3824  MSDTC - ok
10:56:38.0634 3824  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:56:38.0684 3824  Msfs - ok
10:56:38.0731 3824  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:56:38.0758 3824  msisadrv - ok
10:56:38.0799 3824  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:56:38.0865 3824  MSiSCSI - ok
10:56:38.0876 3824  msiserver - ok
10:56:38.0908 3824  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:56:38.0956 3824  MSKSSRV - ok
10:56:39.0001 3824  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:56:39.0050 3824  MSPCLOCK - ok
10:56:39.0074 3824  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:56:39.0127 3824  MSPQM - ok
10:56:39.0143 3824  [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:56:39.0176 3824  MsRPC - ok
10:56:39.0202 3824  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:56:39.0230 3824  mssmbios - ok
10:56:39.0251 3824  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:56:39.0290 3824  MSTEE - ok
10:56:39.0472 3824  [ 73FA09B84B23A1897809A84F976D5D99 ] msvsmon80       C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
10:56:39.0809 3824  msvsmon80 - ok
10:56:39.0855 3824  [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup             C:\Windows\system32\Drivers\mup.sys
10:56:39.0881 3824  Mup - ok
10:56:39.0958 3824  [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent        C:\Windows\system32\qagentRT.dll
10:56:40.0022 3824  napagent - ok
10:56:40.0066 3824  [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:56:40.0115 3824  NativeWifiP - ok
10:56:40.0158 3824  [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:56:40.0261 3824  NDIS - ok
10:56:40.0319 3824  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:56:40.0375 3824  NdisTapi - ok
10:56:40.0415 3824  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:56:40.0470 3824  Ndisuio - ok
10:56:40.0496 3824  [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:56:40.0553 3824  NdisWan - ok
10:56:40.0579 3824  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:56:40.0616 3824  NDProxy - ok
10:56:40.0717 3824  [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
10:56:40.0811 3824  Nero BackItUp Scheduler 3 - ok
10:56:40.0846 3824  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:56:40.0914 3824  NetBIOS - ok
10:56:40.0949 3824  [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:56:41.0037 3824  netbt - ok
10:56:41.0060 3824  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon        C:\Windows\system32\lsass.exe
10:56:41.0087 3824  Netlogon - ok
10:56:41.0123 3824  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
10:56:41.0192 3824  Netman - ok
10:56:41.0221 3824  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
10:56:41.0259 3824  netprofm - ok
10:56:41.0304 3824  [ B05FFE38336193A9B988B00B230C5B80 ] netr28          C:\Windows\system32\DRIVERS\netr28.sys
10:56:41.0383 3824  netr28 - ok
10:56:41.0410 3824  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:56:41.0440 3824  NetTcpPortSharing - ok
10:56:41.0483 3824  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:56:41.0505 3824  nfrd960 - ok
10:56:41.0546 3824  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:56:41.0597 3824  NlaSvc - ok
10:56:41.0698 3824  [ D36107465E716CF2335A25C54B6D11C2 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
10:56:41.0771 3824  NMIndexingService - ok
10:56:41.0820 3824  [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:56:41.0863 3824  Npfs - ok
10:56:41.0897 3824  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
10:56:41.0952 3824  nsi - ok
10:56:41.0988 3824  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:56:42.0053 3824  nsiproxy - ok
10:56:42.0129 3824  [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:56:42.0302 3824  Ntfs - ok
10:56:42.0360 3824  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:56:42.0441 3824  ntrigdigi - ok
10:56:42.0504 3824  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
10:56:42.0549 3824  Null - ok
10:56:42.0573 3824  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:56:42.0601 3824  nvraid - ok
10:56:42.0626 3824  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:56:42.0649 3824  nvstor - ok
10:56:42.0677 3824  [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:56:42.0703 3824  nv_agp - ok
10:56:42.0709 3824  NwlnkFlt - ok
10:56:42.0719 3824  NwlnkFwd - ok
10:56:42.0820 3824  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:56:42.0879 3824  odserv - ok
10:56:42.0927 3824  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:56:43.0048 3824  ohci1394 - ok
10:56:43.0126 3824  [ 27915BDFF44CA08E85DA3D1DDB7B6ECD ] omniserv        C:\Program Files\Softex\OmniPass\OmniServ.exe
10:56:43.0156 3824  omniserv ( UnsignedFile.Multi.Generic ) - warning
10:56:43.0156 3824  omniserv - detected UnsignedFile.Multi.Generic (1)
10:56:43.0209 3824  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:56:43.0243 3824  ose - ok
10:56:43.0298 3824  [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:56:43.0463 3824  p2pimsvc - ok
10:56:43.0479 3824  [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:56:43.0525 3824  p2psvc - ok
10:56:43.0585 3824  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
10:56:43.0674 3824  Parport - ok
10:56:43.0705 3824  [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:56:43.0739 3824  partmgr - ok
10:56:43.0770 3824  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:56:43.0853 3824  Parvdm - ok
10:56:43.0886 3824  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:56:43.0927 3824  PcaSvc - ok
10:56:43.0967 3824  [ 01B94418DEB235DFF777CC80076354B4 ] pci             C:\Windows\system32\drivers\pci.sys
10:56:44.0005 3824  pci - ok
10:56:44.0042 3824  [ 304048C2565A803D091CCA1AC945F593 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:56:44.0071 3824  pciide - ok
10:56:44.0096 3824  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:56:44.0136 3824  pcmcia - ok
10:56:44.0201 3824  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:56:44.0371 3824  PEAUTH - ok
10:56:44.0450 3824  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
10:56:44.0725 3824  pla - ok
10:56:44.0782 3824  [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:56:44.0850 3824  PlugPlay - ok
10:56:44.0876 3824  [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:56:44.0907 3824  PNRPAutoReg - ok
10:56:44.0954 3824  [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:56:45.0023 3824  PNRPsvc - ok
10:56:45.0078 3824  [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:56:45.0185 3824  PolicyAgent - ok
10:56:45.0237 3824  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:56:45.0300 3824  PptpMiniport - ok
10:56:45.0324 3824  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
10:56:45.0409 3824  Processor - ok
10:56:45.0459 3824  [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:56:45.0512 3824  ProfSvc - ok
10:56:45.0529 3824  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:56:45.0547 3824  ProtectedStorage - ok
10:56:45.0583 3824  [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:56:45.0644 3824  PSched - ok
10:56:45.0682 3824  [ B6A1692FC131F1FE5162513D78A9B6FC ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
10:56:45.0708 3824  PxHelp20 - ok
10:56:45.0787 3824  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:56:45.0914 3824  ql2300 - ok
10:56:45.0956 3824  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:56:45.0998 3824  ql40xx - ok
10:56:46.0037 3824  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
10:56:46.0089 3824  QWAVE - ok
10:56:46.0121 3824  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:56:46.0153 3824  QWAVEdrv - ok
10:56:46.0180 3824  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:56:46.0218 3824  RasAcd - ok
10:56:46.0270 3824  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
10:56:46.0320 3824  RasAuto - ok
10:56:46.0357 3824  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:56:46.0405 3824  Rasl2tp - ok
10:56:46.0444 3824  [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan          C:\Windows\System32\rasmans.dll
10:56:46.0530 3824  RasMan - ok
10:56:46.0559 3824  [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:56:46.0628 3824  RasPppoe - ok
10:56:46.0660 3824  [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:56:46.0717 3824  RasSstp - ok
10:56:46.0745 3824  [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:56:46.0868 3824  rdbss - ok
10:56:46.0908 3824  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:56:46.0945 3824  RDPCDD - ok
10:56:46.0986 3824  [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:56:47.0092 3824  rdpdr - ok
10:56:47.0117 3824  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:56:47.0160 3824  RDPENCDD - ok
10:56:47.0209 3824  [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:56:47.0285 3824  RDPWD - ok
10:56:47.0387 3824  [ 7C02EFBF8B3A2933700C323ED13D0789 ] Remote Solver for Flow Simulation 2010 C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
10:56:47.0420 3824  Remote Solver for Flow Simulation 2010 - ok
10:56:47.0469 3824  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:56:47.0561 3824  RemoteAccess - ok
10:56:47.0601 3824  [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:56:47.0646 3824  RemoteRegistry - ok
10:56:47.0727 3824  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
10:56:47.0763 3824  RichVideo - ok
10:56:47.0797 3824  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
10:56:47.0864 3824  RpcLocator - ok
10:56:47.0898 3824  [ 301AE00E12408650BADDC04DBC832830 ] RpcSs           C:\Windows\system32\rpcss.dll
10:56:47.0932 3824  RpcSs - ok
10:56:47.0966 3824  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:56:48.0010 3824  rspndr - ok
10:56:48.0059 3824  [ 9621807BF414BCA55B3EF3C4591A2F20 ] rt2500usb       C:\Windows\system32\DRIVERS\rt2500usb.sys
10:56:48.0121 3824  rt2500usb - ok
10:56:48.0152 3824  [ B8B159FA669C6386A458FCD468EBB1E6 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
10:56:48.0222 3824  RTL8169 - ok
10:56:48.0284 3824  [ 0D1C1B0DE2819FE1EA25098183130B64 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
10:56:48.0324 3824  RTSTOR - ok
10:56:48.0342 3824  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs           C:\Windows\system32\lsass.exe
10:56:48.0368 3824  SamSs - ok
10:56:48.0406 3824  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:56:48.0438 3824  sbp2port - ok
10:56:48.0481 3824  [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:56:48.0579 3824  SCardSvr - ok
10:56:48.0625 3824  [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule        C:\Windows\system32\schedsvc.dll
10:56:48.0752 3824  Schedule - ok
10:56:48.0797 3824  [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:56:48.0835 3824  SCPolicySvc - ok
10:56:48.0868 3824  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:56:48.0984 3824  SDRSVC - ok
10:56:49.0017 3824  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:56:49.0092 3824  secdrv - ok
10:56:49.0124 3824  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
10:56:49.0160 3824  seclogon - ok
10:56:49.0186 3824  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
10:56:49.0234 3824  SENS - ok
10:56:49.0279 3824  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:56:49.0367 3824  Serenum - ok
10:56:49.0394 3824  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
10:56:49.0498 3824  Serial - ok
10:56:49.0536 3824  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:56:49.0577 3824  sermouse - ok
10:56:49.0629 3824  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:56:49.0679 3824  SessionEnv - ok
10:56:49.0724 3824  [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:56:49.0788 3824  sffdisk - ok
10:56:49.0817 3824  [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:56:49.0866 3824  sffp_mmc - ok
10:56:49.0898 3824  [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:56:49.0949 3824  sffp_sd - ok
10:56:49.0986 3824  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:56:50.0076 3824  sfloppy - ok
10:56:50.0107 3824  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:56:50.0183 3824  SharedAccess - ok
10:56:50.0225 3824  [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:56:50.0308 3824  ShellHWDetection - ok
10:56:50.0354 3824  [ 4346D5BBDDE7756D8614A3F193D60984 ] Si3531          C:\Windows\system32\DRIVERS\Si3531.sys
10:56:50.0400 3824  Si3531 - ok
10:56:50.0421 3824  [ E853C341BBF4AC0007A8DB0858DBB09D ] SiFilter        C:\Windows\system32\DRIVERS\SiWinAcc.sys
10:56:50.0441 3824  SiFilter - ok
10:56:50.0455 3824  [ D80E6F142EB4963E82A8537DD745F51B ] SiRemFil        C:\Windows\system32\DRIVERS\SiRemFil.sys
10:56:50.0475 3824  SiRemFil - ok
10:56:50.0498 3824  [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:56:50.0524 3824  sisagp - ok
10:56:50.0554 3824  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:56:50.0574 3824  SiSRaid2 - ok
10:56:50.0600 3824  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:56:50.0625 3824  SiSRaid4 - ok
10:56:50.0727 3824  [ 0BA91E1358AD25236863039BB2609A2E ] slsvc           C:\Windows\system32\SLsvc.exe
10:56:50.0988 3824  slsvc - ok
10:56:51.0036 3824  [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:56:51.0096 3824  SLUINotify - ok
10:56:51.0126 3824  [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:56:51.0177 3824  Smb - ok
10:56:51.0221 3824  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:56:51.0239 3824  SNMPTRAP - ok
10:56:51.0335 3824  [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
10:56:51.0358 3824  SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:56:51.0358 3824  SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:56:51.0382 3824  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
10:56:51.0403 3824  spldr - ok
10:56:51.0431 3824  [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler         C:\Windows\System32\spoolsv.exe
10:56:51.0475 3824  Spooler - ok
10:56:51.0516 3824  [ 2252AEF839B1093D16761189F45AF885 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:56:51.0604 3824  srv - ok
10:56:51.0639 3824  [ B7FF59408034119476B00A81BB53D5D1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:56:51.0715 3824  srv2 - ok
10:56:51.0820 3824  [ BF94A7553EF257D70CB2287BF7A3BCE1 ] srvcPVR         C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
10:56:52.0062 3824  srvcPVR ( UnsignedFile.Multi.Generic ) - warning
10:56:52.0063 3824  srvcPVR - detected UnsignedFile.Multi.Generic (1)
10:56:52.0113 3824  [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:56:52.0168 3824  srvnet - ok
10:56:52.0206 3824  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:56:52.0332 3824  SSDPSRV - ok
10:56:52.0381 3824  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
10:56:52.0413 3824  ssmdrv - ok
10:56:52.0466 3824  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:56:52.0510 3824  SstpSvc - ok
10:56:52.0553 3824  [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc          C:\Windows\System32\wiaservc.dll
10:56:52.0679 3824  stisvc - ok
10:56:52.0709 3824  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:56:52.0732 3824  swenum - ok
10:56:52.0775 3824  [ B36C7CDB86F7F7A8E884479219766950 ] swprv           C:\Windows\System32\swprv.dll
10:56:52.0880 3824  swprv - ok
10:56:52.0918 3824  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:56:52.0951 3824  Symc8xx - ok
10:56:52.0971 3824  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:56:52.0991 3824  Sym_hi - ok
10:56:53.0011 3824  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:56:53.0031 3824  Sym_u3 - ok
10:56:53.0088 3824  [ 4C6DE67EBB6C487F7690A373FCFDE279 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:56:53.0121 3824  SynTP - ok
10:56:53.0163 3824  [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain         C:\Windows\system32\sysmain.dll
10:56:53.0302 3824  SysMain - ok
10:56:53.0341 3824  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:56:53.0445 3824  TabletInputService - ok
10:56:53.0516 3824  [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:56:53.0588 3824  TapiSrv - ok
10:56:53.0628 3824  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
10:56:53.0684 3824  TBS - ok
10:56:53.0745 3824  [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:56:53.0877 3824  Tcpip - ok
10:56:53.0929 3824  [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:56:53.0996 3824  Tcpip6 - ok
10:56:54.0019 3824  [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:56:54.0070 3824  tcpipreg - ok
10:56:54.0109 3824  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:56:54.0164 3824  TDPIPE - ok
10:56:54.0221 3824  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:56:54.0279 3824  TDTCP - ok
10:56:54.0318 3824  [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:56:54.0378 3824  tdx - ok
10:56:54.0393 3824  [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:56:54.0426 3824  TermDD - ok
10:56:54.0467 3824  [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService     C:\Windows\System32\termsrv.dll
10:56:54.0545 3824  TermService - ok
10:56:54.0573 3824  [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes          C:\Windows\system32\shsvcs.dll
10:56:54.0596 3824  Themes - ok
10:56:54.0614 3824  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
10:56:54.0652 3824  THREADORDER - ok
10:56:54.0684 3824  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
10:56:54.0719 3824  TrkWks - ok
10:56:54.0781 3824  [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:56:54.0813 3824  TrustedInstaller - ok
10:56:54.0853 3824  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:56:54.0891 3824  tssecsrv - ok
10:56:54.0947 3824  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:56:55.0016 3824  tunmp - ok
10:56:55.0051 3824  [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:56:55.0083 3824  tunnel - ok
10:56:55.0124 3824  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:56:55.0153 3824  uagp35 - ok
10:56:55.0213 3824  [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:56:55.0306 3824  udfs - ok
10:56:55.0345 3824  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:56:55.0397 3824  UI0Detect - ok
10:56:55.0429 3824  [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:56:55.0454 3824  uliagpkx - ok
10:56:55.0487 3824  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:56:55.0523 3824  uliahci - ok
10:56:55.0547 3824  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:56:55.0572 3824  UlSata - ok
10:56:55.0600 3824  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:56:55.0626 3824  ulsata2 - ok
10:56:55.0655 3824  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:56:55.0703 3824  umbus - ok
10:56:55.0744 3824  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
10:56:55.0810 3824  upnphost - ok
10:56:55.0884 3824  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:56:55.0974 3824  usbccgp - ok
10:56:56.0000 3824  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:56:56.0124 3824  usbcir - ok
10:56:56.0159 3824  [ CEBE90821810E76320155BEBA722FCF9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:56:56.0215 3824  usbehci - ok
10:56:56.0254 3824  [ CC6B28E4CE39951357963119CE47B143 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:56:56.0318 3824  usbhub - ok
10:56:56.0352 3824  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:56:56.0471 3824  usbohci - ok
10:56:56.0573 3824  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:56:56.0649 3824  usbprint - ok
10:56:56.0679 3824  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:56:56.0759 3824  usbscan - ok
10:56:56.0794 3824  [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:56:56.0885 3824  USBSTOR - ok
10:56:56.0932 3824  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:56:56.0996 3824  usbuhci - ok
10:56:57.0053 3824  [ 8CFFEB4AF074FD3E24BAD6381CC33361 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:56:57.0104 3824  usbvideo - ok
10:56:57.0173 3824  [ C5B70A6AA947667CE0E5FC84A05EC8B6 ] usnjsvc         C:\Program Files\MSN Messenger\usnsvc.exe
10:56:57.0196 3824  usnjsvc - ok
10:56:57.0241 3824  [ 032A0ACC3909AE7215D524E29D536797 ] UxSms           C:\Windows\System32\uxsms.dll
10:56:57.0312 3824  UxSms - ok
10:56:57.0355 3824  [ B13BC395B9D6116628F5AF47E0802AC4 ] vds             C:\Windows\System32\vds.exe
10:56:57.0445 3824  vds - ok
10:56:57.0492 3824  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:56:57.0575 3824  vga - ok
10:56:57.0601 3824  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:56:57.0639 3824  VgaSave - ok
10:56:57.0668 3824  [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:56:57.0692 3824  viaagp - ok
10:56:57.0717 3824  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:56:57.0781 3824  ViaC7 - ok
10:56:57.0801 3824  [ 7AA7EC9A08DC2C39649C413B1A26E298 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:56:57.0822 3824  viaide - ok
10:56:57.0847 3824  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:56:57.0870 3824  volmgr - ok
10:56:57.0900 3824  [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:56:57.0939 3824  volmgrx - ok
10:56:57.0958 3824  [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:56:57.0990 3824  volsnap - ok
10:56:58.0015 3824  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:56:58.0039 3824  vsmraid - ok
10:56:58.0103 3824  [ D5FB73D19C46ADE183F968E13F186B23 ] VSS             C:\Windows\system32\vssvc.exe
10:56:58.0270 3824  VSS - ok
10:56:58.0316 3824  [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time         C:\Windows\system32\w32time.dll
10:56:58.0363 3824  W32Time - ok
10:56:58.0397 3824  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:56:58.0475 3824  WacomPen - ok
10:56:58.0505 3824  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:56:58.0540 3824  Wanarp - ok
10:56:58.0549 3824  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:56:58.0575 3824  Wanarpv6 - ok
10:56:58.0616 3824  [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:56:58.0673 3824  wcncsvc - ok
10:56:58.0703 3824  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:56:58.0749 3824  WcsPlugInService - ok
10:56:58.0780 3824  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
10:56:58.0800 3824  Wd - ok
10:56:58.0835 3824  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:56:58.0893 3824  Wdf01000 - ok
10:56:58.0930 3824  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:56:58.0981 3824  WdiServiceHost - ok
10:56:58.0988 3824  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:56:59.0030 3824  WdiSystemHost - ok
10:56:59.0070 3824  [ CF9A5F41789B642DB967021DE06A2713 ] WebClient       C:\Windows\System32\webclnt.dll
10:56:59.0105 3824  WebClient - ok
10:56:59.0136 3824  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:56:59.0251 3824  Wecsvc - ok
10:56:59.0285 3824  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:56:59.0331 3824  wercplsupport - ok
10:56:59.0360 3824  [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:56:59.0416 3824  WerSvc - ok
10:56:59.0484 3824  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
10:56:59.0540 3824  WinDefend - ok
10:56:59.0551 3824  WinHttpAutoProxySvc - ok
10:56:59.0618 3824  [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:56:59.0717 3824  Winmgmt - ok
10:56:59.0788 3824  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:56:59.0912 3824  WinRM - ok
10:56:59.0984 3824  [ F0FE933E27F1E2A83FF322A0693A4724 ] WisLMSvc        C:\Program Files\Launch Manager\WisLMSvc.exe
10:57:00.0030 3824  WisLMSvc ( UnsignedFile.Multi.Generic ) - warning
10:57:00.0030 3824  WisLMSvc - detected UnsignedFile.Multi.Generic (1)
10:57:00.0088 3824  [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:57:00.0221 3824  Wlansvc - ok
10:57:00.0256 3824  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:57:00.0312 3824  WmiAcpi - ok
10:57:00.0355 3824  [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:57:00.0420 3824  wmiApSrv - ok
10:57:00.0500 3824  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:57:00.0680 3824  WMPNetworkSvc - ok
10:57:00.0729 3824  [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:57:00.0811 3824  WPCSvc - ok
10:57:00.0860 3824  [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:57:00.0911 3824  WPDBusEnum - ok
10:57:00.0961 3824  [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:57:00.0995 3824  WpdUsb - ok
10:57:01.0113 3824  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:57:01.0206 3824  WPFFontCache_v0400 - ok
10:57:01.0249 3824  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:57:01.0319 3824  ws2ifsl - ok
10:57:01.0365 3824  [ 683DD16B590372F2C9661D277F35E49C ] wscsvc          C:\Windows\System32\wscsvc.dll
10:57:01.0412 3824  wscsvc - ok
10:57:01.0418 3824  WSearch - ok
10:57:01.0512 3824  [ 6298277B73C77FA99106B271A7525163 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:57:01.0613 3824  wuauserv - ok
10:57:01.0637 3824  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:57:01.0732 3824  WUDFRd - ok
10:57:01.0792 3824  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:57:01.0855 3824  wudfsvc - ok
10:57:01.0895 3824  [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF            C:\Windows\system32\Drivers\x10ufx2.sys
10:57:01.0920 3824  XUIF - ok
10:57:01.0954 3824  ================ Scan global ===============================
10:57:01.0976 3824  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
10:57:02.0018 3824  [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
10:57:02.0051 3824  [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
10:57:02.0094 3824  [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
10:57:02.0116 3824  [Global] - ok
10:57:02.0117 3824  ================ Scan MBR ==================================
10:57:02.0144 3824  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:57:02.0539 3824  \Device\Harddisk0\DR0 - ok
10:57:02.0540 3824  ================ Scan VBR ==================================
10:57:02.0547 3824  [ 6560BF0E08A37FF666EE2E6C1534D7D1 ] \Device\Harddisk0\DR0\Partition1
10:57:02.0549 3824  \Device\Harddisk0\DR0\Partition1 - ok
10:57:02.0559 3824  [ 586545A8B07085029511A50F11188508 ] \Device\Harddisk0\DR0\Partition2
10:57:02.0563 3824  \Device\Harddisk0\DR0\Partition2 - ok
10:57:02.0564 3824  ============================================================
10:57:02.0564 3824  Scan finished
10:57:02.0564 3824  ============================================================
10:57:02.0594 4644  Detected object count: 7
10:57:02.0594 4644  Actual detected object count: 7
10:58:06.0626 4644  CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:06.0626 4644  CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:58:06.0631 4644  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:06.0631 4644  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:58:06.0638 4644  Hotkey ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:06.0638 4644  Hotkey ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:58:06.0642 4644  omniserv ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:06.0642 4644  omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:58:06.0643 4644  SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:06.0643 4644  SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:58:06.0648 4644  srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:06.0648 4644  srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:58:06.0649 4644  WisLMSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:06.0649 4644  WisLMSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip