Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Notebook mit Windows Vista wird immer langsamer

Notebook mit Windows Vista wird immer langsamer


Plagegeister aller Art und deren Bekämpfung: Notebook mit Windows Vista wird immer langsamer

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 3 1 23
Alt 04.04.2015, 17:06   #1
k25391
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Guten Tag,

mein Notebook ist inzwischen extrem langsam geworden, so dass ich mich frage, ob ich mir nicht vielleicht ein paar Schädlinge eingefangen habe.
Den CC-Cleaner habe ich schon angewendet, ebenso den Spybot.

Mein Problem bei der ganzen Sache ist allerdings, daß ich von Technik so gut wie keine Ahnung habe. Ich bin 74 Jahre alt und mein Enkel, der mir das Notebook gegeben hat und den ich sonst immer fragen konnte, ist zum Austausch in Australien und daher nicht greifbar.
Er hat zwar versucht, mir am Telefon zu erklären, was ich tun soll, aber ich hab's nicht so ganz begriffen - leider... Dann meinte er, ich solle mein Problem hier schildern.

Das Notebook ist etwa 5 Jahre alt und von Compaq. Folgende Systemdaten habe ich gefunden: Windows Vista. 4 GB RAM. 32 Bit-Betriebssystem. Athlon Dual-Core QL-65 2.10 GHz.
Mein Virenscanner ist von Avira und aktualisiert sich selbständig.

Ich würde mich sehr freuen, wenn mir jemand weiterhelfen könnte. Allerdings fürchte ich, daß ich allzu technische Begriffe nicht verstehen werde. Es wäre daher schön, wenn die Anleitung sozusagen "Oma-freundlich" wäre...

Herzlichen Dank im Voraus!!!


Hier nun die in der Anleitung geforderten Daten. Ich hoffe, ich habe die richtigen gefunden:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:35 on 04/04/2015 (COMPAQ)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by COMPAQ (administrator) on COMPAQ-PC on 04-04-2015 17:49:04
Running from C:\Users\COMPAQ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29A3S3VZ
Loaded Profiles: COMPAQ (Available profiles: COMPAQ)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [hpqSRMon] => [X]
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-21] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe [960688 2015-02-05] (Adobe Systems Incorporated)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> {02BEB76C-FD85-488D-824A-490C9D3C0896} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM -> {1893805B-1D90-4ACF-BD58-FA96CA693B42} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM -> {F984C8C7-0FB4-4E22-AC3F-507BBA566358} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> DefaultScope F7B7846F6FD142C988F9AAAC5202D175 URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7SUNC_deDE355
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> F7B7846F6FD142C988F9AAAC5202D175 URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7SUNC_deDE355
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {02BEB76C-FD85-488D-824A-490C9D3C0896} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {1893805B-1D90-4ACF-BD58-FA96CA693B42} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {9122BE4A-A717-4D62-AB26-E01C0BEF14B5} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {C4638BAF-ACFB-4A4F-9E4E-D47382F4C43E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=d6c715e3-52b8-4672-ac74-fb52753f9418&apn_sauid=059F45F1-1C47-4892-899D-8775DEDD662B
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {F984C8C7-0FB4-4E22-AC3F-507BBA566358} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-07-17] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-07-16] (Apple Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905\Extensions\toolbar@web.de [2015-02-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-25]
FF HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-21] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2013-04-25] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-04 17:48 - 2015-04-04 17:49 - 00000000 ____D () C:\FRST
2015-04-04 15:57 - 2015-04-04 15:57 - 00000000 ____D () C:\ProgramData\Gigaset QuickSync
2015-04-04 15:52 - 2015-04-04 15:52 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Gigaset_Communications_Gm
2015-04-04 15:50 - 2015-04-04 15:50 - 00000000 ____D () C:\Windows\LastGood
2015-04-04 15:49 - 2015-04-04 15:49 - 00001821 _____ () C:\Users\Public\Desktop\Gigaset QuickSync.lnk
2015-04-04 15:49 - 2015-04-04 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync
2015-04-04 15:49 - 2015-04-04 15:49 - 00000000 ____D () C:\Program Files\Gigaset QuickSync
2015-04-04 15:43 - 2015-04-04 15:43 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Downloaded Installations
2015-03-17 00:18 - 2012-07-13 19:47 - 00443459 _____ () C:\Windows\system32\Drivers\etc\hosts.20150316-231835.backup
2015-03-16 23:50 - 2015-03-16 23:50 - 00000764 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-16 23:50 - 2015-03-16 23:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-11 21:14 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 21:14 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 21:13 - 2015-02-26 02:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 21:05 - 2015-02-20 04:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 21:05 - 2015-02-20 02:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 21:04 - 2015-02-26 04:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 21:04 - 2015-02-26 04:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 21:04 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 21:04 - 2015-01-09 04:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 21:04 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 21:02 - 2015-03-06 06:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 21:01 - 2014-10-13 03:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-11 21:00 - 2015-02-18 04:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 20:17 - 2015-02-21 19:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 20:17 - 2015-02-21 19:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-11 20:17 - 2015-02-21 19:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 20:17 - 2015-02-21 19:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 20:17 - 2015-02-21 19:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 20:17 - 2015-02-21 19:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 20:17 - 2015-02-21 19:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 20:17 - 2015-02-21 19:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-11 20:17 - 2015-02-21 19:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 20:17 - 2015-02-21 19:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 20:17 - 2015-02-21 19:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 20:17 - 2015-02-21 19:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 20:17 - 2015-02-21 19:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 20:17 - 2015-02-21 19:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-11 20:17 - 2015-02-21 19:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-11 20:17 - 2015-02-21 19:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-11 20:17 - 2015-02-21 19:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-04 17:44 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-04 17:44 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-04 17:40 - 2011-01-01 19:00 - 00000000 ____D () C:\Users\COMPAQ\AppData\Roaming\Skype
2015-04-04 17:36 - 2009-09-07 11:58 - 00000000 ____D () C:\Users\COMPAQ
2015-04-04 17:25 - 2012-09-10 22:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-04 16:39 - 2009-09-07 11:13 - 01925059 ____N () C:\Windows\WindowsUpdate.log
2015-04-04 16:36 - 2009-10-17 17:04 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2015-04-04 16:08 - 2009-09-22 20:16 - 00012800 _____ () C:\Users\COMPAQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-04 15:44 - 2006-11-02 12:33 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-04 15:38 - 2014-11-15 21:06 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-04-04 15:34 - 2009-09-14 18:58 - 00031966 _____ () C:\ProgramData\nvModes.dat
2015-04-04 15:34 - 2009-09-14 18:58 - 00031966 _____ () C:\ProgramData\nvModes.001
2015-04-04 15:33 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-02 17:43 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-16 23:56 - 2009-09-29 22:07 - 00000000 ____D () C:\Users\COMPAQ\Tracing
2015-03-16 23:56 - 2008-10-26 23:27 - 00000000 ____D () C:\Windows\panther
2015-03-16 23:55 - 2009-09-07 14:30 - 00000000 ____D () C:\Windows\Minidump
2015-03-13 12:27 - 2006-11-02 14:47 - 00355232 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 21:13 - 2013-08-15 14:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 21:06 - 2006-11-02 12:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-06 20:50 - 2013-03-10 11:00 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Deployment
2015-03-05 12:21 - 2012-12-17 14:47 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-05 12:21 - 2012-12-17 14:47 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-05 12:18 - 2014-10-20 11:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 12:17 - 2012-12-18 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 12:17 - 2012-12-17 14:47 - 00000000 ____D () C:\Program Files\Avira

==================== Files in the root of some directories =======

2012-03-28 22:44 - 2012-03-28 22:44 - 3993600 _____ () C:\Program Files\GUT7C59.tmp
2010-07-16 17:15 - 2010-07-16 17:15 - 0000268 ___RH () C:\Users\COMPAQ\AppData\Roaming\Textures
2010-07-16 17:19 - 2010-07-16 17:19 - 0000268 ___RH () C:\Users\COMPAQ\AppData\Roaming\Track Settings
2009-09-09 17:08 - 2013-12-04 00:36 - 0000392 _____ () C:\Users\COMPAQ\AppData\Roaming\wklnhst.dat
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\AtStart.txt
2010-03-05 20:53 - 2012-12-15 00:39 - 0007808 _____ () C:\Users\COMPAQ\AppData\Local\d3d9caps.dat
2009-09-22 20:16 - 2015-04-04 16:08 - 0012800 _____ () C:\Users\COMPAQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\DSwitch.txt
2011-02-10 22:30 - 2014-03-03 20:58 - 0000600 _____ () C:\Users\COMPAQ\AppData\Local\PUTTY.RND
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\QSwitch.txt
2011-07-25 00:58 - 2011-07-25 00:58 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\{D41DDEB0-E855-4C54-B9AB-B9F40547BA67}
2009-09-07 11:28 - 2013-03-23 16:40 - 0000248 _____ () C:\ProgramData\hpqp.ini
2009-11-02 12:43 - 2013-05-13 19:55 - 0000021 _____ () C:\ProgramData\hpqp.txt
2009-09-25 19:25 - 2012-02-02 14:52 - 0004978 _____ () C:\ProgramData\hpzinstall.log
2009-09-14 18:58 - 2015-04-04 15:34 - 0031966 _____ () C:\ProgramData\nvModes.001
2009-09-14 18:58 - 2015-04-04 15:34 - 0031966 _____ () C:\ProgramData\nvModes.dat
2010-07-16 17:15 - 2013-03-04 16:04 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2010-07-16 17:19 - 2012-09-24 18:43 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
2010-07-16 17:15 - 2010-07-16 17:15 - 0000268 ___RH () C:\ProgramData\Transportation
2010-07-16 17:19 - 2010-07-16 17:19 - 0000268 ___RH () C:\ProgramData\Tremolo
2010-07-16 17:15 - 2010-07-16 17:15 - 0000012 ___RH () C:\ProgramData\URLs
2010-07-16 17:19 - 2010-07-16 17:19 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2009-09-07 11:32 - 2009-09-07 11:32 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2008-10-26 16:52 - 2008-10-26 16:52 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-07 11:31 - 2009-09-07 11:31 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2008-10-26 16:45 - 2008-10-26 16:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-07 11:29 - 2009-09-07 11:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-09-07 11:32 - 2009-09-07 11:32 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2008-10-26 16:43 - 2008-10-26 16:44 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2008-10-26 16:46 - 2008-10-26 16:52 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-09-07 11:32 - 2009-09-07 11:33 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\COMPAQ\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 16:10

==================== End Of Log ============================



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by COMPAQ at 2015-04-04 17:50:13
Running from C:\Users\COMPAQ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29A3S3VZ
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adblock Plus für IE (32-Bit) (HKLM\...\{A2C33E25-4A8E-43F7-8998-BBEB690F1AB1}) (Version: 1.3 - Eyeo GmbH)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version: - ArcSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Avira (HKLM\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.45268 - Ask.com) <==== ATTENTION
BufferChm (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.0.0 - Conexant)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (Version: 110.0.238.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (Version: 110.0.238.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4220_ProductContext (Version: 110.0.238.000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM\...\ElsterFormular 11.4.1.4323) (Version: 11.4.1.4323 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM\...\ElsterFormular für Privatanwender 12.3.2.6814p) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (Version: 110.0.238.000 - Ihr Firmenname) Hidden
F4210_Help (Version: 110.0.238.000 - Hewlett-Packard) Hidden
File Uploader (HKLM\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.1 - Nikon)
Gigaset QuickSync (HKLM\...\{b49e8cfb-f094-4467-925a-97c23972cb50}) (Version: 8.3.0868.3 - Gigaset Communications GmbH)
GPBaseService (Version: 110.0.180.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Customer Participation Program 11.0 (HKLM\...\HPExtendedCapabilities) (Version: 11.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.1.0 - Hewlett-Packard Company)
HP Imaging Device Functions 11.0 (HKLM\...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
Lager (Version: 1.0.0.0 - Hewlett-Packard) Hidden
LightScribe System Software 1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
MarketResearch (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.5.0 - Nikon)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.6 - Nikon)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM\...\{E0D51394-1D45-460A-B62D-383BC4F8B335}) (Version: 7.3.1.70 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
Scan (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 11.0 - HP)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SmartWebPrinting (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Toolbox (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden
VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.4.0 - Nikon)
Web Launcher (HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\fc3ac04dc8eedef7) (Version: 1.0.0.20 - ShowMyPC)
WebReg (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\COMPAQ\AppData\Local\AskToolbar\Downloaded Program Files\AviraWebSecurityBrowser.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{EB959CA4-408B-4465-9CF5-7EBA7B885153}\InprocServer32 -> C:\Users\COMPAQ\AppData\Local\AskToolbar\Downloaded Program Files\AviraSafetyPrivacy.dll (Ask.com)

==================== Restore Points =========================

30-01-2015 22:12:17 Windows Update
01-02-2015 19:13:23 Installed Adblock Plus for IE (32-bit)
05-02-2015 14:53:51 Windows Update
12-02-2015 15:37:35 Windows Update
12-02-2015 15:58:39 Windows Update
16-02-2015 15:17:20 Windows Update
16-02-2015 15:48:54 Windows Update
20-02-2015 19:17:30 Windows Update
24-02-2015 19:34:39 Windows Update
27-02-2015 19:42:18 Windows Update
03-03-2015 15:48:33 Windows Update
05-03-2015 13:11:32 Geplanter Prüfpunkt
06-03-2015 20:39:08 Windows Update
11-03-2015 20:02:10 Windows Update
11-03-2015 20:58:54 Windows Update
17-03-2015 01:00:55 Geplanter Prüfpunkt
17-03-2015 19:44:24 Windows Update
21-03-2015 18:09:10 Windows Update
27-03-2015 19:18:43 Windows Update
31-03-2015 21:45:50 Windows Update
04-04-2015 15:43:50 Installed Gigaset QuickSync.
04-04-2015 15:59:47 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2012-07-13 19:47 - 00443459 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {069573E5-2D93-49E5-AE1E-B0FDFD50E00C} - System32\Tasks\{53B1A1CC-B9A7-4F7F-8D2B-ED3D11FC8932} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chromeffered-installed;madedefault
Task: {0ECD0360-2D32-4D6F-8CF4-3F401236EDEB} - System32\Tasks\{20BFD99F-D596-4D96-8DB7-F97DB4F9A1B0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111.259/en/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {21F694FE-2A6D-4B2B-A697-15DA44680B37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {2784FBC6-7CDB-423E-A8F1-6ED990FF8D02} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {28C3BA5F-E093-459A-8251-2A700D96F18E} - System32\Tasks\{1AE98456-DAD8-4A8E-AE0B-9B41A96CF8A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {2BB980C4-66AD-45CE-AA65-9C28740CBE5F} - System32\Tasks\{2EBC2EB7-BF3D-4F83-B086-2A7C253842B7} => pcalua.exe -a "C:\Users\COMPAQ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D650QA4N\msvbvm50[1].exe" -d C:\Users\COMPAQ\Desktop\Desktop
Task: {37ECF2E5-4175-4A42-83C8-6FB3605ADBDC} - System32\Tasks\{594F396F-1B8A-4C15-8883-708DE1A5572E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/privacy
Task: {3CC5237E-5EF8-43C1-B327-DF3C11F8C05D} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {3E3376A3-17EA-45A4-A122-65B92B31EFDC} - System32\Tasks\{0E45A6AC-6249-4417-8E9A-FA8F59C5B602} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/eula
Task: {5C6E0410-D563-4D33-A139-B19AA9E6556A} - System32\Tasks\{A403AAF8-6BF2-4AA4-9BAE-181E99DF7C0D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.152.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chromeffered-installed;madedefault
Task: {7089947B-2359-4472-8784-8CFB49534457} - System32\Tasks\{CEA72B26-C555-48E2-B25E-4DEFFCD80F70} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chromeffered-installed;madedefault
Task: {7347E749-993E-4DB4-8D9E-BC81E3244EDA} - System32\Tasks\{E4A09C9B-6AFD-4455-9058-D3E4EF85BE63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbarffered-installed,google-chrome:notoffered;toolbaroffered
Task: {8242393F-2DF5-49DC-8F06-9F1F4192A971} - System32\Tasks\{D724DEF5-8284-4D19-A176-B22C73AFD1F1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {8B0048CE-6320-4537-884F-F40822239591} - System32\Tasks\{8F63F147-4622-4745-9078-7A635D250201} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {966DE398-118A-472C-92C7-17367C4B6A6E} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {A80BE85D-DBBD-4D6A-803E-F8544CEE71A1} - System32\Tasks\{A3DDBBDF-D5B8-43C5-9D85-5B89D7A053A9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsMain
Task: {B2D27570-1B75-4983-9C7C-7BEB9FA2A574} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B9CD596B-8652-4CBE-9D9E-B07EEA450E65} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {C595BB96-C42B-4304-832A-89F2955AEFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {CDB5D68F-55FF-4158-9284-D4A5E7D64042} - System32\Tasks\{36E6A434-A4C2-455D-9E59-243CF0C89458} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {D4F918C4-09E9-4990-BAC0-FCDD0C6ABD59} - System32\Tasks\{6161185A-D5E9-41AC-9CAC-D17E38A806F6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered
Task: {DB6F04E1-8CD5-4372-9C61-A7DC5B18D3F1} - System32\Tasks\{9D4CC22C-0D91-48E7-9752-41093BB3C19D} => C:\Program Files\Skype\\Phone\Skype.exe [2015-01-23] (Skype Technologies S.A.)
Task: {DC44E2FE-D436-4E0E-A2E6-427D8F0336B9} - System32\Tasks\{87010094-4D74-481D-BE13-33B8C56116CD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/eula
Task: {DE6C246D-F16E-47DF-A024-85FC3376B725} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - COMPAQ => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {EB32A578-D9F1-422B-8230-7D3FF262B8BC} - System32\Tasks\{0ED92DB1-958D-426D-97B7-E258304BEC31} => pcalua.exe -a E:\setup.exe -d E:\
Task: {F08EABE8-10BF-4684-8E67-05B2EC8CCB2F} - System32\Tasks\{9A2C7FC4-E4F5-48F6-A403-3F8E0ADD7E40} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) ==============

2008-10-26 16:59 - 2008-10-06 10:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-26 16:59 - 2008-10-06 10:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-26 16:52 - 2008-09-15 16:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-11-15 21:04 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-15 21:04 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-15 21:04 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2009-09-07 11:27 - 2008-09-23 17:21 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2008-10-26 15:51 - 2008-04-11 10:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Control Panel\Desktop\\Wallpaper -> C:\ALLES, was wir haben\Fotos\2010-12 Argentinien-Fotos Andrea\P1020742.JPG
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: BBUpdate => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Nikon Transfer Monitor => C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDIRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: WEB.DE Update => C:\Program Files\WEB.DE\LiveUpdate\m2LUTray.exe

==================== Accounts: =============================

Administrator (S-1-5-21-1856033268-2380134389-1329949605-500 - Administrator - Disabled)
COMPAQ (S-1-5-21-1856033268-2380134389-1329949605-1000 - Administrator - Enabled) => C:\Users\COMPAQ
Gast (S-1-5-21-1856033268-2380134389-1329949605-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2015 03:56:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 11.0.8326.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1564
Anfangszeit: 01d06ede78d01ad4
Zeitpunkt der Beendigung: 29

Error: (04/04/2015 03:46:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung ezKidsReady.exe, Version 3.0.0.8, Zeitstempel 0x2a425e19, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x03622944,
Prozess-ID 0xb1c, Anwendungsstartzeit ezKidsReady.exe0.

Error: (04/04/2015 03:44:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 11.0.8326.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: db4
Anfangszeit: 01d06edcee491ca4
Zeitpunkt der Beendigung: 21931

Error: (04/04/2015 03:39:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 11.0.8326.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: e44
Anfangszeit: 01d06edc32975674
Zeitpunkt der Beendigung: 33

Error: (03/27/2015 07:14:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16633 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1098
Anfangszeit: 01d068b0edbe40d6
Zeitpunkt der Beendigung: 207

Error: (03/25/2015 01:02:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16633 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 7c0
Anfangszeit: 01d066ea934acd24
Zeitpunkt der Beendigung: 175

Error: (03/25/2015 00:58:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16633 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 16e0
Anfangszeit: 01d066ea6e721f84
Zeitpunkt der Beendigung: 32

Error: (03/18/2015 08:56:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031820150319> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (03/18/2015 08:56:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\DESKTOP.INI> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (03/18/2015 08:48:34 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031820150319> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)


System errors:
=============
Error: (04/04/2015 03:38:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (04/04/2015 03:38:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Spybot-S&D 2 Scanner Service

Error: (04/04/2015 03:37:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (04/04/2015 03:34:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (04/04/2015 03:34:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Spybot-S&D 2 Scanner Service

Error: (04/04/2015 03:34:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (04/02/2015 05:42:01 PM) (Source: DCOM) (EventID: 10016) (User: COMPAQ-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}COMPAQ-PCCOMPAQS-1-5-21-1856033268-2380134389-1329949605-1000LocalHost (unter Verwendung von LRPC)

Error: (04/02/2015 05:42:01 PM) (Source: DCOM) (EventID: 10016) (User: COMPAQ-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}COMPAQ-PCCOMPAQS-1-5-21-1856033268-2380134389-1329949605-1000LocalHost (unter Verwendung von LRPC)

Error: (04/02/2015 04:37:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (04/02/2015 04:37:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Spybot-S&D 2 Scanner Service


Microsoft Office Sessions:
=========================
Error: (04/04/2015 03:56:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE11.0.8326.0156401d06ede78d01ad429

Error: (04/04/2015 03:46:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ezKidsReady.exe3.0.0.82a425e19unknown0.0.0.000000000c000000503622944b1c01d06edd9eb2dae4

Error: (04/04/2015 03:44:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE11.0.8326.0db401d06edcee491ca421931

Error: (04/04/2015 03:39:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE11.0.8326.0e4401d06edc3297567433

Error: (03/27/2015 07:14:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.16633109801d068b0edbe40d6207

Error: (03/25/2015 01:02:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.166337c001d066ea934acd24175

Error: (03/25/2015 00:58:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.1663316e001d066ea6e721f8432

Error: (03/18/2015 08:56:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031820150319

Error: (03/18/2015 08:56:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\DESKTOP.INI

Error: (03/18/2015 08:48:34 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog


Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031820150319

Alt 06.04.2015, 09:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________
Alt 06.04.2015, 10:10   #3
k25391
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Danke für den Hinweis, ich hoffe, ich bekomme das hin...
Ich hoffe, es ist gut, wenn ich jeweils eine eigene Box für jede Datei verwende


Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:35 on 04/04/2015 (COMPAQ)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by COMPAQ (administrator) on COMPAQ-PC on 04-04-2015 17:49:04
Running from C:\Users\COMPAQ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29A3S3VZ
Loaded Profiles: COMPAQ (Available profiles: COMPAQ)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [hpqSRMon] => [X]
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-21] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe [960688 2015-02-05] (Adobe Systems Incorporated)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> {02BEB76C-FD85-488D-824A-490C9D3C0896} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM -> {1893805B-1D90-4ACF-BD58-FA96CA693B42} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM -> {F984C8C7-0FB4-4E22-AC3F-507BBA566358} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> DefaultScope F7B7846F6FD142C988F9AAAC5202D175 URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7SUNC_deDE355
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> F7B7846F6FD142C988F9AAAC5202D175 URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7SUNC_deDE355
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {02BEB76C-FD85-488D-824A-490C9D3C0896} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {1893805B-1D90-4ACF-BD58-FA96CA693B42} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {9122BE4A-A717-4D62-AB26-E01C0BEF14B5} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {C4638BAF-ACFB-4A4F-9E4E-D47382F4C43E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=d6c715e3-52b8-4672-ac74-fb52753f9418&apn_sauid=059F45F1-1C47-4892-899D-8775DEDD662B
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {F984C8C7-0FB4-4E22-AC3F-507BBA566358} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-07-17] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-07-16] (Apple Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905\Extensions\toolbar@web.de [2015-02-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-25]
FF HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-21] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2013-04-25] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-04 17:48 - 2015-04-04 17:49 - 00000000 ____D () C:\FRST
2015-04-04 15:57 - 2015-04-04 15:57 - 00000000 ____D () C:\ProgramData\Gigaset QuickSync
2015-04-04 15:52 - 2015-04-04 15:52 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Gigaset_Communications_Gm
2015-04-04 15:50 - 2015-04-04 15:50 - 00000000 ____D () C:\Windows\LastGood
2015-04-04 15:49 - 2015-04-04 15:49 - 00001821 _____ () C:\Users\Public\Desktop\Gigaset QuickSync.lnk
2015-04-04 15:49 - 2015-04-04 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync
2015-04-04 15:49 - 2015-04-04 15:49 - 00000000 ____D () C:\Program Files\Gigaset QuickSync
2015-04-04 15:43 - 2015-04-04 15:43 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Downloaded Installations
2015-03-17 00:18 - 2012-07-13 19:47 - 00443459 _____ () C:\Windows\system32\Drivers\etc\hosts.20150316-231835.backup
2015-03-16 23:50 - 2015-03-16 23:50 - 00000764 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-16 23:50 - 2015-03-16 23:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-11 21:14 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 21:14 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 21:13 - 2015-02-26 02:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 21:05 - 2015-02-20 04:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 21:05 - 2015-02-20 02:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 21:04 - 2015-02-26 04:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-11 21:04 - 2015-02-26 04:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 21:04 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 21:04 - 2015-01-09 04:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 21:04 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 21:02 - 2015-03-06 06:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 21:01 - 2014-10-13 03:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-11 21:00 - 2015-02-18 04:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 20:17 - 2015-02-21 19:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 20:17 - 2015-02-21 19:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-11 20:17 - 2015-02-21 19:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 20:17 - 2015-02-21 19:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 20:17 - 2015-02-21 19:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 20:17 - 2015-02-21 19:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 20:17 - 2015-02-21 19:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 20:17 - 2015-02-21 19:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-11 20:17 - 2015-02-21 19:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 20:17 - 2015-02-21 19:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 20:17 - 2015-02-21 19:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 20:17 - 2015-02-21 19:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 20:17 - 2015-02-21 19:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 20:17 - 2015-02-21 19:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 20:17 - 2015-02-21 19:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-11 20:17 - 2015-02-21 19:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-11 20:17 - 2015-02-21 19:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-11 20:17 - 2015-02-21 19:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-04 17:44 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-04 17:44 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-04 17:40 - 2011-01-01 19:00 - 00000000 ____D () C:\Users\COMPAQ\AppData\Roaming\Skype
2015-04-04 17:36 - 2009-09-07 11:58 - 00000000 ____D () C:\Users\COMPAQ
2015-04-04 17:25 - 2012-09-10 22:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-04 16:39 - 2009-09-07 11:13 - 01925059 ____N () C:\Windows\WindowsUpdate.log
2015-04-04 16:36 - 2009-10-17 17:04 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2015-04-04 16:08 - 2009-09-22 20:16 - 00012800 _____ () C:\Users\COMPAQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-04 15:44 - 2006-11-02 12:33 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-04 15:38 - 2014-11-15 21:06 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-04-04 15:34 - 2009-09-14 18:58 - 00031966 _____ () C:\ProgramData\nvModes.dat
2015-04-04 15:34 - 2009-09-14 18:58 - 00031966 _____ () C:\ProgramData\nvModes.001
2015-04-04 15:33 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-02 17:43 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-16 23:56 - 2009-09-29 22:07 - 00000000 ____D () C:\Users\COMPAQ\Tracing
2015-03-16 23:56 - 2008-10-26 23:27 - 00000000 ____D () C:\Windows\panther
2015-03-16 23:55 - 2009-09-07 14:30 - 00000000 ____D () C:\Windows\Minidump
2015-03-13 12:27 - 2006-11-02 14:47 - 00355232 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 21:13 - 2013-08-15 14:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 21:06 - 2006-11-02 12:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-06 20:50 - 2013-03-10 11:00 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Deployment
2015-03-05 12:21 - 2012-12-17 14:47 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-05 12:21 - 2012-12-17 14:47 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-05 12:18 - 2014-10-20 11:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 12:17 - 2012-12-18 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 12:17 - 2012-12-17 14:47 - 00000000 ____D () C:\Program Files\Avira

==================== Files in the root of some directories =======

2012-03-28 22:44 - 2012-03-28 22:44 - 3993600 _____ () C:\Program Files\GUT7C59.tmp
2010-07-16 17:15 - 2010-07-16 17:15 - 0000268 ___RH () C:\Users\COMPAQ\AppData\Roaming\Textures
2010-07-16 17:19 - 2010-07-16 17:19 - 0000268 ___RH () C:\Users\COMPAQ\AppData\Roaming\Track Settings
2009-09-09 17:08 - 2013-12-04 00:36 - 0000392 _____ () C:\Users\COMPAQ\AppData\Roaming\wklnhst.dat
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\AtStart.txt
2010-03-05 20:53 - 2012-12-15 00:39 - 0007808 _____ () C:\Users\COMPAQ\AppData\Local\d3d9caps.dat
2009-09-22 20:16 - 2015-04-04 16:08 - 0012800 _____ () C:\Users\COMPAQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\DSwitch.txt
2011-02-10 22:30 - 2014-03-03 20:58 - 0000600 _____ () C:\Users\COMPAQ\AppData\Local\PUTTY.RND
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\QSwitch.txt
2011-07-25 00:58 - 2011-07-25 00:58 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\{D41DDEB0-E855-4C54-B9AB-B9F40547BA67}
2009-09-07 11:28 - 2013-03-23 16:40 - 0000248 _____ () C:\ProgramData\hpqp.ini
2009-11-02 12:43 - 2013-05-13 19:55 - 0000021 _____ () C:\ProgramData\hpqp.txt
2009-09-25 19:25 - 2012-02-02 14:52 - 0004978 _____ () C:\ProgramData\hpzinstall.log
2009-09-14 18:58 - 2015-04-04 15:34 - 0031966 _____ () C:\ProgramData\nvModes.001
2009-09-14 18:58 - 2015-04-04 15:34 - 0031966 _____ () C:\ProgramData\nvModes.dat
2010-07-16 17:15 - 2013-03-04 16:04 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2010-07-16 17:19 - 2012-09-24 18:43 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
2010-07-16 17:15 - 2010-07-16 17:15 - 0000268 ___RH () C:\ProgramData\Transportation
2010-07-16 17:19 - 2010-07-16 17:19 - 0000268 ___RH () C:\ProgramData\Tremolo
2010-07-16 17:15 - 2010-07-16 17:15 - 0000012 ___RH () C:\ProgramData\URLs
2010-07-16 17:19 - 2010-07-16 17:19 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2009-09-07 11:32 - 2009-09-07 11:32 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2008-10-26 16:52 - 2008-10-26 16:52 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-07 11:31 - 2009-09-07 11:31 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2008-10-26 16:45 - 2008-10-26 16:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-07 11:29 - 2009-09-07 11:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-09-07 11:32 - 2009-09-07 11:32 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2008-10-26 16:43 - 2008-10-26 16:44 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2008-10-26 16:46 - 2008-10-26 16:52 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-09-07 11:32 - 2009-09-07 11:33 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\COMPAQ\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 16:10

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by COMPAQ at 2015-04-04 17:50:13
Running from C:\Users\COMPAQ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29A3S3VZ
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adblock Plus für IE (32-Bit) (HKLM\...\{A2C33E25-4A8E-43F7-8998-BBEB690F1AB1}) (Version: 1.3 - Eyeo GmbH)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Avira (HKLM\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.45268 - Ask.com) <==== ATTENTION
BufferChm (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.0.0 - Conexant)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (Version: 110.0.238.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (Version: 110.0.238.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4220_ProductContext (Version: 110.0.238.000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM\...\ElsterFormular 11.4.1.4323) (Version: 11.4.1.4323 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM\...\ElsterFormular für Privatanwender 12.3.2.6814p) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (Version: 110.0.238.000 - Ihr Firmenname) Hidden
F4210_Help (Version: 110.0.238.000 - Hewlett-Packard) Hidden
File Uploader (HKLM\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.1 - Nikon)
Gigaset QuickSync (HKLM\...\{b49e8cfb-f094-4467-925a-97c23972cb50}) (Version: 8.3.0868.3 - Gigaset Communications GmbH)
GPBaseService (Version: 110.0.180.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version:  - )
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Customer Participation Program 11.0 (HKLM\...\HPExtendedCapabilities) (Version: 11.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.1.0 - Hewlett-Packard Company)
HP Imaging Device Functions 11.0 (HKLM\...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
Lager (Version: 1.0.0.0 - Hewlett-Packard) Hidden
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
MarketResearch (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.5.0 - Nikon)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.6 - Nikon)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM\...\{E0D51394-1D45-460A-B62D-383BC4F8B335}) (Version: 7.3.1.70 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
Scan (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 11.0 - HP)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SmartWebPrinting (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Toolbox (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden
VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.4.0 - Nikon)
Web Launcher (HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\fc3ac04dc8eedef7) (Version: 1.0.0.20 - ShowMyPC)
WebReg (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\COMPAQ\AppData\Local\AskToolbar\Downloaded Program Files\AviraWebSecurityBrowser.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{EB959CA4-408B-4465-9CF5-7EBA7B885153}\InprocServer32 -> C:\Users\COMPAQ\AppData\Local\AskToolbar\Downloaded Program Files\AviraSafetyPrivacy.dll (Ask.com)

==================== Restore Points  =========================

30-01-2015 22:12:17 Windows Update
01-02-2015 19:13:23 Installed Adblock Plus for IE (32-bit)
05-02-2015 14:53:51 Windows Update
12-02-2015 15:37:35 Windows Update
12-02-2015 15:58:39 Windows Update
16-02-2015 15:17:20 Windows Update
16-02-2015 15:48:54 Windows Update
20-02-2015 19:17:30 Windows Update
24-02-2015 19:34:39 Windows Update
27-02-2015 19:42:18 Windows Update
03-03-2015 15:48:33 Windows Update
05-03-2015 13:11:32 Geplanter Prüfpunkt
06-03-2015 20:39:08 Windows Update
11-03-2015 20:02:10 Windows Update
11-03-2015 20:58:54 Windows Update
17-03-2015 01:00:55 Geplanter Prüfpunkt
17-03-2015 19:44:24 Windows Update
21-03-2015 18:09:10 Windows Update
27-03-2015 19:18:43 Windows Update
31-03-2015 21:45:50 Windows Update
04-04-2015 15:43:50 Installed Gigaset QuickSync.
04-04-2015 15:59:47 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2012-07-13 19:47 - 00443459 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {069573E5-2D93-49E5-AE1E-B0FDFD50E00C} - System32\Tasks\{53B1A1CC-B9A7-4F7F-8D2B-ED3D11FC8932} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {0ECD0360-2D32-4D6F-8CF4-3F401236EDEB} - System32\Tasks\{20BFD99F-D596-4D96-8DB7-F97DB4F9A1B0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111.259/en/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {21F694FE-2A6D-4B2B-A697-15DA44680B37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {2784FBC6-7CDB-423E-A8F1-6ED990FF8D02} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {28C3BA5F-E093-459A-8251-2A700D96F18E} - System32\Tasks\{1AE98456-DAD8-4A8E-AE0B-9B41A96CF8A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {2BB980C4-66AD-45CE-AA65-9C28740CBE5F} - System32\Tasks\{2EBC2EB7-BF3D-4F83-B086-2A7C253842B7} => pcalua.exe -a "C:\Users\COMPAQ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D650QA4N\msvbvm50[1].exe" -d C:\Users\COMPAQ\Desktop\Desktop
Task: {37ECF2E5-4175-4A42-83C8-6FB3605ADBDC} - System32\Tasks\{594F396F-1B8A-4C15-8883-708DE1A5572E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/privacy
Task: {3CC5237E-5EF8-43C1-B327-DF3C11F8C05D} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {3E3376A3-17EA-45A4-A122-65B92B31EFDC} - System32\Tasks\{0E45A6AC-6249-4417-8E9A-FA8F59C5B602} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/eula
Task: {5C6E0410-D563-4D33-A139-B19AA9E6556A} - System32\Tasks\{A403AAF8-6BF2-4AA4-9BAE-181E99DF7C0D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.152.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {7089947B-2359-4472-8784-8CFB49534457} - System32\Tasks\{CEA72B26-C555-48E2-B25E-4DEFFCD80F70} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {7347E749-993E-4DB4-8D9E-BC81E3244EDA} - System32\Tasks\{E4A09C9B-6AFD-4455-9058-D3E4EF85BE63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:offered-installed,google-chrome:notoffered;toolbaroffered
Task: {8242393F-2DF5-49DC-8F06-9F1F4192A971} - System32\Tasks\{D724DEF5-8284-4D19-A176-B22C73AFD1F1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {8B0048CE-6320-4537-884F-F40822239591} - System32\Tasks\{8F63F147-4622-4745-9078-7A635D250201} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {966DE398-118A-472C-92C7-17367C4B6A6E} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {A80BE85D-DBBD-4D6A-803E-F8544CEE71A1} - System32\Tasks\{A3DDBBDF-D5B8-43C5-9D85-5B89D7A053A9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsMain
Task: {B2D27570-1B75-4983-9C7C-7BEB9FA2A574} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B9CD596B-8652-4CBE-9D9E-B07EEA450E65} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {C595BB96-C42B-4304-832A-89F2955AEFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {CDB5D68F-55FF-4158-9284-D4A5E7D64042} - System32\Tasks\{36E6A434-A4C2-455D-9E59-243CF0C89458} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {D4F918C4-09E9-4990-BAC0-FCDD0C6ABD59} - System32\Tasks\{6161185A-D5E9-41AC-9CAC-D17E38A806F6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered
Task: {DB6F04E1-8CD5-4372-9C61-A7DC5B18D3F1} - System32\Tasks\{9D4CC22C-0D91-48E7-9752-41093BB3C19D} => C:\Program Files\Skype\\Phone\Skype.exe [2015-01-23] (Skype Technologies S.A.)
Task: {DC44E2FE-D436-4E0E-A2E6-427D8F0336B9} - System32\Tasks\{87010094-4D74-481D-BE13-33B8C56116CD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/eula
Task: {DE6C246D-F16E-47DF-A024-85FC3376B725} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - COMPAQ => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {EB32A578-D9F1-422B-8230-7D3FF262B8BC} - System32\Tasks\{0ED92DB1-958D-426D-97B7-E258304BEC31} => pcalua.exe -a E:\setup.exe -d E:\
Task: {F08EABE8-10BF-4684-8E67-05B2EC8CCB2F} - System32\Tasks\{9A2C7FC4-E4F5-48F6-A403-3F8E0ADD7E40} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) ==============

2008-10-26 16:59 - 2008-10-06 10:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-26 16:59 - 2008-10-06 10:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-26 16:52 - 2008-09-15 16:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-11-15 21:04 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-15 21:04 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-15 21:04 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2009-09-07 11:27 - 2008-09-23 17:21 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2008-10-26 15:51 - 2008-04-11 10:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Control Panel\Desktop\\Wallpaper -> C:\ALLES, was wir haben\Fotos\2010-12 Argentinien-Fotos Andrea\P1020742.JPG
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: BBUpdate => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Nikon Transfer Monitor => C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDIRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: WEB.DE Update => C:\Program Files\WEB.DE\LiveUpdate\m2LUTray.exe

==================== Accounts: =============================

Administrator (S-1-5-21-1856033268-2380134389-1329949605-500 - Administrator - Disabled)
COMPAQ (S-1-5-21-1856033268-2380134389-1329949605-1000 - Administrator - Enabled) => C:\Users\COMPAQ
Gast (S-1-5-21-1856033268-2380134389-1329949605-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2015 03:56:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 11.0.8326.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1564
Anfangszeit: 01d06ede78d01ad4
Zeitpunkt der Beendigung: 29

Error: (04/04/2015 03:46:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung ezKidsReady.exe, Version 3.0.0.8, Zeitstempel 0x2a425e19, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x03622944,
Prozess-ID 0xb1c, Anwendungsstartzeit ezKidsReady.exe0.

Error: (04/04/2015 03:44:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 11.0.8326.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: db4
Anfangszeit: 01d06edcee491ca4
Zeitpunkt der Beendigung: 21931

Error: (04/04/2015 03:39:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 11.0.8326.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: e44
Anfangszeit: 01d06edc32975674
Zeitpunkt der Beendigung: 33

Error: (03/27/2015 07:14:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16633 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1098
Anfangszeit: 01d068b0edbe40d6
Zeitpunkt der Beendigung: 207

Error: (03/25/2015 01:02:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16633 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 7c0
Anfangszeit: 01d066ea934acd24
Zeitpunkt der Beendigung: 175

Error: (03/25/2015 00:58:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16633 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 16e0
Anfangszeit: 01d066ea6e721f84
Zeitpunkt der Beendigung: 32

Error: (03/18/2015 08:56:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031820150319> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (03/18/2015 08:56:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\DESKTOP.INI> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (03/18/2015 08:48:34 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031820150319> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (04/04/2015 03:38:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (04/04/2015 03:38:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Spybot-S&D 2 Scanner Service

Error: (04/04/2015 03:37:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (04/04/2015 03:34:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (04/04/2015 03:34:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Spybot-S&D 2 Scanner Service

Error: (04/04/2015 03:34:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (04/02/2015 05:42:01 PM) (Source: DCOM) (EventID: 10016) (User: COMPAQ-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}COMPAQ-PCCOMPAQS-1-5-21-1856033268-2380134389-1329949605-1000LocalHost (unter Verwendung von LRPC)

Error: (04/02/2015 05:42:01 PM) (Source: DCOM) (EventID: 10016) (User: COMPAQ-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}COMPAQ-PCCOMPAQS-1-5-21-1856033268-2380134389-1329949605-1000LocalHost (unter Verwendung von LRPC)

Error: (04/02/2015 04:37:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (04/02/2015 04:37:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Spybot-S&D 2 Scanner Service


Microsoft Office Sessions:
=========================
Error: (04/04/2015 03:56:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE11.0.8326.0156401d06ede78d01ad429

Error: (04/04/2015 03:46:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ezKidsReady.exe3.0.0.82a425e19unknown0.0.0.000000000c000000503622944b1c01d06edd9eb2dae4

Error: (04/04/2015 03:44:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE11.0.8326.0db401d06edcee491ca421931

Error: (04/04/2015 03:39:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE11.0.8326.0e4401d06edc3297567433

Error: (03/27/2015 07:14:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.16633109801d068b0edbe40d6207

Error: (03/25/2015 01:02:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.166337c001d066ea934acd24175

Error: (03/25/2015 00:58:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe9.0.8112.1663316e001d066ea6e721f8432

Error: (03/18/2015 08:56:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031820150319

Error: (03/18/2015 08:56:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\DESKTOP.INI

Error: (03/18/2015 08:48:34 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031820150319
__________________
Alt 06.04.2015, 14:44   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


und der Rest?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.04.2015, 22:09   #5
k25391
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Hallo Schrauber,

ist mit "Rest" das "GMER" gemeint?
Da konnte ich die Anleitung leider nicht befolgen, weil mir mein Enkel ein drahtloses Internet eingerichtet hat und ich nicht weiss, wie man das aus- und einschaltet. An dem Kästchen (bei dem ich glaube, dass es das WLAN? steuert) ist leider kein Schalter.
Müsste ich da den Stecker ziehen, um das Notebook vom Internet zu trennen? Das habe ich mich nicht getraut, weil ich nicht wusste, ob sich dann alles wieder selbst einrichtet, wenn ich den Stecker wieder einstecke.
Und wie deaktiviere ich den Virenscanner? Der ist bei mir automatisch.

Tut mir wirklich leid, wenn ich mich so dumm anstelle... Wenn ich deshalb hier zu viel Zeit verbrauche, dann können wir's auch lassen. Ich wollte es halt nur versuchen, ob ich es selbst irgendwie schaffe, aber vermutlich bin ich dafür eben doch zu alt ;-)

Viele Grüße und vielen Dank schonmal für die Mühe


Alt 09.04.2015, 15:41   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Oben stehen noch 2 Tools, MBAR und TDSSKiller
__________________
--> Notebook mit Windows Vista wird immer langsamer

Alt 14.04.2015, 09:51   #7
k25391
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Tut mir leid, daß die Antwort nun etwas gedauert hat, aber ich hatte leider ein paar Probleme mit der Internetverbindung.
Ich hoffe, die Daten, die ich jetzt schicke, sind die richtigen.
Wenn ich die Ergbnisse der Scans richtig interpretiert habe, dann waren sie in Ordnung.

Vielen Dank schon vorab.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.04.14.02
  rootkit: v2015.03.31.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
COMPAQ :: COMPAQ-PC [administrator]

14.04.2015 09:37:45
mbar-log-2015-04-14 (09-37-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 320617
Time elapsed: 32 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Teil 1 TDSS:

Code:
ATTFilter
09:31:55.0902 0x0f60  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
09:32:42.0639 0x0f60  ============================================================
09:32:42.0639 0x0f60  Current date / time: 2015/04/14 09:32:42.0639
09:32:42.0639 0x0f60  SystemInfo:
09:32:42.0639 0x0f60  
09:32:42.0639 0x0f60  OS Version: 6.0.6002 ServicePack: 2.0
09:32:42.0639 0x0f60  Product type: Workstation
09:32:42.0639 0x0f60  ComputerName: COMPAQ-PC
09:32:42.0640 0x0f60  UserName: COMPAQ
09:32:42.0640 0x0f60  Windows directory: C:\Windows
09:32:42.0640 0x0f60  System windows directory: C:\Windows
09:32:42.0640 0x0f60  Processor architecture: Intel x86
09:32:42.0640 0x0f60  Number of processors: 2
09:32:42.0640 0x0f60  Page size: 0x1000
09:32:42.0640 0x0f60  Boot type: Normal boot
09:32:42.0640 0x0f60  ============================================================
09:32:47.0654 0x0f60  KLMD registered as C:\Windows\system32\drivers\68741515.sys
09:32:49.0436 0x0f60  System UUID: {98C7D96E-7F2C-4231-6E1A-2ABADF9F9FD5}
09:32:53.0725 0x0f60  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:32:53.0728 0x0f60  ============================================================
09:32:53.0728 0x0f60  \Device\Harddisk0\DR0:
09:32:53.0748 0x0f60  MBR partitions:
09:32:53.0748 0x0f60  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23F1F7C1
09:32:53.0748 0x0f60  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23F1F800, BlocksNum 0x150D800
09:32:53.0748 0x0f60  ============================================================
09:32:53.0809 0x0f60  C: <-> \Device\Harddisk0\DR0\Partition1
09:32:53.0884 0x0f60  D: <-> \Device\Harddisk0\DR0\Partition2
09:32:53.0885 0x0f60  ============================================================
09:32:53.0885 0x0f60  Initialize success
09:32:53.0885 0x0f60  ============================================================
10:25:19.0132 0x0684  ============================================================
10:25:19.0133 0x0684  Scan started
10:25:19.0133 0x0684  Mode: Manual; 
10:25:19.0133 0x0684  ============================================================
10:25:19.0133 0x0684  KSN ping started
10:25:19.0413 0x0684  KSN ping finished: true
10:25:20.0519 0x0684  ================ Scan system memory ========================
10:25:20.0519 0x0684  System memory - ok
10:25:20.0522 0x0684  ================ Scan services =============================
10:25:20.0705 0x0684  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:25:20.0720 0x0684  ACPI - ok
10:25:21.0002 0x0684  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:25:21.0007 0x0684  AdobeARMservice - ok
10:25:21.0100 0x0684  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:25:21.0119 0x0684  AdobeFlashPlayerUpdateSvc - ok
10:25:21.0203 0x0684  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:25:21.0230 0x0684  adp94xx - ok
10:25:21.0263 0x0684  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:25:21.0280 0x0684  adpahci - ok
10:25:21.0314 0x0684  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:25:21.0320 0x0684  adpu160m - ok
10:25:21.0342 0x0684  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:25:21.0352 0x0684  adpu320 - ok
10:25:21.0408 0x0684  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:25:21.0411 0x0684  AeLookupSvc - ok
10:25:21.0475 0x0684  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
10:25:21.0494 0x0684  AFD - ok
10:25:21.0534 0x0684  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:25:21.0539 0x0684  agp440 - ok
10:25:21.0566 0x0684  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:25:21.0571 0x0684  aic78xx - ok
10:25:21.0591 0x0684  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
10:25:21.0595 0x0684  ALG - ok
10:25:21.0640 0x0684  [ 3D76FDA1A10ACC3DC84728F55C29B6D4, E6D0FF73C7041C4F889269B91EEF3BB35467691B6EAA244F3C2AC2F65EA23C72 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:25:21.0642 0x0684  aliide - ok
10:25:21.0666 0x0684  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:25:21.0671 0x0684  amdagp - ok
10:25:21.0691 0x0684  [ 5B92E7839F5A1FBC1B39DE67758AD6F8, 2672A666C8A2BADB01792EFFC09FCB295A3EDFFF4A2023C223F1ADBD4A8E77F2 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:25:21.0694 0x0684  amdide - ok
10:25:21.0720 0x0684  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:25:21.0723 0x0684  AmdK7 - ok
10:25:21.0746 0x0684  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:25:21.0751 0x0684  AmdK8 - ok
10:25:21.0891 0x0684  [ 6A7BE5D0E66B8121E60EFAD57EB04963, 96EC128BC06E7ED7485D52DD52F8A71FEBD9633415DD8486BDBCC499ED32A0F8 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
10:25:21.0940 0x0684  AntiVirMailService - ok
10:25:22.0040 0x0684  [ F36D18EF1E66F92094AD89D17BEF007C, A5C793B340311CB7A301B77316E1976E3CD7CA9470CE5F1062CB003BCD4C155C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:25:22.0066 0x0684  AntiVirSchedulerService - ok
10:25:22.0169 0x0684  [ F36D18EF1E66F92094AD89D17BEF007C, A5C793B340311CB7A301B77316E1976E3CD7CA9470CE5F1062CB003BCD4C155C ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:25:22.0193 0x0684  AntiVirService - ok
10:25:22.0317 0x0684  [ EE5FE075D14EABEA9938C812F644371D, 609B7F43784615F5A5FA67F339FFEE84F5F37AFFE88D83B11B338720878412F5 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
10:25:22.0374 0x0684  AntiVirWebService - ok
10:25:22.0432 0x0684  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
10:25:22.0436 0x0684  Appinfo - ok
10:25:22.0470 0x0684  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
10:25:22.0477 0x0684  arc - ok
10:25:22.0503 0x0684  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:25:22.0510 0x0684  arcsas - ok
10:25:22.0623 0x0684  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:25:22.0629 0x0684  aspnet_state - ok
10:25:22.0662 0x0684  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:25:22.0665 0x0684  AsyncMac - ok
10:25:22.0699 0x0684  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
10:25:22.0703 0x0684  atapi - ok
10:25:22.0809 0x0684  [ 600EFE56F37ADBD65A0FB076B50D1B8D, B36C146722A9C95C37A073B09F899700F28E29E631FF6A306F92A493E7AFCFFC ] athr            C:\Windows\system32\DRIVERS\athr.sys
10:25:22.0857 0x0684  athr - ok
10:25:22.0924 0x0684  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:25:22.0943 0x0684  AudioEndpointBuilder - ok
10:25:22.0981 0x0684  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:25:23.0004 0x0684  Audiosrv - ok
10:25:23.0053 0x0684  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:25:23.0060 0x0684  avgntflt - ok
10:25:23.0102 0x0684  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:25:23.0110 0x0684  avipbb - ok
10:25:23.0218 0x0684  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
10:25:23.0230 0x0684  Avira.OE.ServiceHost - ok
10:25:23.0283 0x0684  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:25:23.0287 0x0684  avkmgr - ok
10:25:23.0346 0x0684  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:25:23.0348 0x0684  Beep - ok
10:25:23.0414 0x0684  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
10:25:23.0434 0x0684  BFE - ok
10:25:23.0536 0x0684  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
10:25:23.0587 0x0684  BITS - ok
10:25:23.0633 0x0684  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:25:23.0638 0x0684  blbdrive - ok
10:25:23.0680 0x0684  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:25:23.0685 0x0684  bowser - ok
10:25:23.0713 0x0684  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:25:23.0716 0x0684  BrFiltLo - ok
10:25:23.0762 0x0684  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:25:23.0765 0x0684  BrFiltUp - ok
10:25:23.0790 0x0684  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
10:25:23.0796 0x0684  Browser - ok
10:25:23.0829 0x0684  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:25:23.0834 0x0684  Brserid - ok
10:25:23.0875 0x0684  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:25:23.0881 0x0684  BrSerWdm - ok
10:25:23.0897 0x0684  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:25:23.0899 0x0684  BrUsbMdm - ok
10:25:23.0919 0x0684  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:25:23.0922 0x0684  BrUsbSer - ok
10:25:23.0951 0x0684  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:25:23.0955 0x0684  BTHMODEM - ok
10:25:23.0994 0x0684  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:25:23.0999 0x0684  cdfs - ok
10:25:24.0042 0x0684  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:25:24.0046 0x0684  cdrom - ok
10:25:24.0117 0x0684  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
10:25:24.0121 0x0684  CertPropSvc - ok
10:25:24.0165 0x0684  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:25:24.0168 0x0684  circlass - ok
10:25:24.0238 0x0684  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
10:25:24.0255 0x0684  CLFS - ok
10:25:24.0313 0x0684  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:25:24.0319 0x0684  clr_optimization_v2.0.50727_32 - ok
10:25:24.0377 0x0684  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:25:24.0386 0x0684  clr_optimization_v4.0.30319_32 - ok
10:25:24.0423 0x0684  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:25:24.0426 0x0684  CmBatt - ok
10:25:24.0447 0x0684  [ D36372A6EA6805EFBE8884D10772313F, 243FCA697FEEBCB1F501C49DF75901C18F9BC301E693AA22EBB43F2B7CA26991 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:25:24.0449 0x0684  cmdide - ok
10:25:24.0527 0x0684  [ 1ADF6F4852E7D7E2E8AC481BDB970586, B5A89EE8E9BEE08FF99B9BEE2CC731FE023DA80DC52B575AE2B032F46445A65A ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
10:25:24.0542 0x0684  CnxtHdAudService - ok
10:25:24.0602 0x0684  [ 7795F8CEBC284A426B53F541E538695F, 1A56B32CA26505D9B1899EF4C3E1E1A815D8A36CC476691DBCE8A41109208C87 ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
10:25:24.0614 0x0684  Com4QLBEx - ok
10:25:24.0648 0x0684  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:25:24.0651 0x0684  Compbatt - ok
10:25:24.0664 0x0684  COMSysApp - ok
10:25:24.0681 0x0684  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:25:24.0684 0x0684  crcdisk - ok
10:25:24.0709 0x0684  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:25:24.0713 0x0684  Crusoe - ok
10:25:24.0768 0x0684  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:25:24.0776 0x0684  CryptSvc - ok
10:25:24.0871 0x0684  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:25:24.0909 0x0684  DcomLaunch - ok
10:25:24.0962 0x0684  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:25:24.0969 0x0684  DfsC - ok
10:25:25.0156 0x0684  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
10:25:25.0284 0x0684  DFSR - ok
10:25:25.0368 0x0684  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:25:25.0381 0x0684  Dhcp - ok
10:25:25.0428 0x0684  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
10:25:25.0433 0x0684  disk - ok
10:25:25.0468 0x0684  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:25:25.0475 0x0684  Dnscache - ok
10:25:25.0528 0x0684  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
10:25:25.0540 0x0684  dot3svc - ok
10:25:25.0590 0x0684  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:25:25.0599 0x0684  Dot4 - ok
10:25:25.0618 0x0684  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:25:25.0621 0x0684  Dot4Print - ok
10:25:25.0645 0x0684  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:25:25.0648 0x0684  dot4usb - ok
10:25:25.0688 0x0684  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
10:25:25.0698 0x0684  DPS - ok
10:25:25.0741 0x0684  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:25:25.0743 0x0684  drmkaud - ok
10:25:25.0829 0x0684  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:25:25.0867 0x0684  DXGKrnl - ok
10:25:25.0923 0x0684  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:25:25.0931 0x0684  E1G60 - ok
10:25:25.0967 0x0684  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
10:25:25.0973 0x0684  EapHost - ok
10:25:26.0037 0x0684  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:25:26.0047 0x0684  Ecache - ok
10:25:26.0120 0x0684  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:25:26.0137 0x0684  ehRecvr - ok
10:25:26.0192 0x0684  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
10:25:26.0200 0x0684  ehSched - ok
10:25:26.0224 0x0684  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
10:25:26.0226 0x0684  ehstart - ok
10:25:26.0294 0x0684  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:25:26.0316 0x0684  elxstor - ok
10:25:26.0393 0x0684  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:25:26.0428 0x0684  EMDMgmt - ok
10:25:26.0476 0x0684  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:25:26.0478 0x0684  ErrDev - ok
10:25:26.0556 0x0684  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
10:25:26.0573 0x0684  EventSystem - ok
10:25:26.0634 0x0684  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:25:26.0644 0x0684  exfat - ok
10:25:26.0706 0x0684  [ 42F721C52EEF2D6DF9372A53813A83EF, 0222DE06A8C0CB257C646870554217C3587215E88EFB32399173106C205FD5CB ] ezSharedSvc     C:\Windows\System32\ezsvc7.dll
10:25:26.0716 0x0684  ezSharedSvc - ok
10:25:26.0749 0x0684  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:25:26.0760 0x0684  fastfat - ok
10:25:26.0805 0x0684  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:25:26.0810 0x0684  fdc - ok
10:25:26.0855 0x0684  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
10:25:26.0859 0x0684  fdPHost - ok
10:25:26.0873 0x0684  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:25:26.0878 0x0684  FDResPub - ok
10:25:26.0909 0x0684  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:25:26.0914 0x0684  FileInfo - ok
10:25:26.0932 0x0684  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:25:26.0935 0x0684  Filetrace - ok
10:25:26.0972 0x0684  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:25:26.0975 0x0684  flpydisk - ok
10:25:27.0027 0x0684  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:25:27.0038 0x0684  FltMgr - ok
10:25:27.0169 0x0684  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
10:25:27.0217 0x0684  FontCache - ok
10:25:27.0284 0x0684  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:25:27.0289 0x0684  FontCache3.0.0.0 - ok
10:25:27.0332 0x0684  [ B74B0578FD1D3F897E95F2A2B69EA051, 64FCA8452CB37D55679AC8BEF221D6BA1D91E50680D37FFCFB81619ADAA5889C ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
10:25:27.0337 0x0684  fssfltr - ok
10:25:27.0461 0x0684  [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:25:27.0504 0x0684  fsssvc - ok
10:25:27.0542 0x0684  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:25:27.0545 0x0684  Fs_Rec - ok
10:25:27.0583 0x0684  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:25:27.0587 0x0684  gagp30kx - ok
10:25:27.0621 0x0684  [ 997527391DEC418DC62D784D848D73BE, 24AEF416C04AE88A697609EEA640A4058E910ADF5E49318AD9766514714AA967 ] GigasetGenericUSB C:\Windows\system32\DRIVERS\GigasetGenericUSB.sys
10:25:27.0625 0x0684  GigasetGenericUSB - ok
10:25:27.0710 0x0684  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
10:25:27.0743 0x0684  gpsvc - ok
10:25:27.0797 0x0684  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:25:27.0813 0x0684  HdAudAddService - ok
10:25:27.0889 0x0684  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:25:27.0920 0x0684  HDAudBus - ok
10:25:27.0947 0x0684  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:25:27.0950 0x0684  HidBth - ok
10:25:27.0987 0x0684  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:25:27.0990 0x0684  HidIr - ok
10:25:28.0029 0x0684  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
10:25:28.0034 0x0684  hidserv - ok
10:25:28.0075 0x0684  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:25:28.0077 0x0684  HidUsb - ok
10:25:28.0121 0x0684  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:25:28.0129 0x0684  hkmsvc - ok
10:25:28.0200 0x0684  [ A19B0BB5A7EB6DF2DD4A0711D36955EE, 307648CAFB3DDCD76FD730CA623945ED71D4276715A38D8CBB203C157C45F691 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
10:25:28.0206 0x0684  HP Health Check Service - ok
10:25:28.0249 0x0684  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:25:28.0253 0x0684  HpCISSs - ok
10:25:28.0370 0x0684  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:25:28.0385 0x0684  hpqcxs08 - ok
10:25:28.0433 0x0684  [ EE4C7A4CF2316701FFDE90F404520265, 0143BA0EF31D54AC8AA5B1540D3B927293D01A0366C0A5AB2C807F14ED8E23A7 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:25:28.0441 0x0684  hpqddsvc - ok
10:25:28.0475 0x0684  [ 35956140E686D53BF676CF0C778880FC, AFFE1CC956E75AF1DE87F19A58CB03C861907C48DCA03F7454EF7762DEB46F2D ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
10:25:28.0478 0x0684  HpqKbFiltr - ok
10:25:28.0517 0x0684  [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
10:25:28.0527 0x0684  hpqwmiex - ok
10:25:28.0648 0x0684  [ CC267848CB3508E72762BE65734E764D, E7E39607A48E77544EE286EA678FC2ED8A6C20C9DCB8C901BC70140ECB2E7C2F ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:25:28.0701 0x0684  HSF_DPV - ok
10:25:28.0735 0x0684  [ A2882945CC4B6E3E4E9E825590438888, C0B7E695BBFFB927A3A7122BCA41B454B27F285A0A380E82CEDF87CE573A5C60 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:25:28.0747 0x0684  HSXHWAZL - ok
10:25:28.0804 0x0684  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:25:28.0827 0x0684  HTTP - ok
10:25:28.0873 0x0684  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:25:28.0877 0x0684  i2omp - ok
10:25:28.0913 0x0684  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:25:28.0918 0x0684  i8042prt - ok
10:25:28.0961 0x0684  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:25:28.0977 0x0684  iaStorV - ok
10:25:29.0052 0x0684  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:25:29.0057 0x0684  IDriverT - ok
10:25:29.0191 0x0684  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:25:29.0244 0x0684  idsvc - ok
10:25:29.0280 0x0684  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:25:29.0284 0x0684  iirsp - ok
10:25:29.0347 0x0684  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:25:29.0374 0x0684  IKEEXT - ok
10:25:29.0414 0x0684  [ DD512A049BD7B4BCE8A83554C5EFF2C1, FBC44A9EBFCCE0EF4F6D007590158F7852340D3056298A0C1708E3AC30AB6CA9 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:25:29.0418 0x0684  intelide - ok
10:25:29.0441 0x0684  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:25:29.0446 0x0684  intelppm - ok
10:25:29.0491 0x0684  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:25:29.0499 0x0684  IPBusEnum - ok
10:25:29.0526 0x0684  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:25:29.0530 0x0684  IpFilterDriver - ok
10:25:29.0580 0x0684  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:25:29.0594 0x0684  iphlpsvc - ok
10:25:29.0615 0x0684  IpInIp - ok
10:25:29.0653 0x0684  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:25:29.0659 0x0684  IPMIDRV - ok
10:25:29.0689 0x0684  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:25:29.0696 0x0684  IPNAT - ok
10:25:29.0715 0x0684  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:25:29.0718 0x0684  IRENUM - ok
10:25:29.0757 0x0684  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:25:29.0761 0x0684  isapnp - ok
10:25:29.0812 0x0684  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:25:29.0823 0x0684  iScsiPrt - ok
10:25:29.0837 0x0684  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:25:29.0841 0x0684  iteatapi - ok
10:25:29.0855 0x0684  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:25:29.0858 0x0684  iteraid - ok
10:25:29.0884 0x0684  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:25:29.0887 0x0684  kbdclass - ok
10:25:29.0933 0x0684  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:25:29.0935 0x0684  kbdhid - ok
10:25:29.0968 0x0684  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
10:25:29.0972 0x0684  KeyIso - ok
10:25:30.0040 0x0684  [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:25:30.0065 0x0684  KSecDD - ok
10:25:30.0164 0x0684  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:25:30.0187 0x0684  KtmRm - ok
10:25:30.0239 0x0684  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:25:30.0252 0x0684  LanmanServer - ok
10:25:30.0327 0x0684  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:25:30.0342 0x0684  LanmanWorkstation - ok
10:25:30.0806 0x0684  [ ABF90FC5A127F481219B873C1B8DFC1C, 465188183B2848C11743B2A6B987B307D30F636E4958E60766336479473DD121 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:25:30.0812 0x0684  LightScribeService - ok
10:25:30.0855 0x0684  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:25:30.0859 0x0684  lltdio - ok
10:25:30.0919 0x0684  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:25:30.0935 0x0684  lltdsvc - ok
10:25:30.0955 0x0684  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:25:30.0960 0x0684  lmhosts - ok
10:25:31.0015 0x0684  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:25:31.0023 0x0684  LSI_FC - ok
10:25:31.0041 0x0684  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:25:31.0052 0x0684  LSI_SAS - ok
10:25:31.0085 0x0684  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:25:31.0091 0x0684  LSI_SCSI - ok
10:25:31.0109 0x0684  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:25:31.0115 0x0684  luafv - ok
10:25:31.0171 0x0684  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:25:31.0179 0x0684  Mcx2Svc - ok
10:25:31.0204 0x0684  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:25:31.0206 0x0684  mdmxsdk - ok
10:25:31.0251 0x0684  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
10:25:31.0254 0x0684  megasas - ok
10:25:31.0300 0x0684  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
10:25:31.0324 0x0684  MegaSR - ok
10:25:31.0363 0x0684  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
10:25:31.0370 0x0684  MMCSS - ok
10:25:31.0391 0x0684  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
10:25:31.0395 0x0684  Modem - ok
10:25:31.0438 0x0684  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:25:31.0442 0x0684  monitor - ok
10:25:31.0455 0x0684  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:25:31.0458 0x0684  mouclass - ok
10:25:31.0480 0x0684  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:25:31.0482 0x0684  mouhid - ok
10:25:31.0510 0x0684  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:25:31.0515 0x0684  MountMgr - ok
10:25:31.0570 0x0684  [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:25:31.0579 0x0684  MozillaMaintenance - ok
10:25:31.0622 0x0684  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:25:31.0629 0x0684  mpio - ok
10:25:31.0662 0x0684  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:25:31.0668 0x0684  mpsdrv - ok
10:25:31.0729 0x0684  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:25:31.0756 0x0684  MpsSvc - ok
10:25:31.0800 0x0684  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:25:31.0804 0x0684  Mraid35x - ok
10:25:31.0845 0x0684  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:25:31.0853 0x0684  MRxDAV - ok
10:25:31.0903 0x0684  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:25:31.0910 0x0684  mrxsmb - ok
10:25:31.0961 0x0684  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:25:31.0976 0x0684  mrxsmb10 - ok
10:25:32.0004 0x0684  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:25:32.0009 0x0684  mrxsmb20 - ok
10:25:32.0052 0x0684  [ AA305CFF241DA187BD5077DE4A2A043D, 1D0FAE34A617E350DA6B0A2380AD4522EFF78F1CC02BE1199023F5CCD465411D ] msahci          C:\Windows\system32\drivers\msahci.sys
10:25:32.0055 0x0684  msahci - ok
10:25:32.0089 0x0684  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:25:32.0096 0x0684  msdsm - ok
10:25:32.0135 0x0684  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
10:25:32.0145 0x0684  MSDTC - ok
10:25:32.0182 0x0684  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:25:32.0185 0x0684  Msfs - ok
10:25:32.0228 0x0684  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:25:32.0231 0x0684  msisadrv - ok
10:25:32.0279 0x0684  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:25:32.0289 0x0684  MSiSCSI - ok
10:25:32.0300 0x0684  msiserver - ok
10:25:32.0337 0x0684  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:25:32.0339 0x0684  MSKSSRV - ok
10:25:32.0375 0x0684  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:25:32.0377 0x0684  MSPCLOCK - ok
10:25:32.0393 0x0684  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:25:32.0395 0x0684  MSPQM - ok
10:25:32.0429 0x0684  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:25:32.0439 0x0684  MsRPC - ok
10:25:32.0482 0x0684  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:25:32.0485 0x0684  mssmbios - ok
10:25:32.0506 0x0684  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:25:32.0508 0x0684  MSTEE - ok
10:25:32.0536 0x0684  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:25:32.0540 0x0684  Mup - ok
10:25:32.0596 0x0684  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
10:25:32.0618 0x0684  napagent - ok
10:25:32.0674 0x0684  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:25:32.0683 0x0684  NativeWifiP - ok
10:25:32.0763 0x0684  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:25:32.0793 0x0684  NDIS - ok
10:25:32.0847 0x0684  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:25:32.0850 0x0684  NdisTapi - ok
10:25:32.0863 0x0684  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:25:32.0866 0x0684  Ndisuio - ok
10:25:32.0938 0x0684  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:25:32.0955 0x0684  NdisWan - ok
10:25:32.0981 0x0684  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:25:32.0985 0x0684  NDProxy - ok
10:25:33.0028 0x0684  [ 2969D26EEE289BE7422AA46FC55F4E38, 0128C6C764C9BE01E9C5B272385524361C46C051D9D371D8E06B8493A49250AF ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:25:33.0033 0x0684  Net Driver HPZ12 - ok
10:25:33.0058 0x0684  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:25:33.0062 0x0684  NetBIOS - ok
10:25:33.0098 0x0684  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:25:33.0112 0x0684  netbt - ok
10:25:33.0135 0x0684  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
10:25:33.0139 0x0684  Netlogon - ok
10:25:33.0202 0x0684  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
10:25:33.0223 0x0684  Netman - ok
10:25:33.0270 0x0684  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:25:33.0281 0x0684  NetMsmqActivator - ok
10:25:33.0299 0x0684  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:25:33.0309 0x0684  NetPipeActivator - ok
10:25:33.0344 0x0684  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
10:25:33.0362 0x0684  netprofm - ok
10:25:33.0382 0x0684  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:25:33.0391 0x0684  NetTcpActivator - ok
10:25:33.0408 0x0684  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:25:33.0417 0x0684  NetTcpPortSharing - ok
10:25:33.0617 0x0684  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
10:25:33.0738 0x0684  NETw3v32 - ok
10:25:33.0817 0x0684  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:25:33.0822 0x0684  nfrd960 - ok
10:25:33.0863 0x0684  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:25:33.0877 0x0684  NlaSvc - ok
10:25:33.0915 0x0684  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:25:33.0919 0x0684  Npfs - ok
10:25:33.0960 0x0684  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
10:25:33.0966 0x0684  nsi - ok
10:25:33.0996 0x0684  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:25:34.0000 0x0684  nsiproxy - ok
10:25:34.0119 0x0684  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:25:34.0178 0x0684  Ntfs - ok
10:25:34.0222 0x0684  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:25:34.0225 0x0684  ntrigdigi - ok
10:25:34.0246 0x0684  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
10:25:34.0248 0x0684  Null - ok
10:25:34.0352 0x0684  [ AE78A7285DF03A277415FC62F8CE8F24, E6CD1195C64E7B111E0F99575074C5FB43363A3FE98EA231ED93D732C6CACB74 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
10:25:34.0412 0x0684  NVENETFD - ok
10:25:34.0461 0x0684  [ B0DD52428BF564F5FC5EE331060BE2A6, 67708A45D4779328BFAA6CB920E84416B7DC20910312DC9C78AEA5BDBBED5542 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
10:25:34.0466 0x0684  NVHDA - ok
10:25:35.0215 0x0684  [ 9DAC05D828E56801FD6CE5FDFCED64AF, 81CAE071F931A75753434DF86C749353F2EEB28136EB4AFC565A4220CC727697 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:25:35.0749 0x0684  nvlddmkm - ok
10:25:35.0887 0x0684  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:25:35.0894 0x0684  nvraid - ok
10:25:35.0937 0x0684  [ 0FB6BF3AB170FC5BD403D25E134EAFDE, F0300AD3177E503FA7C9D767D5AA622BB1CA0187CCD7457C55CEAC0E4090309E ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
10:25:35.0939 0x0684  nvsmu - ok
10:25:35.0962 0x0684  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:25:35.0966 0x0684  nvstor - ok
10:25:36.0017 0x0684  [ 51E7F2C26B6ECE61C5241F1F731EAB2B, FC9C82C17BF4DDFE999194C8C062E10CDEEDD8DEABEEF45D2AE1D0DAEAD314F8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
10:25:36.0033 0x0684  nvsvc - ok
10:25:36.0085 0x0684  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:25:36.0092 0x0684  nv_agp - ok
10:25:36.0104 0x0684  NwlnkFlt - ok
10:25:36.0121 0x0684  NwlnkFwd - ok
10:25:36.0153 0x0684  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
10:25:36.0158 0x0684  ohci1394 - ok
10:25:36.0216 0x0684  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:25:36.0225 0x0684  ose - ok
10:25:36.0323 0x0684  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:25:36.0365 0x0684  p2pimsvc - ok
10:25:36.0413 0x0684  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:25:36.0452 0x0684  p2psvc - ok
10:25:36.0503 0x0684  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
10:25:36.0508 0x0684  Parport - ok
10:25:36.0555 0x0684  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:25:36.0559 0x0684  partmgr - ok
10:25:36.0582 0x0684  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:25:36.0584 0x0684  Parvdm - ok
10:25:36.0616 0x0684  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:25:36.0623 0x0684  PcaSvc - ok
10:25:36.0672 0x0684  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
10:25:36.0681 0x0684  pci - ok
10:25:36.0718 0x0684  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
10:25:36.0722 0x0684  pciide - ok
10:25:36.0771 0x0684  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:25:36.0784 0x0684  pcmcia - ok
10:25:36.0876 0x0684  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:25:36.0930 0x0684  PEAUTH - ok
10:25:37.0111 0x0684  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
10:25:37.0202 0x0684  pla - ok
10:25:37.0268 0x0684  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:25:37.0286 0x0684  PlugPlay - ok
10:25:37.0348 0x0684  [ BAFC9706BDF425A02B66468AB2605C59, 6F8F7982AD452F0E68D91CCAF05DF152F00FA3D885DCBBBC470199E74F17B1E0 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:25:37.0354 0x0684  Pml Driver HPZ12 - ok
10:25:37.0412 0x0684  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:25:37.0450 0x0684  PNRPAutoReg - ok
10:25:37.0498 0x0684  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:25:37.0536 0x0684  PNRPsvc - ok
10:25:37.0601 0x0684  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:25:37.0624 0x0684  PolicyAgent - ok
10:25:37.0678 0x0684  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:25:37.0684 0x0684  PptpMiniport - ok
10:25:37.0708 0x0684  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:25:37.0712 0x0684  Processor - ok
10:25:37.0797 0x0684  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:25:37.0810 0x0684  ProfSvc - ok
10:25:37.0835 0x0684  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
10:25:37.0841 0x0684  ProtectedStorage - ok
10:25:37.0886 0x0684  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:25:37.0891 0x0684  PSched - ok
10:25:38.0014 0x0684  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:25:38.0074 0x0684  ql2300 - ok
10:25:38.0127 0x0684  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:25:38.0134 0x0684  ql40xx - ok
10:25:38.0185 0x0684  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
10:25:38.0204 0x0684  QWAVE - ok
10:25:38.0231 0x0684  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:25:38.0235 0x0684  QWAVEdrv - ok
10:25:38.0262 0x0684  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:25:38.0264 0x0684  RasAcd - ok
10:25:38.0308 0x0684  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
10:25:38.0318 0x0684  RasAuto - ok
10:25:38.0345 0x0684  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:25:38.0352 0x0684  Rasl2tp - ok
10:25:38.0410 0x0684  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
10:25:38.0432 0x0684  RasMan - ok
10:25:38.0474 0x0684  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:25:38.0478 0x0684  RasPppoe - ok
10:25:38.0524 0x0684  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:25:38.0529 0x0684  RasSstp - ok
10:25:38.0585 0x0684  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:25:38.0600 0x0684  rdbss - ok
10:25:38.0648 0x0684  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:25:38.0650 0x0684  RDPCDD - ok
10:25:38.0701 0x0684  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:25:38.0716 0x0684  rdpdr - ok
10:25:38.0729 0x0684  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:25:38.0732 0x0684  RDPENCDD - ok
10:25:38.0790 0x0684  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:25:38.0803 0x0684  RDPWD - ok
10:25:38.0912 0x0684  [ 0D362785BEF9BDF5A6E1F4628D06716D, DFB22D15BFE57988915C46EA366ECA8B47F663AFC87FD45F7BB2B1C966CCD34A ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
10:25:38.0932 0x0684  Recovery Service for Windows - ok
10:25:38.0993 0x0684  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:25:39.0002 0x0684  RemoteAccess - ok
10:25:39.0048 0x0684  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:25:39.0059 0x0684  RemoteRegistry - ok
10:25:39.0146 0x0684  [ 805AE1F90C64758D19AAA001CF8CBA12, 28E389FD9D8106D922AAD0FF93107C4C2900565480ACD9E909D8C134E39E39A1 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
10:25:39.0160 0x0684  RichVideo - ok
10:25:39.0213 0x0684  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
10:25:39.0217 0x0684  RpcLocator - ok
10:25:39.0275 0x0684  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
10:25:39.0311 0x0684  RpcSs - ok
10:25:39.0362 0x0684  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:25:39.0367 0x0684  rspndr - ok
10:25:39.0413 0x0684  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
10:25:39.0419 0x0684  RTSTOR - ok
10:25:39.0435 0x0684  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
10:25:39.0440 0x0684  SamSs - ok
10:25:39.0462 0x0684  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:25:39.0467 0x0684  sbp2port - ok
10:25:39.0505 0x0684  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:25:39.0517 0x0684  SCardSvr - ok
10:25:39.0604 0x0684  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
10:25:39.0644 0x0684  Schedule - ok
10:25:39.0674 0x0684  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:25:39.0678 0x0684  SCPolicySvc - ok
10:25:39.0725 0x0684  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
10:25:39.0731 0x0684  sdbus - ok
10:25:39.0775 0x0684  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:25:39.0787 0x0684  SDRSVC - ok
10:25:39.0952 0x0684  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
10:25:40.0046 0x0684  SDScannerService - ok
10:25:40.0265 0x0684  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
10:25:40.0379 0x0684  SDUpdateService - ok
10:25:40.0462 0x0684  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
10:25:40.0472 0x0684  SDWSCService - ok
10:25:40.0508 0x0684  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:25:40.0512 0x0684  secdrv - ok
10:25:40.0561 0x0684  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
10:25:40.0568 0x0684  seclogon - ok
10:25:40.0588 0x0684  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
10:25:40.0597 0x0684  SENS - ok
10:25:40.0623 0x0684  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:25:40.0627 0x0684  Serenum - ok
10:25:40.0670 0x0684  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
10:25:40.0677 0x0684  Serial - ok
10:25:40.0698 0x0684  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:25:40.0701 0x0684  sermouse - ok
10:25:40.0774 0x0684  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:25:40.0784 0x0684  SessionEnv - ok
10:25:40.0805 0x0684  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:25:40.0809 0x0684  sffdisk - ok
10:25:40.0831 0x0684  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:25:40.0834 0x0684  sffp_mmc - ok
10:25:40.0846 0x0684  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:25:40.0848 0x0684  sffp_sd - ok
10:25:40.0890 0x0684  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:25:40.0893 0x0684  sfloppy - ok
10:25:40.0951 0x0684  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:25:40.0970 0x0684  SharedAccess - ok
10:25:41.0025 0x0684  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:25:41.0044 0x0684  ShellHWDetection - ok
10:25:41.0095 0x0684  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:25:41.0099 0x0684  sisagp - ok
10:25:41.0150 0x0684  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:25:41.0154 0x0684  SiSRaid2 - ok
10:25:41.0200 0x0684  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:25:41.0207 0x0684  SiSRaid4 - ok
10:25:41.0303 0x0684  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
10:25:41.0321 0x0684  SkypeUpdate - ok
10:25:41.0619 0x0684  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
10:25:41.0817 0x0684  slsvc - ok
10:25:41.0914 0x0684  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:25:41.0923 0x0684  SLUINotify - ok
10:25:41.0969 0x0684  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:25:41.0975 0x0684  Smb - ok
10:25:42.0036 0x0684  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:25:42.0043 0x0684  SNMPTRAP - ok
10:25:42.0089 0x0684  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:25:42.0092 0x0684  spldr - ok
10:25:42.0137 0x0684  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
10:25:42.0150 0x0684  Spooler - ok
10:25:42.0212 0x0684  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:25:42.0230 0x0684  srv - ok
10:25:42.0272 0x0684  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:25:42.0283 0x0684  srv2 - ok
10:25:42.0306 0x0684  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:25:42.0315 0x0684  srvnet - ok
10:25:42.0371 0x0684  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:25:42.0386 0x0684  SSDPSRV - ok
10:25:42.0424 0x0684  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
10:25:42.0427 0x0684  ssmdrv - ok
10:25:42.0455 0x0684  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:25:42.0468 0x0684  SstpSvc - ok
10:25:42.0538 0x0684  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
10:25:42.0572 0x0684  stisvc - ok
10:25:42.0608 0x0684  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:25:42.0611 0x0684  swenum - ok
10:25:42.0669 0x0684  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
10:25:42.0693 0x0684  swprv - ok
10:25:42.0713 0x0684  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:25:42.0716 0x0684  Symc8xx - ok
10:25:42.0738 0x0684  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:25:42.0741 0x0684  Sym_hi - ok
10:25:42.0767 0x0684  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:25:42.0771 0x0684  Sym_u3 - ok
10:25:42.0858 0x0684  [ 00B19F27858F56181EDB58B71A7C67A0, 50810EAD2234F61310A234DC20B7306E6E809CFFE72F7C71FDE89D4068A29853 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:25:42.0872 0x0684  SynTP - ok
10:25:42.0956 0x0684  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
10:25:42.0992 0x0684  SysMain - ok
10:25:43.0044 0x0684  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:25:43.0054 0x0684  TabletInputService - ok
10:25:43.0107 0x0684  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:25:43.0126 0x0684  TapiSrv - ok
10:25:43.0156 0x0684  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
10:25:43.0165 0x0684  TBS - ok
10:25:43.0259 0x0684  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:25:43.0315 0x0684  Tcpip - ok
10:25:43.0386 0x0684  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:25:43.0436 0x0684  Tcpip6 - ok
10:25:43.0480 0x0684  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:25:43.0483 0x0684  tcpipreg - ok
10:25:43.0519 0x0684  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:25:43.0522 0x0684  TDPIPE - ok
10:25:43.0551 0x0684  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:25:43.0555 0x0684  TDTCP - ok
10:25:43.0590 0x0684  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:25:43.0597 0x0684  tdx - ok
10:25:43.0639 0x0684  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:25:43.0644 0x0684  TermDD - ok
10:25:43.0721 0x0684  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
10:25:43.0751 0x0684  TermService - ok
10:25:43.0792 0x0684  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
10:25:43.0812 0x0684  Themes - ok
10:25:43.0832 0x0684  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
10:25:43.0839 0x0684  THREADORDER - ok
10:25:43.0890 0x0684  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
10:25:43.0900 0x0684  TrkWks - ok
10:25:43.0958 0x0684  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:25:43.0961 0x0684  TrustedInstaller - ok
10:25:44.0010 0x0684  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:25:44.0013 0x0684  tssecsrv - ok
10:25:44.0053 0x0684  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:25:44.0056 0x0684  tunmp - ok
10:25:44.0077 0x0684  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:25:44.0081 0x0684  tunnel - ok
10:25:44.0151 0x0684  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:25:44.0156 0x0684  uagp35 - ok
10:25:44.0218 0x0684  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:25:44.0232 0x0684  udfs - ok
10:25:44.0280 0x0684  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:25:44.0288 0x0684  UI0Detect - ok
10:25:44.0326 0x0684  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:25:44.0332 0x0684  uliagpkx - ok
10:25:44.0370 0x0684  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:25:44.0387 0x0684  uliahci - ok
10:25:44.0407 0x0684  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:25:44.0414 0x0684  UlSata - ok
10:25:44.0433 0x0684  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:25:44.0442 0x0684  ulsata2 - ok
10:25:44.0485 0x0684  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:25:44.0489 0x0684  umbus - ok
10:25:44.0542 0x0684  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
10:25:44.0566 0x0684  upnphost - ok
10:25:44.0617 0x0684  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:25:44.0624 0x0684  usbccgp - ok
10:25:44.0669 0x0684  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:25:44.0677 0x0684  usbcir - ok
10:25:44.0738 0x0684  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:25:44.0743 0x0684  usbehci - ok
10:25:44.0795 0x0684  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:25:44.0810 0x0684  usbhub - ok
10:25:44.0838 0x0684  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:25:44.0840 0x0684  usbohci - ok
10:25:44.0884 0x0684  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:25:44.0887 0x0684  usbprint - ok
10:25:44.0936 0x0684  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:25:44.0940 0x0684  usbscan - ok
10:25:44.0980 0x0684  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:25:44.0985 0x0684  USBSTOR - ok
10:25:45.0012 0x0684  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:25:45.0014 0x0684  usbuhci - ok
10:25:45.0070 0x0684  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:25:45.0079 0x0684  usbvideo - ok
10:25:45.0120 0x0684  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
10:25:45.0128 0x0684  UxSms - ok
10:25:45.0216 0x0684  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
10:25:45.0245 0x0684  vds - ok
10:25:45.0293 0x0684  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:25:45.0296 0x0684  vga - ok
10:25:45.0343 0x0684  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:25:45.0346 0x0684  VgaSave - ok
10:25:45.0370 0x0684  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:25:45.0375 0x0684  viaagp - ok
10:25:45.0418 0x0684  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:25:45.0423 0x0684  ViaC7 - ok
10:25:45.0444 0x0684  [ EA1AA6E3ABB3C194FEBA12A46DE8CF2C, 5D395C20D9121EA3970980703D8692380B4D8CFDAAC4FA8A2B352209F49318B7 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:25:45.0447 0x0684  viaide - ok
10:25:45.0471 0x0684  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:25:45.0476 0x0684  volmgr - ok
10:25:45.0536 0x0684  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:25:45.0553 0x0684  volmgrx - ok
10:25:45.0600 0x0684  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:25:45.0616 0x0684  volsnap - ok
10:25:45.0670 0x0684  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:25:45.0678 0x0684  vsmraid - ok
10:25:45.0797 0x0684  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
10:25:45.0873 0x0684  VSS - ok
10:25:45.0971 0x0684  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
10:25:45.0994 0x0684  W32Time - ok
10:25:46.0020 0x0684  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:25:46.0022 0x0684  WacomPen - ok
10:25:46.0041 0x0684  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:25:46.0046 0x0684  Wanarp - ok
10:25:46.0064 0x0684  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:25:46.0069 0x0684  Wanarpv6 - ok
10:25:46.0131 0x0684  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:25:46.0170 0x0684  wcncsvc - ok
10:25:46.0235 0x0684  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:25:46.0243 0x0684  WcsPlugInService - ok
10:25:46.0313 0x0684  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
10:25:46.0316 0x0684  Wd - ok
10:25:46.0385 0x0684  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:25:46.0420 0x0684  Wdf01000 - ok
10:25:46.0474 0x0684  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:25:46.0485 0x0684  WdiServiceHost - ok
10:25:46.0498 0x0684  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:25:46.0508 0x0684  WdiSystemHost - ok
10:25:46.0889 0x0684  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
10:25:46.0907 0x0684  WebClient - ok
10:25:46.0978 0x0684  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:25:46.0993 0x0684  Wecsvc - ok
10:25:47.0038 0x0684  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:25:47.0048 0x0684  wercplsupport - ok
10:25:47.0114 0x0684  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:25:47.0128 0x0684  WerSvc - ok
10:25:47.0210 0x0684  [ 0ACD399F5DB3DF1B58903CF4949AB5A8, F8FA0A8F631AA8F34A0506F1E5E09DFB6CDA1E9E92207A73A74F1A0E7768C49A ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:25:47.0247 0x0684  winachsf - ok
10:25:47.0363 0x0684  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
10:25:47.0380 0x0684  WinDefend - ok
10:25:47.0405 0x0684  WinHttpAutoProxySvc - ok
10:25:47.0541 0x0684  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:25:47.0554 0x0684  Winmgmt - ok
10:25:47.0685 0x0684  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:25:47.0768 0x0684  WinRM - ok
10:25:47.0866 0x0684  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:25:47.0904 0x0684  Wlansvc - ok
10:25:48.0090 0x0684  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:25:48.0194 0x0684  wlidsvc - ok
10:25:48.0236 0x0684  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:25:48.0238 0x0684  WmiAcpi - ok
10:25:48.0305 0x0684  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:25:48.0314 0x0684  wmiApSrv - ok
10:25:48.0533 0x0684  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:25:48.0606 0x0684  WMPNetworkSvc - ok
10:25:48.0660 0x0684  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:25:48.0674 0x0684  WPCSvc - ok
10:25:48.0747 0x0684  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:25:48.0759 0x0684  WPDBusEnum - ok
10:25:48.0804 0x0684  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:25:48.0807 0x0684  WpdUsb - ok
10:25:48.0964 0x0684  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:25:49.0006 0x0684  WPFFontCache_v0400 - ok
10:25:49.0070 0x0684  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:25:49.0083 0x0684  ws2ifsl - ok
10:25:49.0119 0x0684  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
10:25:49.0130 0x0684  wscsvc - ok
10:25:49.0141 0x0684  WSearch - ok
10:25:49.0344 0x0684  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:25:49.0488 0x0684  wuauserv - ok
10:25:49.0549 0x0684  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:25:49.0554 0x0684  WudfPf - ok
10:25:49.0587 0x0684  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:25:49.0599 0x0684  WUDFRd - ok
10:25:49.0640 0x0684  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:25:49.0652 0x0684  wudfsvc - ok
10:25:49.0687 0x0684  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
10:25:49.0689 0x0684  XAudio - ok
10:25:49.0754 0x0684  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
10:25:49.0777 0x0684  XAudioService - ok
10:25:49.0858 0x0684  [ 7D1F3B131D503EF43EE594B5A2B9B427, 307DEC572FBC171D68ED098D73CB6F06754F26E51F8F7DB48035A8CF97AB37D0 ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
10:25:49.0875 0x0684  yukonwlh - ok
10:25:49.0890 0x0684  ================ Scan global ===============================
10:25:49.0925 0x0684  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
10:25:50.0007 0x0684  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:25:50.0067 0x0684  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:25:50.0161 0x0684  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
10:25:50.0181 0x0684  [ Global ] - ok
10:25:50.0189 0x0684  ================ Scan MBR ==================================
10:25:50.0210 0x0684  [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
10:25:50.0943 0x0684  \Device\Harddisk0\DR0 - ok
10:25:50.0944 0x0684  ================ Scan VBR ==================================
10:25:50.0977 0x0684  [ 338F6226E5B985541B16CB1C60A9C70B ] \Device\Harddisk0\DR0\Partition1
10:25:51.0050 0x0684  \Device\Harddisk0\DR0\Partition1 - ok
10:25:51.0092 0x0684  [ 54E654373651908B07DD5875447589BB ] \Device\Harddisk0\DR0\Partition2
10:25:51.0155 0x0684  \Device\Harddisk0\DR0\Partition2 - ok
10:25:51.0156 0x0684  ================ Scan generic autorun ======================
10:25:51.0443 0x0684  [ AE567D261D281B51BE55E53A786E8574, 16B4D3483FB299C4E40956900CC3B356689EAC3AA8389E964EB34D721A011129 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:25:51.0496 0x0684  SynTPEnh - ok
10:25:51.0690 0x0684  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
10:25:51.0743 0x0684  Windows Defender - ok
10:25:51.0852 0x0684  [ F7CF218E5CAA6FC0BB55791AD31E2B3F, 838B99262BA2D8E9049AB8C4EAC29CB99FE8A4D500C33B5B0B0C05015FB9BAC0 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
10:25:51.0862 0x0684  QlbCtrl.exe - ok
10:25:51.0915 0x0684  [ AE37F6508716D2DD6122744C46686BEC, 7B56FF8BE142772819E0FD4E9FA6CF9C194D1AF938C7463B1DD4D6C52E1593C2 ] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
10:25:51.0920 0x0684  HP Health Check Scheduler - ok
10:25:51.0987 0x0684  [ 8CB896C573FD15AE8B13180DA53E93D2, 47E46D77DF345D5BA970A662376828DB0141CE4A62E7DF40947EB6659CA598BC ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
10:25:52.0012 0x0684  hpWirelessAssistant - ok
10:25:52.0038 0x0684  NvCplDaemon - ok
10:25:52.0180 0x0684  [ 3E23D1F7E91627DBD44AC82077E2BA7C, 09235370B85EF5FEA24F1291B9ADAD805C8D7357A78EF8CE3BA0E913F59145EC ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
10:25:52.0217 0x0684  avgnt - ok
10:25:52.0543 0x0684  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
10:25:52.0760 0x0684  SDTray - ok
10:25:52.0927 0x0684  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
10:25:52.0935 0x0684  Avira Systray - ok
10:25:53.0078 0x0684  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:25:53.0143 0x0684  Sidebar - ok
10:25:53.0156 0x0684  WindowsWelcomeCenter - ok

Alt 14.04.2015, 09:51   #8
k25391
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Code:
ATTFilter
10:25:53.0239 0x0684  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:25:53.0304 0x0684  Sidebar - ok
10:25:53.0316 0x0684  WindowsWelcomeCenter - ok
10:25:53.0382 0x0684  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
10:25:53.0389 0x0684  ehTray.exe - ok
10:25:53.0424 0x0684  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
10:25:53.0436 0x0684  WMPNSCFG - ok
10:25:53.0466 0x0684  Skype - ok
10:25:53.0872 0x0684  [ 2B24F194FC5B657397ECB2923A68350E, B7F36CD6F0C33A2EC09898E35786E2225AC22408C25720E4D5B7A32CCA54940C ] C:\Program Files\CCleaner\CCleaner.exe
10:25:54.0151 0x0684  CCleaner Monitoring - ok
10:25:54.0177 0x0684  Waiting for KSN requests completion. In queue: 69
10:25:55.0258 0x0684  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.9.460 ), 0x41000 ( enabled : updated )
10:25:55.0351 0x0684  Win FW state via NFP2: enabled
10:25:55.0655 0x0684  ============================================================
10:25:55.0655 0x0684  Scan finished
10:25:55.0655 0x0684  ============================================================
10:25:55.0694 0x0ef8  Detected object count: 0
10:25:55.0694 0x0ef8  Actual detected object count: 0
10:26:35.0367 0x0f80  ============================================================
10:26:35.0367 0x0f80  Scan started
10:26:35.0367 0x0f80  Mode: Manual; SigCheck; TDLFS; 
10:26:35.0367 0x0f80  ============================================================
10:26:35.0367 0x0f80  KSN ping started
10:26:35.0549 0x0f80  KSN ping finished: true
10:26:36.0271 0x0f80  ================ Scan system memory ========================
10:26:36.0271 0x0f80  System memory - ok
10:26:36.0278 0x0f80  ================ Scan services =============================
10:26:36.0459 0x0f80  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:26:36.0689 0x0f80  ACPI - ok
10:26:36.0811 0x0f80  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:26:36.0844 0x0f80  AdobeARMservice - ok
10:26:36.0920 0x0f80  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:26:36.0960 0x0f80  AdobeFlashPlayerUpdateSvc - ok
10:26:37.0034 0x0f80  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:26:37.0093 0x0f80  adp94xx - ok
10:26:37.0133 0x0f80  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:26:37.0182 0x0f80  adpahci - ok
10:26:37.0234 0x0f80  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:26:37.0275 0x0f80  adpu160m - ok
10:26:37.0296 0x0f80  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:26:37.0333 0x0f80  adpu320 - ok
10:26:37.0384 0x0f80  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:26:37.0597 0x0f80  AeLookupSvc - ok
10:26:37.0662 0x0f80  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
10:26:37.0743 0x0f80  AFD - ok
10:26:37.0788 0x0f80  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:26:37.0819 0x0f80  agp440 - ok
10:26:37.0864 0x0f80  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:26:37.0898 0x0f80  aic78xx - ok
10:26:37.0933 0x0f80  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
10:26:38.0080 0x0f80  ALG - ok
10:26:38.0127 0x0f80  [ 3D76FDA1A10ACC3DC84728F55C29B6D4, E6D0FF73C7041C4F889269B91EEF3BB35467691B6EAA244F3C2AC2F65EA23C72 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:26:38.0156 0x0f80  aliide - ok
10:26:38.0187 0x0f80  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:26:38.0217 0x0f80  amdagp - ok
10:26:38.0232 0x0f80  [ 5B92E7839F5A1FBC1B39DE67758AD6F8, 2672A666C8A2BADB01792EFFC09FCB295A3EDFFF4A2023C223F1ADBD4A8E77F2 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:26:38.0261 0x0f80  amdide - ok
10:26:38.0284 0x0f80  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:26:38.0370 0x0f80  AmdK7 - ok
10:26:38.0411 0x0f80  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:26:38.0505 0x0f80  AmdK8 - ok
10:26:38.0645 0x0f80  [ 6A7BE5D0E66B8121E60EFAD57EB04963, 96EC128BC06E7ED7485D52DD52F8A71FEBD9633415DD8486BDBCC499ED32A0F8 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
10:26:38.0725 0x0f80  AntiVirMailService - ok
10:26:38.0816 0x0f80  [ F36D18EF1E66F92094AD89D17BEF007C, A5C793B340311CB7A301B77316E1976E3CD7CA9470CE5F1062CB003BCD4C155C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:26:38.0888 0x0f80  AntiVirSchedulerService - ok
10:26:38.0977 0x0f80  [ F36D18EF1E66F92094AD89D17BEF007C, A5C793B340311CB7A301B77316E1976E3CD7CA9470CE5F1062CB003BCD4C155C ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:26:39.0050 0x0f80  AntiVirService - ok
10:26:39.0172 0x0f80  [ EE5FE075D14EABEA9938C812F644371D, 609B7F43784615F5A5FA67F339FFEE84F5F37AFFE88D83B11B338720878412F5 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
10:26:39.0268 0x0f80  AntiVirWebService - ok
10:26:39.0319 0x0f80  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
10:26:39.0378 0x0f80  Appinfo - ok
10:26:39.0415 0x0f80  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
10:26:39.0450 0x0f80  arc - ok
10:26:39.0472 0x0f80  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:26:39.0505 0x0f80  arcsas - ok
10:26:39.0610 0x0f80  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:26:39.0647 0x0f80  aspnet_state - ok
10:26:39.0672 0x0f80  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:26:39.0753 0x0f80  AsyncMac - ok
10:26:39.0787 0x0f80  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
10:26:39.0817 0x0f80  atapi - ok
10:26:39.0918 0x0f80  [ 600EFE56F37ADBD65A0FB076B50D1B8D, B36C146722A9C95C37A073B09F899700F28E29E631FF6A306F92A493E7AFCFFC ] athr            C:\Windows\system32\DRIVERS\athr.sys
10:26:40.0069 0x0f80  athr - ok
10:26:40.0132 0x0f80  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:26:40.0214 0x0f80  AudioEndpointBuilder - ok
10:26:40.0241 0x0f80  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:26:40.0298 0x0f80  Audiosrv - ok
10:26:40.0340 0x0f80  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:26:40.0383 0x0f80  avgntflt - ok
10:26:40.0434 0x0f80  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:26:40.0469 0x0f80  avipbb - ok
10:26:40.0572 0x0f80  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
10:26:40.0606 0x0f80  Avira.OE.ServiceHost - ok
10:26:40.0648 0x0f80  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:26:40.0679 0x0f80  avkmgr - ok
10:26:40.0722 0x0f80  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:26:40.0789 0x0f80  Beep - ok
10:26:40.0846 0x0f80  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
10:26:40.0931 0x0f80  BFE - ok
10:26:41.0013 0x0f80  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
10:26:41.0144 0x0f80  BITS - ok
10:26:41.0198 0x0f80  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:26:41.0258 0x0f80  blbdrive - ok
10:26:41.0301 0x0f80  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:26:41.0370 0x0f80  bowser - ok
10:26:41.0401 0x0f80  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:26:41.0451 0x0f80  BrFiltLo - ok
10:26:41.0471 0x0f80  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:26:41.0532 0x0f80  BrFiltUp - ok
10:26:41.0566 0x0f80  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
10:26:41.0660 0x0f80  Browser - ok
10:26:41.0705 0x0f80  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:26:41.0948 0x0f80  Brserid - ok
10:26:41.0996 0x0f80  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:26:42.0116 0x0f80  BrSerWdm - ok
10:26:42.0151 0x0f80  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:26:42.0281 0x0f80  BrUsbMdm - ok
10:26:42.0306 0x0f80  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:26:42.0417 0x0f80  BrUsbSer - ok
10:26:42.0461 0x0f80  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:26:42.0568 0x0f80  BTHMODEM - ok
10:26:42.0603 0x0f80  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:26:42.0675 0x0f80  cdfs - ok
10:26:42.0718 0x0f80  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:26:42.0778 0x0f80  cdrom - ok
10:26:42.0827 0x0f80  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
10:26:42.0884 0x0f80  CertPropSvc - ok
10:26:42.0930 0x0f80  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:26:43.0001 0x0f80  circlass - ok
10:26:43.0058 0x0f80  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
10:26:43.0101 0x0f80  CLFS - ok
10:26:43.0156 0x0f80  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:26:43.0187 0x0f80  clr_optimization_v2.0.50727_32 - ok
10:26:43.0231 0x0f80  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:26:43.0273 0x0f80  clr_optimization_v4.0.30319_32 - ok
10:26:43.0321 0x0f80  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:26:43.0392 0x0f80  CmBatt - ok
10:26:43.0412 0x0f80  [ D36372A6EA6805EFBE8884D10772313F, 243FCA697FEEBCB1F501C49DF75901C18F9BC301E693AA22EBB43F2B7CA26991 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:26:43.0440 0x0f80  cmdide - ok
10:26:43.0481 0x0f80  [ 1ADF6F4852E7D7E2E8AC481BDB970586, B5A89EE8E9BEE08FF99B9BEE2CC731FE023DA80DC52B575AE2B032F46445A65A ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
10:26:43.0544 0x0f80  CnxtHdAudService - ok
10:26:43.0623 0x0f80  [ 7795F8CEBC284A426B53F541E538695F, 1A56B32CA26505D9B1899EF4C3E1E1A815D8A36CC476691DBCE8A41109208C87 ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
10:26:43.0657 0x0f80  Com4QLBEx - ok
10:26:43.0691 0x0f80  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:26:43.0719 0x0f80  Compbatt - ok
10:26:43.0731 0x0f80  COMSysApp - ok
10:26:43.0752 0x0f80  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:26:43.0781 0x0f80  crcdisk - ok
10:26:43.0808 0x0f80  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:26:43.0880 0x0f80  Crusoe - ok
10:26:43.0933 0x0f80  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:26:43.0986 0x0f80  CryptSvc - ok
10:26:44.0070 0x0f80  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:26:44.0183 0x0f80  DcomLaunch - ok
10:26:44.0227 0x0f80  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:26:44.0284 0x0f80  DfsC - ok
10:26:44.0464 0x0f80  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
10:26:44.0708 0x0f80  DFSR - ok
10:26:44.0766 0x0f80  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:26:44.0833 0x0f80  Dhcp - ok
10:26:44.0882 0x0f80  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
10:26:44.0913 0x0f80  disk - ok
10:26:44.0962 0x0f80  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:26:45.0025 0x0f80  Dnscache - ok
10:26:45.0071 0x0f80  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
10:26:45.0134 0x0f80  dot3svc - ok
10:26:45.0178 0x0f80  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:26:45.0258 0x0f80  Dot4 - ok
10:26:45.0283 0x0f80  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:26:45.0355 0x0f80  Dot4Print - ok
10:26:45.0399 0x0f80  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:26:45.0465 0x0f80  dot4usb - ok
10:26:45.0510 0x0f80  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
10:26:45.0594 0x0f80  DPS - ok
10:26:45.0640 0x0f80  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:26:45.0696 0x0f80  drmkaud - ok
10:26:45.0785 0x0f80  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:26:45.0857 0x0f80  DXGKrnl - ok
10:26:45.0900 0x0f80  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:26:46.0010 0x0f80  E1G60 - ok
10:26:46.0055 0x0f80  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
10:26:46.0115 0x0f80  EapHost - ok
10:26:46.0158 0x0f80  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:26:46.0193 0x0f80  Ecache - ok
10:26:46.0263 0x0f80  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:26:46.0325 0x0f80  ehRecvr - ok
10:26:46.0357 0x0f80  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
10:26:46.0408 0x0f80  ehSched - ok
10:26:46.0444 0x0f80  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
10:26:46.0488 0x0f80  ehstart - ok
10:26:46.0548 0x0f80  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:26:46.0599 0x0f80  elxstor - ok
10:26:46.0684 0x0f80  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:26:46.0799 0x0f80  EMDMgmt - ok
10:26:46.0853 0x0f80  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:26:46.0910 0x0f80  ErrDev - ok
10:26:46.0989 0x0f80  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
10:26:47.0072 0x0f80  EventSystem - ok
10:26:47.0120 0x0f80  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:26:47.0198 0x0f80  exfat - ok
10:26:47.0250 0x0f80  [ 42F721C52EEF2D6DF9372A53813A83EF, 0222DE06A8C0CB257C646870554217C3587215E88EFB32399173106C205FD5CB ] ezSharedSvc     C:\Windows\System32\ezsvc7.dll
10:26:47.0287 0x0f80  ezSharedSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:26:47.0288 0x0f80  Detect skipped due to KSN trusted
10:26:47.0288 0x0f80  ezSharedSvc - ok
10:26:47.0325 0x0f80  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:26:47.0373 0x0f80  fastfat - ok
10:26:47.0415 0x0f80  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:26:47.0484 0x0f80  fdc - ok
10:26:47.0521 0x0f80  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
10:26:47.0605 0x0f80  fdPHost - ok
10:26:47.0636 0x0f80  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:26:47.0743 0x0f80  FDResPub - ok
10:26:47.0786 0x0f80  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:26:47.0816 0x0f80  FileInfo - ok
10:26:47.0842 0x0f80  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:26:47.0907 0x0f80  Filetrace - ok
10:26:47.0937 0x0f80  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:26:48.0007 0x0f80  flpydisk - ok
10:26:48.0070 0x0f80  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:26:48.0110 0x0f80  FltMgr - ok
10:26:48.0212 0x0f80  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
10:26:48.0339 0x0f80  FontCache - ok
10:26:48.0416 0x0f80  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:26:48.0445 0x0f80  FontCache3.0.0.0 - ok
10:26:48.0486 0x0f80  [ B74B0578FD1D3F897E95F2A2B69EA051, 64FCA8452CB37D55679AC8BEF221D6BA1D91E50680D37FFCFB81619ADAA5889C ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
10:26:48.0514 0x0f80  fssfltr - ok
10:26:48.0626 0x0f80  [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:26:48.0696 0x0f80  fsssvc - ok
10:26:48.0752 0x0f80  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:26:48.0818 0x0f80  Fs_Rec - ok
10:26:48.0848 0x0f80  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:26:48.0879 0x0f80  gagp30kx - ok
10:26:48.0908 0x0f80  [ 997527391DEC418DC62D784D848D73BE, 24AEF416C04AE88A697609EEA640A4058E910ADF5E49318AD9766514714AA967 ] GigasetGenericUSB C:\Windows\system32\DRIVERS\GigasetGenericUSB.sys
10:26:48.0946 0x0f80  GigasetGenericUSB - ok
10:26:49.0029 0x0f80  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
10:26:49.0133 0x0f80  gpsvc - ok
10:26:49.0185 0x0f80  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:26:49.0307 0x0f80  HdAudAddService - ok
10:26:49.0412 0x0f80  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:26:49.0524 0x0f80  HDAudBus - ok
10:26:49.0546 0x0f80  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:26:49.0659 0x0f80  HidBth - ok
10:26:49.0697 0x0f80  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:26:49.0806 0x0f80  HidIr - ok
10:26:49.0850 0x0f80  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
10:26:49.0908 0x0f80  hidserv - ok
10:26:49.0940 0x0f80  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:26:49.0983 0x0f80  HidUsb - ok
10:26:50.0020 0x0f80  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:26:50.0097 0x0f80  hkmsvc - ok
10:26:50.0154 0x0f80  [ A19B0BB5A7EB6DF2DD4A0711D36955EE, 307648CAFB3DDCD76FD730CA623945ED71D4276715A38D8CBB203C157C45F691 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
10:26:50.0172 0x0f80  HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
10:26:50.0172 0x0f80  Detect skipped due to KSN trusted
10:26:50.0172 0x0f80  HP Health Check Service - ok
10:26:50.0215 0x0f80  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:26:50.0244 0x0f80  HpCISSs - ok
10:26:50.0380 0x0f80  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:26:50.0425 0x0f80  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
10:26:50.0425 0x0f80  Detect skipped due to KSN trusted
10:26:50.0425 0x0f80  hpqcxs08 - ok
10:26:50.0476 0x0f80  [ EE4C7A4CF2316701FFDE90F404520265, 0143BA0EF31D54AC8AA5B1540D3B927293D01A0366C0A5AB2C807F14ED8E23A7 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:26:50.0509 0x0f80  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
10:26:50.0509 0x0f80  Detect skipped due to KSN trusted
10:26:50.0509 0x0f80  hpqddsvc - ok
10:26:50.0541 0x0f80  [ 35956140E686D53BF676CF0C778880FC, AFFE1CC956E75AF1DE87F19A58CB03C861907C48DCA03F7454EF7762DEB46F2D ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
10:26:50.0585 0x0f80  HpqKbFiltr - ok
10:26:50.0628 0x0f80  [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
10:26:50.0657 0x0f80  hpqwmiex - ok
10:26:50.0758 0x0f80  [ CC267848CB3508E72762BE65734E764D, E7E39607A48E77544EE286EA678FC2ED8A6C20C9DCB8C901BC70140ECB2E7C2F ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:26:50.0885 0x0f80  HSF_DPV - ok
10:26:50.0934 0x0f80  [ A2882945CC4B6E3E4E9E825590438888, C0B7E695BBFFB927A3A7122BCA41B454B27F285A0A380E82CEDF87CE573A5C60 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:26:50.0972 0x0f80  HSXHWAZL - ok
10:26:51.0037 0x0f80  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:26:51.0151 0x0f80  HTTP - ok
10:26:51.0216 0x0f80  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:26:51.0245 0x0f80  i2omp - ok
10:26:51.0267 0x0f80  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:26:51.0331 0x0f80  i8042prt - ok
10:26:51.0393 0x0f80  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:26:51.0436 0x0f80  iaStorV - ok
10:26:51.0518 0x0f80  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:26:51.0543 0x0f80  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
10:26:51.0543 0x0f80  Detect skipped due to KSN trusted
10:26:51.0543 0x0f80  IDriverT - ok
10:26:51.0647 0x0f80  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:26:51.0737 0x0f80  idsvc - ok
10:26:51.0779 0x0f80  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:26:51.0807 0x0f80  iirsp - ok
10:26:51.0879 0x0f80  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:26:51.0963 0x0f80  IKEEXT - ok
10:26:52.0013 0x0f80  [ DD512A049BD7B4BCE8A83554C5EFF2C1, FBC44A9EBFCCE0EF4F6D007590158F7852340D3056298A0C1708E3AC30AB6CA9 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:26:52.0040 0x0f80  intelide - ok
10:26:52.0063 0x0f80  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:26:52.0122 0x0f80  intelppm - ok
10:26:52.0157 0x0f80  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:26:52.0234 0x0f80  IPBusEnum - ok
10:26:52.0259 0x0f80  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:26:52.0340 0x0f80  IpFilterDriver - ok
10:26:52.0390 0x0f80  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:26:52.0458 0x0f80  iphlpsvc - ok
10:26:52.0470 0x0f80  IpInIp - ok
10:26:52.0507 0x0f80  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:26:52.0586 0x0f80  IPMIDRV - ok
10:26:52.0610 0x0f80  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:26:52.0688 0x0f80  IPNAT - ok
10:26:52.0725 0x0f80  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:26:52.0790 0x0f80  IRENUM - ok
10:26:52.0811 0x0f80  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:26:52.0847 0x0f80  isapnp - ok
10:26:52.0900 0x0f80  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:26:52.0938 0x0f80  iScsiPrt - ok
10:26:52.0952 0x0f80  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:26:52.0979 0x0f80  iteatapi - ok
10:26:53.0005 0x0f80  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:26:53.0032 0x0f80  iteraid - ok
10:26:53.0061 0x0f80  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:26:53.0091 0x0f80  kbdclass - ok
10:26:53.0120 0x0f80  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:26:53.0192 0x0f80  kbdhid - ok
10:26:53.0233 0x0f80  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
10:26:53.0287 0x0f80  KeyIso - ok
10:26:53.0350 0x0f80  [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:26:53.0411 0x0f80  KSecDD - ok
10:26:53.0474 0x0f80  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:26:53.0622 0x0f80  KtmRm - ok
10:26:53.0682 0x0f80  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:26:53.0750 0x0f80  LanmanServer - ok
10:26:53.0792 0x0f80  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:26:53.0865 0x0f80  LanmanWorkstation - ok
10:26:54.0205 0x0f80  [ ABF90FC5A127F481219B873C1B8DFC1C, 465188183B2848C11743B2A6B987B307D30F636E4958E60766336479473DD121 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:26:54.0235 0x0f80  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
10:26:54.0235 0x0f80  Detect skipped due to KSN trusted
10:26:54.0235 0x0f80  LightScribeService - ok
10:26:54.0277 0x0f80  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:26:54.0336 0x0f80  lltdio - ok
10:26:54.0385 0x0f80  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:26:54.0460 0x0f80  lltdsvc - ok
10:26:54.0487 0x0f80  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:26:54.0640 0x0f80  lmhosts - ok
10:26:54.0692 0x0f80  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:26:54.0727 0x0f80  LSI_FC - ok
10:26:54.0746 0x0f80  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:26:54.0780 0x0f80  LSI_SAS - ok
10:26:54.0799 0x0f80  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:26:54.0835 0x0f80  LSI_SCSI - ok
10:26:54.0851 0x0f80  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:26:54.0924 0x0f80  luafv - ok
10:26:54.0959 0x0f80  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:26:55.0003 0x0f80  Mcx2Svc - ok
10:26:55.0025 0x0f80  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:26:55.0070 0x0f80  mdmxsdk - ok
10:26:55.0105 0x0f80  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
10:26:55.0135 0x0f80  megasas - ok
10:26:55.0177 0x0f80  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
10:26:55.0234 0x0f80  MegaSR - ok
10:26:55.0273 0x0f80  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
10:26:55.0341 0x0f80  MMCSS - ok
10:26:55.0368 0x0f80  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
10:26:55.0438 0x0f80  Modem - ok
10:26:55.0482 0x0f80  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:26:55.0541 0x0f80  monitor - ok
10:26:55.0555 0x0f80  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:26:55.0585 0x0f80  mouclass - ok
10:26:55.0601 0x0f80  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:26:55.0666 0x0f80  mouhid - ok
10:26:55.0700 0x0f80  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:26:55.0739 0x0f80  MountMgr - ok
10:26:55.0792 0x0f80  [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:26:55.0828 0x0f80  MozillaMaintenance - ok
10:26:55.0855 0x0f80  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:26:55.0889 0x0f80  mpio - ok
10:26:55.0927 0x0f80  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:26:55.0988 0x0f80  mpsdrv - ok
10:26:56.0051 0x0f80  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:26:56.0152 0x0f80  MpsSvc - ok
10:26:56.0199 0x0f80  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:26:56.0227 0x0f80  Mraid35x - ok
10:26:56.0267 0x0f80  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:26:56.0328 0x0f80  MRxDAV - ok
10:26:56.0369 0x0f80  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:26:56.0433 0x0f80  mrxsmb - ok
10:26:56.0483 0x0f80  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:26:56.0537 0x0f80  mrxsmb10 - ok
10:26:56.0581 0x0f80  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:26:56.0630 0x0f80  mrxsmb20 - ok
10:26:56.0662 0x0f80  [ AA305CFF241DA187BD5077DE4A2A043D, 1D0FAE34A617E350DA6B0A2380AD4522EFF78F1CC02BE1199023F5CCD465411D ] msahci          C:\Windows\system32\drivers\msahci.sys
10:26:56.0691 0x0f80  msahci - ok
10:26:56.0722 0x0f80  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:26:56.0755 0x0f80  msdsm - ok
10:26:56.0807 0x0f80  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
10:26:56.0880 0x0f80  MSDTC - ok
10:26:56.0914 0x0f80  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:26:56.0988 0x0f80  Msfs - ok
10:26:57.0038 0x0f80  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:26:57.0067 0x0f80  msisadrv - ok
10:26:57.0112 0x0f80  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:26:57.0190 0x0f80  MSiSCSI - ok
10:26:57.0202 0x0f80  msiserver - ok
10:26:57.0236 0x0f80  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:26:57.0307 0x0f80  MSKSSRV - ok
10:26:57.0330 0x0f80  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:26:57.0400 0x0f80  MSPCLOCK - ok
10:26:57.0424 0x0f80  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:26:57.0499 0x0f80  MSPQM - ok
10:26:57.0541 0x0f80  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:26:57.0581 0x0f80  MsRPC - ok
10:26:57.0637 0x0f80  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:26:57.0665 0x0f80  mssmbios - ok
10:26:57.0683 0x0f80  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:26:57.0740 0x0f80  MSTEE - ok
10:26:57.0779 0x0f80  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:26:57.0810 0x0f80  Mup - ok
10:26:57.0872 0x0f80  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
10:26:57.0943 0x0f80  napagent - ok
10:26:57.0995 0x0f80  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:26:58.0038 0x0f80  NativeWifiP - ok
10:26:58.0118 0x0f80  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:26:58.0182 0x0f80  NDIS - ok
10:26:58.0224 0x0f80  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:26:58.0269 0x0f80  NdisTapi - ok
10:26:58.0282 0x0f80  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:26:58.0346 0x0f80  Ndisuio - ok
10:26:58.0392 0x0f80  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:26:58.0455 0x0f80  NdisWan - ok
10:26:58.0502 0x0f80  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:26:58.0563 0x0f80  NDProxy - ok
10:26:58.0605 0x0f80  [ 2969D26EEE289BE7422AA46FC55F4E38, 0128C6C764C9BE01E9C5B272385524361C46C051D9D371D8E06B8493A49250AF ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:26:58.0626 0x0f80  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:26:58.0626 0x0f80  Detect skipped due to KSN trusted
10:26:58.0626 0x0f80  Net Driver HPZ12 - ok
10:26:58.0646 0x0f80  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:26:58.0717 0x0f80  NetBIOS - ok
10:26:58.0766 0x0f80  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:26:58.0837 0x0f80  netbt - ok
10:26:58.0856 0x0f80  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
10:26:58.0888 0x0f80  Netlogon - ok
10:26:58.0957 0x0f80  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
10:26:59.0055 0x0f80  Netman - ok
10:26:59.0103 0x0f80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:26:59.0146 0x0f80  NetMsmqActivator - ok
10:26:59.0164 0x0f80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:26:59.0205 0x0f80  NetPipeActivator - ok
10:26:59.0265 0x0f80  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
10:26:59.0355 0x0f80  netprofm - ok
10:26:59.0381 0x0f80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:26:59.0423 0x0f80  NetTcpActivator - ok
10:26:59.0443 0x0f80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:26:59.0485 0x0f80  NetTcpPortSharing - ok
10:26:59.0683 0x0f80  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
10:26:59.0938 0x0f80  NETw3v32 - ok
10:26:59.0983 0x0f80  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:27:00.0013 0x0f80  nfrd960 - ok
10:27:00.0062 0x0f80  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:27:00.0138 0x0f80  NlaSvc - ok
10:27:00.0192 0x0f80  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:27:00.0270 0x0f80  Npfs - ok
10:27:00.0315 0x0f80  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
10:27:00.0390 0x0f80  nsi - ok
10:27:00.0428 0x0f80  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:27:00.0496 0x0f80  nsiproxy - ok
10:27:00.0619 0x0f80  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:27:00.0732 0x0f80  Ntfs - ok
10:27:00.0778 0x0f80  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:27:00.0895 0x0f80  ntrigdigi - ok
10:27:00.0922 0x0f80  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
10:27:01.0001 0x0f80  Null - ok
10:27:01.0105 0x0f80  [ AE78A7285DF03A277415FC62F8CE8F24, E6CD1195C64E7B111E0F99575074C5FB43363A3FE98EA231ED93D732C6CACB74 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
10:27:01.0205 0x0f80  NVENETFD - ok
10:27:01.0250 0x0f80  [ B0DD52428BF564F5FC5EE331060BE2A6, 67708A45D4779328BFAA6CB920E84416B7DC20910312DC9C78AEA5BDBBED5542 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
10:27:01.0275 0x0f80  NVHDA - ok
10:27:02.0006 0x0f80  [ 9DAC05D828E56801FD6CE5FDFCED64AF, 81CAE071F931A75753434DF86C749353F2EEB28136EB4AFC565A4220CC727697 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:27:03.0110 0x0f80  nvlddmkm - ok
10:27:03.0242 0x0f80  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:27:03.0277 0x0f80  nvraid - ok
10:27:03.0314 0x0f80  [ 0FB6BF3AB170FC5BD403D25E134EAFDE, F0300AD3177E503FA7C9D767D5AA622BB1CA0187CCD7457C55CEAC0E4090309E ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
10:27:03.0377 0x0f80  nvsmu - ok
10:27:03.0417 0x0f80  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:27:03.0448 0x0f80  nvstor - ok
10:27:03.0494 0x0f80  [ 51E7F2C26B6ECE61C5241F1F731EAB2B, FC9C82C17BF4DDFE999194C8C062E10CDEEDD8DEABEEF45D2AE1D0DAEAD314F8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
10:27:03.0535 0x0f80  nvsvc - ok
10:27:03.0562 0x0f80  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:27:03.0601 0x0f80  nv_agp - ok
10:27:03.0612 0x0f80  NwlnkFlt - ok
10:27:03.0628 0x0f80  NwlnkFwd - ok
10:27:03.0663 0x0f80  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
10:27:03.0731 0x0f80  ohci1394 - ok
10:27:03.0794 0x0f80  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:27:03.0828 0x0f80  ose - ok
10:27:03.0923 0x0f80  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:27:04.0036 0x0f80  p2pimsvc - ok
10:27:04.0087 0x0f80  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:27:04.0172 0x0f80  p2psvc - ok
10:27:04.0224 0x0f80  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
10:27:04.0347 0x0f80  Parport - ok
10:27:04.0388 0x0f80  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:27:04.0421 0x0f80  partmgr - ok
10:27:04.0460 0x0f80  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:27:04.0572 0x0f80  Parvdm - ok
10:27:04.0605 0x0f80  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:27:04.0663 0x0f80  PcaSvc - ok
10:27:04.0716 0x0f80  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
10:27:04.0770 0x0f80  pci - ok
10:27:04.0807 0x0f80  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
10:27:04.0837 0x0f80  pciide - ok
10:27:04.0881 0x0f80  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:27:04.0920 0x0f80  pcmcia - ok
10:27:04.0999 0x0f80  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:27:05.0227 0x0f80  PEAUTH - ok
10:27:05.0422 0x0f80  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
10:27:05.0614 0x0f80  pla - ok
10:27:05.0677 0x0f80  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:27:05.0749 0x0f80  PlugPlay - ok
10:27:05.0792 0x0f80  [ BAFC9706BDF425A02B66468AB2605C59, 6F8F7982AD452F0E68D91CCAF05DF152F00FA3D885DCBBBC470199E74F17B1E0 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:27:05.0826 0x0f80  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:27:05.0827 0x0f80  Detect skipped due to KSN trusted
10:27:05.0827 0x0f80  Pml Driver HPZ12 - ok
10:27:05.0890 0x0f80  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:27:05.0984 0x0f80  PNRPAutoReg - ok
10:27:06.0035 0x0f80  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:27:06.0119 0x0f80  PNRPsvc - ok
10:27:06.0190 0x0f80  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:27:06.0291 0x0f80  PolicyAgent - ok
10:27:06.0345 0x0f80  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:27:06.0408 0x0f80  PptpMiniport - ok
10:27:06.0430 0x0f80  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:27:06.0490 0x0f80  Processor - ok
10:27:06.0596 0x0f80  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:27:06.0676 0x0f80  ProfSvc - ok
10:27:06.0702 0x0f80  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
10:27:06.0733 0x0f80  ProtectedStorage - ok
10:27:06.0774 0x0f80  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:27:06.0839 0x0f80  PSched - ok
10:27:06.0947 0x0f80  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:27:07.0063 0x0f80  ql2300 - ok
10:27:07.0094 0x0f80  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:27:07.0126 0x0f80  ql40xx - ok
10:27:07.0175 0x0f80  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
10:27:07.0252 0x0f80  QWAVE - ok
10:27:07.0301 0x0f80  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:27:07.0335 0x0f80  QWAVEdrv - ok
10:27:07.0350 0x0f80  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:27:07.0426 0x0f80  RasAcd - ok
10:27:07.0463 0x0f80  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
10:27:07.0568 0x0f80  RasAuto - ok
10:27:07.0600 0x0f80  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:27:07.0665 0x0f80  Rasl2tp - ok
10:27:07.0721 0x0f80  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
10:27:07.0803 0x0f80  RasMan - ok
10:27:07.0851 0x0f80  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:27:07.0914 0x0f80  RasPppoe - ok
10:27:07.0958 0x0f80  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:27:07.0991 0x0f80  RasSstp - ok
10:27:08.0040 0x0f80  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:27:08.0109 0x0f80  rdbss - ok
10:27:08.0148 0x0f80  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:27:08.0215 0x0f80  RDPCDD - ok
10:27:08.0269 0x0f80  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:27:08.0345 0x0f80  rdpdr - ok
10:27:08.0359 0x0f80  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:27:08.0428 0x0f80  RDPENCDD - ok
10:27:08.0479 0x0f80  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:27:08.0539 0x0f80  RDPWD - ok
10:27:08.0690 0x0f80  [ 0D362785BEF9BDF5A6E1F4628D06716D, DFB22D15BFE57988915C46EA366ECA8B47F663AFC87FD45F7BB2B1C966CCD34A ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
10:27:08.0736 0x0f80  Recovery Service for Windows - ok
10:27:08.0793 0x0f80  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:27:08.0858 0x0f80  RemoteAccess - ok
10:27:08.0903 0x0f80  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:27:08.0967 0x0f80  RemoteRegistry - ok
10:27:09.0056 0x0f80  [ 805AE1F90C64758D19AAA001CF8CBA12, 28E389FD9D8106D922AAD0FF93107C4C2900565480ACD9E909D8C134E39E39A1 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
10:27:09.0099 0x0f80  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
10:27:09.0099 0x0f80  Detect skipped due to KSN trusted
10:27:09.0099 0x0f80  RichVideo - ok
10:27:09.0146 0x0f80  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
10:27:09.0199 0x0f80  RpcLocator - ok
10:27:09.0263 0x0f80  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
10:27:09.0364 0x0f80  RpcSs - ok
10:27:09.0417 0x0f80  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:27:09.0490 0x0f80  rspndr - ok
10:27:09.0524 0x0f80  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
10:27:09.0575 0x0f80  RTSTOR - ok
10:27:09.0602 0x0f80  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
10:27:09.0635 0x0f80  SamSs - ok
10:27:09.0661 0x0f80  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:27:09.0693 0x0f80  sbp2port - ok
10:27:09.0739 0x0f80  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:27:09.0810 0x0f80  SCardSvr - ok
10:27:09.0882 0x0f80  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
10:27:10.0016 0x0f80  Schedule - ok
10:27:10.0041 0x0f80  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:27:10.0092 0x0f80  SCPolicySvc - ok
10:27:10.0136 0x0f80  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
10:27:10.0201 0x0f80  sdbus - ok
10:27:10.0253 0x0f80  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:27:10.0314 0x0f80  SDRSVC - ok
10:27:10.0485 0x0f80  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
10:27:10.0644 0x0f80  SDScannerService - ok
10:27:10.0812 0x0f80  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
10:27:10.0985 0x0f80  SDUpdateService - ok
10:27:11.0039 0x0f80  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
10:27:11.0076 0x0f80  SDWSCService - ok
10:27:11.0119 0x0f80  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:27:11.0223 0x0f80  secdrv - ok
10:27:11.0272 0x0f80  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
10:27:11.0345 0x0f80  seclogon - ok
10:27:11.0366 0x0f80  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
10:27:11.0448 0x0f80  SENS - ok
10:27:11.0490 0x0f80  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:27:11.0613 0x0f80  Serenum - ok
10:27:11.0669 0x0f80  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
10:27:11.0816 0x0f80  Serial - ok
10:27:11.0843 0x0f80  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:27:11.0923 0x0f80  sermouse - ok
10:27:11.0996 0x0f80  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:27:12.0073 0x0f80  SessionEnv - ok
10:27:12.0094 0x0f80  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:27:12.0155 0x0f80  sffdisk - ok
10:27:12.0219 0x0f80  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:27:12.0302 0x0f80  sffp_mmc - ok
10:27:12.0331 0x0f80  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:27:12.0415 0x0f80  sffp_sd - ok
10:27:12.0434 0x0f80  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:27:12.0550 0x0f80  sfloppy - ok
10:27:12.0653 0x0f80  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:27:12.0749 0x0f80  SharedAccess - ok
10:27:12.0803 0x0f80  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:27:12.0860 0x0f80  ShellHWDetection - ok
10:27:12.0906 0x0f80  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:27:12.0945 0x0f80  sisagp - ok
10:27:12.0973 0x0f80  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:27:13.0003 0x0f80  SiSRaid2 - ok
10:27:13.0033 0x0f80  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:27:13.0065 0x0f80  SiSRaid4 - ok
10:27:13.0136 0x0f80  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
10:27:13.0195 0x0f80  SkypeUpdate - ok
10:27:13.0485 0x0f80  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
10:27:13.0857 0x0f80  slsvc - ok
10:27:13.0937 0x0f80  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:27:14.0000 0x0f80  SLUINotify - ok
10:27:14.0047 0x0f80  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:27:14.0102 0x0f80  Smb - ok
10:27:14.0158 0x0f80  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:27:14.0190 0x0f80  SNMPTRAP - ok
10:27:14.0245 0x0f80  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:27:14.0274 0x0f80  spldr - ok
10:27:14.0315 0x0f80  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
10:27:14.0368 0x0f80  Spooler - ok
10:27:14.0425 0x0f80  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:27:14.0501 0x0f80  srv - ok
10:27:14.0539 0x0f80  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:27:14.0598 0x0f80  srv2 - ok
10:27:14.0640 0x0f80  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:27:14.0684 0x0f80  srvnet - ok
10:27:14.0736 0x0f80  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:27:14.0809 0x0f80  SSDPSRV - ok
10:27:14.0846 0x0f80  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
10:27:14.0869 0x0f80  ssmdrv - ok
10:27:14.0900 0x0f80  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:27:14.0952 0x0f80  SstpSvc - ok
10:27:15.0017 0x0f80  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
10:27:15.0102 0x0f80  stisvc - ok
10:27:15.0141 0x0f80  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:27:15.0172 0x0f80  swenum - ok
10:27:15.0225 0x0f80  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
10:27:15.0300 0x0f80  swprv - ok
10:27:15.0323 0x0f80  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:27:15.0350 0x0f80  Symc8xx - ok
10:27:15.0371 0x0f80  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:27:15.0399 0x0f80  Sym_hi - ok
10:27:15.0422 0x0f80  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:27:15.0452 0x0f80  Sym_u3 - ok
10:27:15.0503 0x0f80  [ 00B19F27858F56181EDB58B71A7C67A0, 50810EAD2234F61310A234DC20B7306E6E809CFFE72F7C71FDE89D4068A29853 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:27:15.0541 0x0f80  SynTP - ok
10:27:15.0622 0x0f80  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
10:27:15.0745 0x0f80  SysMain - ok
10:27:15.0800 0x0f80  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:27:15.0844 0x0f80  TabletInputService - ok
10:27:15.0892 0x0f80  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:27:15.0968 0x0f80  TapiSrv - ok
10:27:16.0001 0x0f80  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
10:27:16.0078 0x0f80  TBS - ok
10:27:16.0183 0x0f80  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:27:16.0282 0x0f80  Tcpip - ok
10:27:16.0352 0x0f80  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:27:16.0443 0x0f80  Tcpip6 - ok
10:27:16.0491 0x0f80  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:27:16.0550 0x0f80  tcpipreg - ok
10:27:16.0586 0x0f80  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:27:16.0654 0x0f80  TDPIPE - ok
10:27:16.0673 0x0f80  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:27:16.0751 0x0f80  TDTCP - ok
10:27:16.0801 0x0f80  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:27:16.0860 0x0f80  tdx - ok
10:27:16.0895 0x0f80  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:27:16.0928 0x0f80  TermDD - ok
10:27:16.0987 0x0f80  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
10:27:17.0126 0x0f80  TermService - ok
10:27:17.0181 0x0f80  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
10:27:17.0234 0x0f80  Themes - ok
10:27:17.0254 0x0f80  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
10:27:17.0319 0x0f80  THREADORDER - ok
10:27:17.0368 0x0f80  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
10:27:17.0447 0x0f80  TrkWks - ok
10:27:17.0514 0x0f80  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:27:17.0580 0x0f80  TrustedInstaller - ok
10:27:17.0632 0x0f80  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:27:17.0684 0x0f80  tssecsrv - ok
10:27:17.0720 0x0f80  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:27:17.0751 0x0f80  tunmp - ok
10:27:17.0778 0x0f80  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:27:17.0817 0x0f80  tunnel - ok
10:27:17.0840 0x0f80  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:27:17.0873 0x0f80  uagp35 - ok
10:27:17.0930 0x0f80  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:27:17.0991 0x0f80  udfs - ok
10:27:18.0047 0x0f80  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:27:18.0110 0x0f80  UI0Detect - ok
10:27:18.0149 0x0f80  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:27:18.0180 0x0f80  uliagpkx - ok
10:27:18.0214 0x0f80  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:27:18.0263 0x0f80  uliahci - ok
10:27:18.0283 0x0f80  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:27:18.0315 0x0f80  UlSata - ok
10:27:18.0334 0x0f80  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:27:18.0370 0x0f80  ulsata2 - ok
10:27:18.0418 0x0f80  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:27:18.0486 0x0f80  umbus - ok
10:27:18.0543 0x0f80  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
10:27:18.0628 0x0f80  upnphost - ok
10:27:18.0684 0x0f80  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:27:18.0732 0x0f80  usbccgp - ok
10:27:18.0769 0x0f80  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:27:18.0882 0x0f80  usbcir - ok
10:27:18.0928 0x0f80  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:27:18.0961 0x0f80  usbehci - ok
10:27:19.0007 0x0f80  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:27:19.0053 0x0f80  usbhub - ok
10:27:19.0072 0x0f80  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:27:19.0102 0x0f80  usbohci - ok
10:27:19.0140 0x0f80  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:27:19.0201 0x0f80  usbprint - ok
10:27:19.0248 0x0f80  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:27:19.0302 0x0f80  usbscan - ok
10:27:19.0336 0x0f80  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:27:19.0400 0x0f80  USBSTOR - ok
10:27:19.0437 0x0f80  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:27:19.0485 0x0f80  usbuhci - ok
10:27:19.0537 0x0f80  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:27:19.0588 0x0f80  usbvideo - ok
10:27:19.0630 0x0f80  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
10:27:19.0680 0x0f80  UxSms - ok
10:27:19.0750 0x0f80  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
10:27:19.0845 0x0f80  vds - ok
10:27:19.0893 0x0f80  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:27:19.0952 0x0f80  vga - ok
10:27:19.0977 0x0f80  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:27:20.0046 0x0f80  VgaSave - ok
10:27:20.0070 0x0f80  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:27:20.0099 0x0f80  viaagp - ok
10:27:20.0141 0x0f80  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:27:20.0203 0x0f80  ViaC7 - ok
10:27:20.0234 0x0f80  [ EA1AA6E3ABB3C194FEBA12A46DE8CF2C, 5D395C20D9121EA3970980703D8692380B4D8CFDAAC4FA8A2B352209F49318B7 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:27:20.0262 0x0f80  viaide - ok
10:27:20.0305 0x0f80  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:27:20.0337 0x0f80  volmgr - ok
10:27:20.0404 0x0f80  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:27:20.0453 0x0f80  volmgrx - ok
10:27:20.0500 0x0f80  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:27:20.0546 0x0f80  volsnap - ok
10:27:20.0592 0x0f80  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:27:20.0630 0x0f80  vsmraid - ok
10:27:20.0737 0x0f80  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
10:27:20.0877 0x0f80  VSS - ok
10:27:20.0938 0x0f80  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
10:27:21.0009 0x0f80  W32Time - ok
10:27:21.0042 0x0f80  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:27:21.0158 0x0f80  WacomPen - ok
10:27:21.0186 0x0f80  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:27:21.0248 0x0f80  Wanarp - ok
10:27:21.0280 0x0f80  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:27:21.0337 0x0f80  Wanarpv6 - ok
10:27:21.0397 0x0f80  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:27:21.0470 0x0f80  wcncsvc - ok
10:27:21.0524 0x0f80  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:27:21.0589 0x0f80  WcsPlugInService - ok
10:27:21.0625 0x0f80  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
10:27:21.0654 0x0f80  Wd - ok
10:27:21.0718 0x0f80  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:27:21.0791 0x0f80  Wdf01000 - ok
10:27:21.0819 0x0f80  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:27:21.0902 0x0f80  WdiServiceHost - ok
10:27:21.0914 0x0f80  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:27:21.0982 0x0f80  WdiSystemHost - ok
10:27:22.0034 0x0f80  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
10:27:22.0099 0x0f80  WebClient - ok
10:27:22.0153 0x0f80  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:27:22.0225 0x0f80  Wecsvc - ok
10:27:22.0261 0x0f80  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:27:22.0333 0x0f80  wercplsupport - ok
10:27:22.0381 0x0f80  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:27:22.0448 0x0f80  WerSvc - ok
10:27:22.0510 0x0f80  [ 0ACD399F5DB3DF1B58903CF4949AB5A8, F8FA0A8F631AA8F34A0506F1E5E09DFB6CDA1E9E92207A73A74F1A0E7768C49A ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:27:22.0610 0x0f80  winachsf - ok
10:27:22.0674 0x0f80  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
10:27:22.0724 0x0f80  WinDefend - ok
10:27:22.0757 0x0f80  WinHttpAutoProxySvc - ok
10:27:22.0842 0x0f80  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:27:22.0900 0x0f80  Winmgmt - ok
10:27:23.0024 0x0f80  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:27:23.0188 0x0f80  WinRM - ok
10:27:23.0289 0x0f80  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:27:23.0443 0x0f80  Wlansvc - ok
10:27:23.0624 0x0f80  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:27:23.0767 0x0f80  wlidsvc - ok
10:27:23.0826 0x0f80  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:27:23.0886 0x0f80  WmiAcpi - ok
10:27:23.0940 0x0f80  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:27:23.0997 0x0f80  wmiApSrv - ok
10:27:24.0110 0x0f80  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:27:24.0229 0x0f80  WMPNetworkSvc - ok
10:27:24.0282 0x0f80  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:27:24.0357 0x0f80  WPCSvc - ok
10:27:24.0403 0x0f80  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:27:24.0493 0x0f80  WPDBusEnum - ok
10:27:24.0571 0x0f80  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:27:24.0603 0x0f80  WpdUsb - ok
10:27:24.0720 0x0f80  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:27:24.0813 0x0f80  WPFFontCache_v0400 - ok
10:27:24.0859 0x0f80  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:27:24.0916 0x0f80  ws2ifsl - ok
10:27:24.0953 0x0f80  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
10:27:24.0993 0x0f80  wscsvc - ok
10:27:25.0009 0x0f80  WSearch - ok
10:27:25.0188 0x0f80  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:27:25.0402 0x0f80  wuauserv - ok
10:27:25.0472 0x0f80  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:27:25.0533 0x0f80  WudfPf - ok
10:27:25.0576 0x0f80  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:27:25.0616 0x0f80  WUDFRd - ok
10:27:25.0663 0x0f80  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:27:25.0712 0x0f80  wudfsvc - ok
10:27:25.0754 0x0f80  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
10:27:25.0782 0x0f80  XAudio - ok
10:27:25.0833 0x0f80  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
10:27:25.0921 0x0f80  XAudioService - ok
10:27:25.0983 0x0f80  [ 7D1F3B131D503EF43EE594B5A2B9B427, 307DEC572FBC171D68ED098D73CB6F06754F26E51F8F7DB48035A8CF97AB37D0 ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
10:27:26.0115 0x0f80  yukonwlh - ok
10:27:26.0138 0x0f80  ================ Scan global ===============================
10:27:26.0169 0x0f80  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
10:27:26.0247 0x0f80  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:27:26.0307 0x0f80  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:27:26.0409 0x0f80  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
10:27:26.0513 0x0f80  [ Global ] - ok
10:27:26.0515 0x0f80  ================ Scan MBR ==================================
10:27:26.0533 0x0f80  [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
10:27:26.0843 0x0f80  \Device\Harddisk0\DR0 - ok
10:27:26.0844 0x0f80  ================ Scan VBR ==================================
10:27:26.0852 0x0f80  [ 338F6226E5B985541B16CB1C60A9C70B ] \Device\Harddisk0\DR0\Partition1
10:27:26.0906 0x0f80  \Device\Harddisk0\DR0\Partition1 - ok
10:27:26.0937 0x0f80  [ 54E654373651908B07DD5875447589BB ] \Device\Harddisk0\DR0\Partition2
10:27:26.0955 0x0f80  \Device\Harddisk0\DR0\Partition2 - ok
10:27:26.0956 0x0f80  ================ Scan generic autorun ======================
10:27:27.0096 0x0f80  [ AE567D261D281B51BE55E53A786E8574, 16B4D3483FB299C4E40956900CC3B356689EAC3AA8389E964EB34D721A011129 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:27:27.0193 0x0f80  SynTPEnh - ok
10:27:27.0309 0x0f80  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
10:27:27.0412 0x0f80  Windows Defender - ok
10:27:27.0518 0x0f80  [ F7CF218E5CAA6FC0BB55791AD31E2B3F, 838B99262BA2D8E9049AB8C4EAC29CB99FE8A4D500C33B5B0B0C05015FB9BAC0 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
10:27:27.0552 0x0f80  QlbCtrl.exe - ok
10:27:27.0616 0x0f80  [ AE37F6508716D2DD6122744C46686BEC, 7B56FF8BE142772819E0FD4E9FA6CF9C194D1AF938C7463B1DD4D6C52E1593C2 ] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
10:27:27.0642 0x0f80  HP Health Check Scheduler - ok
10:27:27.0712 0x0f80  [ 8CB896C573FD15AE8B13180DA53E93D2, 47E46D77DF345D5BA970A662376828DB0141CE4A62E7DF40947EB6659CA598BC ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
10:27:27.0798 0x0f80  hpWirelessAssistant - ok
10:27:27.0816 0x0f80  NvCplDaemon - ok
10:27:27.0968 0x0f80  [ 3E23D1F7E91627DBD44AC82077E2BA7C, 09235370B85EF5FEA24F1291B9ADAD805C8D7357A78EF8CE3BA0E913F59145EC ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
10:27:28.0042 0x0f80  avgnt - ok
10:27:28.0370 0x0f80  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
10:27:28.0932 0x0f80  SDTray - ok
10:27:29.0061 0x0f80  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
10:27:29.0091 0x0f80  Avira Systray - ok
10:27:29.0235 0x0f80  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:27:29.0372 0x0f80  Sidebar - ok
10:27:29.0386 0x0f80  WindowsWelcomeCenter - ok
10:27:29.0470 0x0f80  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:27:29.0597 0x0f80  Sidebar - ok
10:27:29.0611 0x0f80  WindowsWelcomeCenter - ok
10:27:29.0683 0x0f80  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
10:27:29.0738 0x0f80  ehTray.exe - ok
10:27:29.0769 0x0f80  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
10:27:29.0813 0x0f80  WMPNSCFG - ok
10:27:29.0844 0x0f80  Skype - ok
10:27:30.0263 0x0f80  [ 2B24F194FC5B657397ECB2923A68350E, B7F36CD6F0C33A2EC09898E35786E2225AC22408C25720E4D5B7A32CCA54940C ] C:\Program Files\CCleaner\CCleaner.exe
10:27:30.0793 0x0f80  CCleaner Monitoring - ok
10:27:30.0842 0x0f80  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.9.460 ), 0x41000 ( enabled : updated )
10:27:30.0853 0x0f80  Win FW state via NFP2: enabled
10:27:31.0043 0x0f80  ============================================================
10:27:31.0043 0x0f80  Scan finished
10:27:31.0043 0x0f80  ============================================================
10:27:31.0069 0x161c  Detected object count: 0
10:27:31.0070 0x161c  Actual detected object count: 0

Alt 14.04.2015, 16:56   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.45268 - Ask.com) <==== ATTENTION


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.04.2015, 09:29   #10
k25391
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Hallo Schrauber,

ich habe versucht, die Anleitungen genau zu befolgen.
Combofix hat mir eine Fehlermeldung hinsichtlich "spybot" ausgegeben, aber da habe ich leider nicht gefunden, wie man es abschalten kann.
Das Notebook hat sich dann selbst heruntergefahren und zum hochfahren etwa 15 min. gebraucht. Dann kam die Meldung "Bitte warte ein paar Sekunden", das hat aber auch mind. 5 min. gedauert. Und dann kam die Fehlermeldung "Can't read catchlog. No such file or directory."

Der logfile sieht so aus:

Code:
ATTFilter
ComboFix 15-04-16.01 - COMPAQ 16.04.2015   9:10.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2814.1596 [GMT 2:00]
ausgeführt von:: c:\users\COMPAQ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS258VWF\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\COMPAQ\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-03-16 bis 2015-04-16  ))))))))))))))))))))))))))))))
.
.
2015-04-16 07:23 . 2015-04-16 07:23	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-16 06:45 . 2015-04-16 06:45	--------	d-----w-	c:\program files\VS Revo Group
2015-04-14 07:37 . 2015-03-14 10:06	9119072	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{74B72DA7-E297-4204-B65A-2B8C99285D5D}\mpengine.dll
2015-04-14 07:37 . 2015-04-14 07:37	--------	d-----w-	c:\programdata\Malwarebytes
2015-04-14 07:36 . 2015-04-14 08:23	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-04-14 07:36 . 2015-04-14 07:36	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-14 07:34 . 2015-04-14 07:34	92888	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-04-04 15:48 . 2015-04-04 15:51	--------	d-----w-	C:\FRST
2015-04-04 13:57 . 2015-04-04 13:57	--------	d-----w-	c:\programdata\Gigaset QuickSync
2015-04-04 13:52 . 2015-04-04 13:52	--------	d-----w-	c:\users\COMPAQ\AppData\Local\Gigaset_Communications_Gm
2015-04-04 13:49 . 2015-04-04 13:49	--------	d-----w-	c:\program files\Gigaset QuickSync
2015-04-04 13:43 . 2015-04-04 13:43	--------	d-----w-	c:\users\COMPAQ\AppData\Local\Downloaded Installations
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-06 04:01 . 2015-03-11 19:02	279040	----a-w-	c:\windows\system32\schannel.dll
2015-03-05 10:21 . 2012-12-17 12:47	136216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-03-05 10:21 . 2012-12-17 12:47	105864	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-02-26 02:01 . 2015-03-11 19:04	3604408	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-02-26 02:01 . 2015-03-11 19:04	3552184	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-02-26 00:18 . 2015-03-11 19:13	2064384	----a-w-	c:\windows\system32\win32k.sys
2015-02-24 03:23 . 2009-10-03 07:58	246920	------w-	c:\windows\system32\MpSigStub.exe
2015-02-21 17:34 . 2015-03-11 18:17	367104	----a-w-	c:\windows\system32\html.iec
2015-02-21 17:28 . 2015-03-11 18:17	1810944	----a-w-	c:\windows\system32\jscript9.dll
2015-02-21 17:21 . 2015-03-11 18:17	1129472	----a-w-	c:\windows\system32\wininet.dll
2015-02-21 17:21 . 2015-03-11 18:17	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2015-02-21 17:19 . 2015-03-11 18:17	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2015-02-21 17:19 . 2015-03-11 18:17	421376	----a-w-	c:\windows\system32\vbscript.dll
2015-02-21 17:18 . 2015-03-11 18:17	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2015-02-21 17:18 . 2015-03-11 18:17	11776	----a-w-	c:\windows\system32\mshta.exe
2015-02-20 02:03 . 2015-03-11 19:05	34304	----a-w-	c:\windows\system32\atmlib.dll
2015-02-20 00:28 . 2015-03-11 19:05	296960	----a-w-	c:\windows\system32\atmfd.dll
2015-02-05 14:25 . 2012-09-10 20:13	701616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-02-05 14:25 . 2011-12-23 23:40	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-29 01:35 . 2015-03-11 19:14	369664	----a-w-	c:\windows\system32\WMPhoto.dll
2015-01-29 01:35 . 2015-03-11 19:14	975360	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-01-21 02:02 . 2015-03-11 19:04	807936	----a-w-	c:\windows\system32\msctf.dll
2012-03-28 20:44 . 2012-03-28 20:44	3993600	----a-w-	c:\program files\GUT7C59.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-01-23 31087200]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-02-19 5503768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-23 13797920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2015-04-07 726320]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2015-03-16 129272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
2009-02-24 15:00	479232	----a-w-	c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2008-09-23 15:21	468264	----a-w-	c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-12-11 08:56	286720	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2007-12-24 13:55	222504	------w-	c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
2008-06-13 17:11	210216	------w-	c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2008-06-13 17:11	210216	------w-	c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]
2008-06-13 17:11	210216	------w-	c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
2008-10-06 19:42	210216	------w-	c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-10 14:25]
.
2015-04-16 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-11-15 10:52]
.
2014-11-16 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-11-15 09:41]
.
2014-11-16 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2014-11-15 09:42]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.spiegel.de/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
uSearchURL,(Default) = hxxp://go.web.de/suchbox/webdesuche?su=%s
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.spiegel.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-hpqSRMon - (no file)
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
MSConfigStartUp-WEB - c:\program files\WEB.DE\LiveUpdate\m2LUTray.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\SMINST\BLService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe
c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe
c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-04-16  09:40:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-04-16 07:38
.
Vor Suchlauf: 9 Verzeichnis(se), 215.791.894.528 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 215.201.120.256 Bytes frei
.
- - End Of File - - 81462CDD2BD5FBC8A827208FA9ACD535
588AE8F0C685C02BA11F30D9CD7E61A0

Alt 16.04.2015, 18:13   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.04.2015, 21:17   #12
k25391
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Hallo Schrauber,
das Notebook braucht jetzt immer sehr lange um hochzufahren, etwa fünf Minuten.
Hier die gewünschten Daten - und vielen Dank für die Geduld!

MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 17.04.2015
Suchlauf-Zeit: 19:49:39
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.17.04
Rootkit Datenbank: v2015.03.31.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: COMPAQ

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 330262
Verstrichene Zeit: 29 Min, 52 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
ATTFilter
# AdwCleaner v4.201 - Bericht erstellt 17/04/2015 um 21:02:32
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-08.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : COMPAQ - COMPAQ-PC
# Gestarted von : C:\Users\COMPAQ\Downloads\AdwCleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

[x] Nicht Gelöscht : C:\Program Files\ShowMyPCService
Ordner Gelöscht : C:\Users\COMPAQ\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\COMPAQ\AppData\Local\PackageAware
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1893805B-1D90-4ACF-BD58-FA96CA693B42}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C4638BAF-ACFB-4A4F-9E4E-D47382F4C43E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1893805B-1D90-4ACF-BD58-FA96CA693B42}
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v9.0.8112.16636


-\\ Mozilla Firefox v33.1.1 (x86 de)

[xsafpu49.default-1422819849905\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");

*************************

AdwCleaner[R0].txt - [2725 Bytes] - [17/04/2015 20:41:11]
AdwCleaner[R1].txt - [2784 Bytes] - [17/04/2015 20:56:41]
AdwCleaner[R2].txt - [2775 Bytes] - [17/04/2015 21:00:47]
AdwCleaner[S0].txt - [2707 Bytes] - [17/04/2015 21:02:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2766  Bytes] ##########

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.8 (04.17.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by COMPAQ on 17.04.2015 at 21:30:16,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\classes\typelib\{006ad7b2-968a-11de-88c9-5bde55d89593}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{02BEB76C-FD85-488D-824A-490C9D3C0896}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{02BEB76C-FD85-488D-824A-490C9D3C0896}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\COMPAQ\AppData\Roaming\mozilla\firefox\profiles\xsafpu49.default-1422819849905\extensions\toolbar@web.de





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.04.2015 at 21:34:43,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-04-2015 04
Ran by COMPAQ (administrator) on COMPAQ-PC on 17-04-2015 21:47:30
Running from C:\Users\COMPAQ\Downloads
Loaded Profiles: COMPAQ (Available profiles: COMPAQ)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Users\COMPAQ\Desktop\Desktop\ShowMyPC3055.exe
(ShowMyPC) C:\Users\COMPAQ\AppData\Local\Temp\IXP003.TMP\SMPCSetup.exe
(Simon Tatham) C:\Users\COMPAQ\AppData\Local\Temp\IXP003.TMP\spcplink.exe
(TightVNC Group) C:\Users\COMPAQ\AppData\Local\Temp\IXP003.TMP\smwinvnc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {F984C8C7-0FB4-4E22-AC3F-507BBA566358} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> F7B7846F6FD142C988F9AAAC5202D175 URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7SUNC_deDE355
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {9122BE4A-A717-4D62-AB26-E01C0BEF14B5} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {F984C8C7-0FB4-4E22-AC3F-507BBA566358} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-07-17] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-07-16] (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-25]
FF HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: No Name - C:\Users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905\extensions\toolbar@web.de [Not Found]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [815352 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1004032 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
S2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2013-04-25] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-17 21:47 - 2015-04-17 21:48 - 00016121 _____ () C:\Users\COMPAQ\Downloads\FRST.txt
2015-04-17 21:46 - 2015-04-17 21:46 - 01137152 _____ (Farbar) C:\Users\COMPAQ\Downloads\FRST.exe
2015-04-17 21:34 - 2015-04-17 21:34 - 00001306 _____ () C:\Users\COMPAQ\Desktop\JRT.txt
2015-04-17 21:30 - 2015-04-17 21:30 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-COMPAQ-PC-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-04-17 21:30 - 2015-04-17 21:30 - 00000000 ____D () C:\RegBackup
2015-04-17 21:22 - 2015-04-17 21:25 - 02686254 _____ (Thisisu) C:\Users\COMPAQ\Downloads\JRT.exe
2015-04-17 20:59 - 2015-04-17 21:00 - 02217984 _____ () C:\Users\COMPAQ\Downloads\AdwCleaner_4.201.exe
2015-04-17 20:37 - 2015-04-17 21:03 - 00000000 ____D () C:\AdwCleaner
2015-04-17 19:45 - 2015-04-17 19:45 - 00000859 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-17 19:45 - 2015-04-17 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-17 19:45 - 2015-04-17 19:45 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-04-17 19:45 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-17 19:45 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-16 10:42 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 10:30 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 10:30 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 10:30 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 10:29 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 10:29 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-16 10:29 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:40 - 2015-04-16 09:40 - 00013898 _____ () C:\ComboFix.txt
2015-04-16 09:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-16 09:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-16 09:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-16 09:00 - 2015-04-16 09:41 - 00000000 ____D () C:\Qoobox
2015-04-16 09:00 - 2015-04-16 09:32 - 00000000 ____D () C:\Windows\erdnt
2015-04-16 08:51 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-16 08:51 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-16 08:51 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-16 08:51 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-16 08:51 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-16 08:51 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-16 08:51 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-16 08:51 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-16 08:51 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-16 08:51 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-16 08:45 - 2015-04-16 08:45 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-04-14 09:37 - 2015-04-17 19:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-14 09:36 - 2015-04-17 21:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-14 09:36 - 2015-04-14 10:23 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-14 09:34 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-11 16:46 - 2015-04-17 21:10 - 00168236 _____ () C:\Windows\PFRO.log
2015-04-04 17:52 - 2015-04-04 17:52 - 00038022 _____ () C:\Users\COMPAQ\Documents\Addition.txt
2015-04-04 17:48 - 2015-04-17 21:47 - 00000000 ____D () C:\FRST
2015-04-04 15:57 - 2015-04-04 15:57 - 00000000 ____D () C:\ProgramData\Gigaset QuickSync
2015-04-04 15:52 - 2015-04-04 15:52 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Gigaset_Communications_Gm
2015-04-04 15:49 - 2015-04-04 15:49 - 00001821 _____ () C:\Users\Public\Desktop\Gigaset QuickSync.lnk
2015-04-04 15:49 - 2015-04-04 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync
2015-04-04 15:49 - 2015-04-04 15:49 - 00000000 ____D () C:\Program Files\Gigaset QuickSync
2015-04-04 15:43 - 2015-04-04 15:43 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Downloaded Installations

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-17 21:47 - 2011-01-01 19:00 - 00000000 ____D () C:\Users\COMPAQ\AppData\Roaming\Skype
2015-04-17 21:33 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-17 21:33 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-17 21:25 - 2012-09-10 22:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-17 21:22 - 2009-09-07 11:13 - 01300328 _____ () C:\Windows\WindowsUpdate.log
2015-04-17 21:17 - 2006-11-02 12:33 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-17 21:11 - 2014-11-15 21:06 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-04-17 21:11 - 2009-09-14 18:58 - 00031966 _____ () C:\ProgramData\nvModes.dat
2015-04-17 21:11 - 2009-09-14 18:58 - 00031966 _____ () C:\ProgramData\nvModes.001
2015-04-17 21:10 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 21:05 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-17 20:40 - 2011-02-10 22:30 - 00000600 _____ () C:\Users\COMPAQ\AppData\Local\PUTTY.RND
2015-04-17 20:26 - 2012-09-10 22:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-17 20:26 - 2011-12-24 01:40 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-16 10:42 - 2013-08-15 14:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 10:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-16 10:31 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-16 09:41 - 2011-09-05 15:45 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Apps\2.0
2015-04-16 09:41 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2015-04-16 09:41 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2015-04-16 09:28 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2015-04-11 17:46 - 2009-10-17 17:04 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2015-04-11 16:53 - 2014-10-20 11:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 16:53 - 2012-12-18 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-11 16:53 - 2012-12-17 14:47 - 00000000 ____D () C:\Program Files\Avira
2015-04-07 18:37 - 2012-12-17 14:55 - 00000000 ____D () C:\Users\COMPAQ\AppData\Roaming\Avira
2015-04-07 18:35 - 2012-06-08 14:59 - 00000000 ____D () C:\ProgramData\Avira
2015-04-04 17:36 - 2009-09-07 11:58 - 00000000 ____D () C:\Users\COMPAQ
2015-04-04 16:08 - 2009-09-22 20:16 - 00012800 _____ () C:\Users\COMPAQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories =======

2012-03-28 22:44 - 2012-03-28 22:44 - 3993600 _____ () C:\Program Files\GUT7C59.tmp
2010-07-16 17:15 - 2010-07-16 17:15 - 0000268 ___RH () C:\Users\COMPAQ\AppData\Roaming\Textures
2010-07-16 17:19 - 2010-07-16 17:19 - 0000268 ___RH () C:\Users\COMPAQ\AppData\Roaming\Track Settings
2009-09-09 17:08 - 2013-12-04 00:36 - 0000392 _____ () C:\Users\COMPAQ\AppData\Roaming\wklnhst.dat
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\AtStart.txt
2010-03-05 20:53 - 2012-12-15 00:39 - 0007808 _____ () C:\Users\COMPAQ\AppData\Local\d3d9caps.dat
2009-09-22 20:16 - 2015-04-04 16:08 - 0012800 _____ () C:\Users\COMPAQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\DSwitch.txt
2011-02-10 22:30 - 2015-04-17 20:40 - 0000600 _____ () C:\Users\COMPAQ\AppData\Local\PUTTY.RND
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\QSwitch.txt
2011-07-25 00:58 - 2011-07-25 00:58 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\{D41DDEB0-E855-4C54-B9AB-B9F40547BA67}
2009-09-07 11:28 - 2013-03-23 16:40 - 0000248 _____ () C:\ProgramData\hpqp.ini
2009-11-02 12:43 - 2013-05-13 19:55 - 0000021 _____ () C:\ProgramData\hpqp.txt
2009-09-25 19:25 - 2012-02-02 14:52 - 0004978 _____ () C:\ProgramData\hpzinstall.log
2009-09-14 18:58 - 2015-04-17 21:11 - 0031966 _____ () C:\ProgramData\nvModes.001
2009-09-14 18:58 - 2015-04-17 21:11 - 0031966 _____ () C:\ProgramData\nvModes.dat
2010-07-16 17:15 - 2013-03-04 16:04 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2010-07-16 17:19 - 2012-09-24 18:43 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
2010-07-16 17:15 - 2010-07-16 17:15 - 0000268 ___RH () C:\ProgramData\Transportation
2010-07-16 17:19 - 2010-07-16 17:19 - 0000268 ___RH () C:\ProgramData\Tremolo
2010-07-16 17:15 - 2010-07-16 17:15 - 0000012 ___RH () C:\ProgramData\URLs
2010-07-16 17:19 - 2010-07-16 17:19 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2009-09-07 11:32 - 2009-09-07 11:32 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2008-10-26 16:52 - 2008-10-26 16:52 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-07 11:31 - 2009-09-07 11:31 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2008-10-26 16:45 - 2008-10-26 16:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-07 11:29 - 2009-09-07 11:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-09-07 11:32 - 2009-09-07 11:32 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2008-10-26 16:43 - 2008-10-26 16:44 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2008-10-26 16:46 - 2008-10-26 16:52 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-09-07 11:32 - 2009-09-07 11:33 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\COMPAQ\AppData\Local\Temp\avgnt.exe
C:\Users\COMPAQ\AppData\Local\Temp\Quarantine.exe
C:\Users\COMPAQ\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-17 21:25

==================== End Of Log ============================
--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-04-2015 04
Ran by COMPAQ at 2015-04-17 21:48:50
Running from C:\Users\COMPAQ\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adblock Plus für IE (32-Bit) (HKLM\...\{A2C33E25-4A8E-43F7-8998-BBEB690F1AB1}) (Version: 1.3 - Eyeo GmbH)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Avira (HKLM\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
BufferChm (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.0.0 - Conexant)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (Version: 110.0.238.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (Version: 110.0.238.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4220_ProductContext (Version: 110.0.238.000 - Hewlett-Packard) Hidden
ElsterFormular (HKLM\...\ElsterFormular 11.4.1.4323) (Version: 11.4.1.4323 - Landesfinanzdirektion Thüringen)
ElsterFormular-Upgrade (HKLM\...\ElsterFormular für Privatanwender 12.3.2.6814p) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (Version: 110.0.238.000 - Ihr Firmenname) Hidden
F4210_Help (Version: 110.0.238.000 - Hewlett-Packard) Hidden
File Uploader (HKLM\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.1 - Nikon)
Gigaset QuickSync (HKLM\...\{b49e8cfb-f094-4467-925a-97c23972cb50}) (Version: 8.3.0868.3 - Gigaset Communications GmbH)
GPBaseService (Version: 110.0.180.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version:  - )
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Customer Participation Program 11.0 (HKLM\...\HPExtendedCapabilities) (Version: 11.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.1.0 - Hewlett-Packard Company)
HP Imaging Device Functions 11.0 (HKLM\...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
Lager (Version: 1.0.0.0 - Hewlett-Packard) Hidden
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MarketResearch (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.5.0 - Nikon)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.6 - Nikon)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM\...\{E0D51394-1D45-460A-B62D-383BC4F8B335}) (Version: 7.3.1.70 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 11.0 - HP)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SmartWebPrinting (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Toolbox (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden
VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.4.0 - Nikon)
Web Launcher (HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\fc3ac04dc8eedef7) (Version: 1.0.0.20 - ShowMyPC)
WebReg (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{80A95F12-94C2-4B1D-8AE3-F0CBE5E96E85}\InprocServer32 -> C:\Users\COMPAQ\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000_Classes\CLSID\{EB959CA4-408B-4465-9CF5-7EBA7B885153}\InprocServer32 -> C:\Users\COMPAQ\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAS~1.DLL No File

==================== Restore Points  =========================

12-02-2015 15:37:35 Windows Update
12-02-2015 15:58:39 Windows Update
16-02-2015 15:17:20 Windows Update
16-02-2015 15:48:54 Windows Update
20-02-2015 19:17:30 Windows Update
24-02-2015 19:34:39 Windows Update
27-02-2015 19:42:18 Windows Update
03-03-2015 15:48:33 Windows Update
05-03-2015 13:11:32 Geplanter Prüfpunkt
06-03-2015 20:39:08 Windows Update
11-03-2015 20:02:10 Windows Update
11-03-2015 20:58:54 Windows Update
17-03-2015 01:00:55 Geplanter Prüfpunkt
17-03-2015 19:44:24 Windows Update
21-03-2015 18:09:10 Windows Update
27-03-2015 19:18:43 Windows Update
31-03-2015 21:45:50 Windows Update
04-04-2015 15:43:50 Installed Gigaset QuickSync.
04-04-2015 15:59:47 Windows Update
06-04-2015 13:06:25 Geplanter Prüfpunkt
07-04-2015 18:37:17 Windows Update
11-04-2015 17:01:48 Windows Update
16-04-2015 08:52:07 Revo Uninstaller's restore point - Avira SearchFree Toolbar plus Web Protection Updater
16-04-2015 08:53:35 Revo Uninstaller's restore point - Avira SearchFree Toolbar plus Web Protection Updater
16-04-2015 10:23:10 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2015-04-16 09:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {069573E5-2D93-49E5-AE1E-B0FDFD50E00C} - System32\Tasks\{53B1A1CC-B9A7-4F7F-8D2B-ED3D11FC8932} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {0ECD0360-2D32-4D6F-8CF4-3F401236EDEB} - System32\Tasks\{20BFD99F-D596-4D96-8DB7-F97DB4F9A1B0} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111.259/en/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {21F694FE-2A6D-4B2B-A697-15DA44680B37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {2784FBC6-7CDB-423E-A8F1-6ED990FF8D02} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {28C3BA5F-E093-459A-8251-2A700D96F18E} - System32\Tasks\{1AE98456-DAD8-4A8E-AE0B-9B41A96CF8A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {2BB980C4-66AD-45CE-AA65-9C28740CBE5F} - System32\Tasks\{2EBC2EB7-BF3D-4F83-B086-2A7C253842B7} => pcalua.exe -a "C:\Users\COMPAQ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D650QA4N\msvbvm50[1].exe" -d C:\Users\COMPAQ\Desktop\Desktop
Task: {37ECF2E5-4175-4A42-83C8-6FB3605ADBDC} - System32\Tasks\{594F396F-1B8A-4C15-8883-708DE1A5572E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/privacy
Task: {3CC5237E-5EF8-43C1-B327-DF3C11F8C05D} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {3E3376A3-17EA-45A4-A122-65B92B31EFDC} - System32\Tasks\{0E45A6AC-6249-4417-8E9A-FA8F59C5B602} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/eula
Task: {5C6E0410-D563-4D33-A139-B19AA9E6556A} - System32\Tasks\{A403AAF8-6BF2-4AA4-9BAE-181E99DF7C0D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.152.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {7089947B-2359-4472-8784-8CFB49534457} - System32\Tasks\{CEA72B26-C555-48E2-B25E-4DEFFCD80F70} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {7347E749-993E-4DB4-8D9E-BC81E3244EDA} - System32\Tasks\{E4A09C9B-6AFD-4455-9058-D3E4EF85BE63} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:offered-installed,google-chrome:notoffered;toolbaroffered
Task: {8242393F-2DF5-49DC-8F06-9F1F4192A971} - System32\Tasks\{D724DEF5-8284-4D19-A176-B22C73AFD1F1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {8B0048CE-6320-4537-884F-F40822239591} - System32\Tasks\{8F63F147-4622-4745-9078-7A635D250201} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {966DE398-118A-472C-92C7-17367C4B6A6E} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {A80BE85D-DBBD-4D6A-803E-F8544CEE71A1} - System32\Tasks\{A3DDBBDF-D5B8-43C5-9D85-5B89D7A053A9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsMain
Task: {AD3E797D-0EFE-4B43-9CE1-2ACC41C4108A} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - COMPAQ => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {B2D27570-1B75-4983-9C7C-7BEB9FA2A574} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B9CD596B-8652-4CBE-9D9E-B07EEA450E65} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C595BB96-C42B-4304-832A-89F2955AEFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {CDB5D68F-55FF-4158-9284-D4A5E7D64042} - System32\Tasks\{36E6A434-A4C2-455D-9E59-243CF0C89458} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {D4F918C4-09E9-4990-BAC0-FCDD0C6ABD59} - System32\Tasks\{6161185A-D5E9-41AC-9CAC-D17E38A806F6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;alreadyoffered
Task: {DB6F04E1-8CD5-4372-9C61-A7DC5B18D3F1} - System32\Tasks\{9D4CC22C-0D91-48E7-9752-41093BB3C19D} => C:\Program Files\Skype\\Phone\Skype.exe [2015-01-23] (Skype Technologies S.A.)
Task: {DC44E2FE-D436-4E0E-A2E6-427D8F0336B9} - System32\Tasks\{87010094-4D74-481D-BE13-33B8C56116CD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/eula
Task: {EB32A578-D9F1-422B-8230-7D3FF262B8BC} - System32\Tasks\{0ED92DB1-958D-426D-97B7-E258304BEC31} => pcalua.exe -a E:\setup.exe -d E:\
Task: {F08EABE8-10BF-4684-8E67-05B2EC8CCB2F} - System32\Tasks\{9A2C7FC4-E4F5-48F6-A403-3F8E0ADD7E40} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/de/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-15 21:04 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-15 21:04 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-15 21:04 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-15 21:04 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-15 21:04 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Control Panel\Desktop\\Wallpaper -> C:\ALLES, was wir haben\Fotos\2010-12 Argentinien-Fotos Andrea\P1020742.JPG
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: BBUpdate => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Nikon Transfer Monitor => C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDIRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

==================== Accounts: =============================

Administrator (S-1-5-21-1856033268-2380134389-1329949605-500 - Administrator - Disabled)
COMPAQ (S-1-5-21-1856033268-2380134389-1329949605-1000 - Administrator - Enabled) => C:\Users\COMPAQ
Gast (S-1-5-21-1856033268-2380134389-1329949605-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\DESKTOP.INI> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\LOW\HISTORY.IE5\DESKTOP.INI> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\LOW\HISTORY.IE5\MSHIST012015041720150418> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\DESKTOP.INI> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\DESKTOP.INI> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\DESKTOP.INI> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\INTERNET EXPLORER\ICONCACHE\8K4G5Z0> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\INTERNET EXPLORER\ICONCACHE\8K4G5Z0> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015041720150418> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/16/2015 10:42:14 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4


System errors:
=============
Error: (04/17/2015 09:31:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: HP Health Check Service1600001Neustart des Diensts

Error: (04/17/2015 09:31:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Com4QLBEx1

Error: (04/17/2015 09:31:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Presentation Foundation Font Cache 4.0.0.0101Neustart des Diensts

Error: (04/17/2015 09:31:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Player-Netzwerkfreigabedienst1300001Neustart des Diensts

Error: (04/17/2015 09:31:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqwmiex1

Error: (04/17/2015 09:31:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Spybot-S&D 2 Security Center Service1600001Neustart des Diensts

Error: (04/17/2015 09:31:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Avira Service Host1100001Neustart des Diensts

Error: (04/17/2015 09:31:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: XAudioService1

Error: (04/17/2015 09:31:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Spybot-S&D 2 Updating Service1600001Neustart des Diensts

Error: (04/17/2015 09:31:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Spybot-S&D 2 Scanner Service1600001Neustart des Diensts


Microsoft Office Sessions:
=========================
Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\DESKTOP.INI

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\LOW\HISTORY.IE5\DESKTOP.INI

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\LOW\HISTORY.IE5\MSHIST012015041720150418

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\DESKTOP.INI

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\DESKTOP.INI

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\DESKTOP.INI

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\INTERNET EXPLORER\ICONCACHE\8K4G5Z0

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\INTERNET EXPLORER\ICONCACHE\8K4G5Z0

Error: (04/17/2015 09:04:06 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\COMPAQ\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015041720150418

Error: (04/16/2015 10:42:14 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4


CodeIntegrity Errors:
===================================
  Date: 2015-04-17 21:48:37.991
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 21:48:36.384
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 21:48:34.816
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 21:48:33.185
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 21:16:34.623
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 20:57:25.482
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 20:03:16.131
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 20:03:14.172
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 20:03:12.192
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-17 20:03:10.010
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon Dual-Core QL-65
Percentage of memory in use: 46%
Total physical RAM: 2813.5 MB
Available physical RAM: 1513.25 MB
Total Pagefile: 5857.47 MB
Available Pagefile: 4302.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.56 GB) (Free:198.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.53 GB) (Free:1.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 627525ED)
Partition 1: (Active) - (Size=287.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 18.04.2015, 19:53   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Seit wann genau ist das so?



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.04.2015, 22:26   #14
k25391
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Hallo Schrauber,

das hochfahren hat seit ein paar Monaten schon immer länger gedauert als früher, aber seit etwa 2 Tagen dauert es eben die besagten ca. 5 min.

Ich bin ab morgen für etwa eine Woche im Urlaub. Ist es möglich, dieses Thema hier danach weiterzuführen, falls es noch nicht okay ist?

Hier noch die logfiles laut Anweisung.

Vielen Dank und viele Grüße

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=bf6d64247d650a459139fbf70de5b26d
# engine=23456
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-19 08:44:31
# local_time=2015-04-19 10:44:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 187554 267008999 0 0
# scanned=182120
# found=0
# cleaned=0
# scan_time=8820
Code:
ATTFilter
Results of screen317's Security Check version 1.00  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 CCleaner     
 Java version 32-bit out of Date! 
 Adobe Flash Player 	17.0.0.169  
 Adobe Reader 10.1.13 Adobe Reader out of Date!  
 Mozilla Firefox 33.1.1 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Spybot Teatimer.exe is disabled! 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-04-2015 01
Ran by COMPAQ (administrator) on COMPAQ-PC on 19-04-2015 23:14:23
Running from C:\Users\COMPAQ\Downloads
Loaded Profiles: COMPAQ (Available profiles: COMPAQ)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Users\COMPAQ\Desktop\Desktop\ShowMyPC3055.exe
(ShowMyPC) C:\Users\COMPAQ\AppData\Local\Temp\IXP003.TMP\SMPCSetup.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe
(Simon Tatham) C:\Users\COMPAQ\AppData\Local\Temp\IXP003.TMP\spcplink.exe
(TightVNC Group) C:\Users\COMPAQ\AppData\Local\Temp\IXP003.TMP\smwinvnc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\COMPAQ\Downloads\FRST (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {F984C8C7-0FB4-4E22-AC3F-507BBA566358} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> DefaultScope F7B7846F6FD142C988F9AAAC5202D175 URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7SUNC_deDE355
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> F7B7846F6FD142C988F9AAAC5202D175 URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7SUNC_deDE355
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {9122BE4A-A717-4D62-AB26-E01C0BEF14B5} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> {F984C8C7-0FB4-4E22-AC3F-507BBA566358} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-1856033268-2380134389-1329949605-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-07-17] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-07-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-07-16] (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-25]
FF HKU\S-1-5-21-1856033268-2380134389-1329949605-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: No Name - C:\Users\COMPAQ\AppData\Roaming\Mozilla\Firefox\Profiles\xsafpu49.default-1422819849905\extensions\toolbar@web.de [Not Found]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [815352 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1004032 2015-04-07] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2013-04-25] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 23:12 - 2015-04-19 23:12 - 01137664 _____ (Farbar) C:\Users\COMPAQ\Downloads\FRST (1).exe
2015-04-19 23:00 - 2015-04-19 23:00 - 00852616 _____ () C:\Users\COMPAQ\Downloads\SecurityCheck.exe
2015-04-19 20:06 - 2015-04-19 20:07 - 02347384 _____ (ESET) C:\Users\COMPAQ\Downloads\esetsmartinstaller_deu.exe
2015-04-17 21:48 - 2015-04-17 21:51 - 00039991 _____ () C:\Users\COMPAQ\Downloads\Addition.txt
2015-04-17 21:47 - 2015-04-19 23:14 - 00018106 _____ () C:\Users\COMPAQ\Downloads\FRST.txt
2015-04-17 21:46 - 2015-04-17 21:46 - 01137152 _____ (Farbar) C:\Users\COMPAQ\Downloads\FRST.exe
2015-04-17 21:34 - 2015-04-17 21:34 - 00001306 _____ () C:\Users\COMPAQ\Desktop\JRT.txt
2015-04-17 21:30 - 2015-04-17 21:30 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-COMPAQ-PC-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-04-17 21:30 - 2015-04-17 21:30 - 00000000 ____D () C:\RegBackup
2015-04-17 21:22 - 2015-04-17 21:25 - 02686254 _____ (Thisisu) C:\Users\COMPAQ\Downloads\JRT.exe
2015-04-17 20:59 - 2015-04-17 21:00 - 02217984 _____ () C:\Users\COMPAQ\Downloads\AdwCleaner_4.201.exe
2015-04-17 20:37 - 2015-04-17 21:03 - 00000000 ____D () C:\AdwCleaner
2015-04-17 19:45 - 2015-04-17 19:45 - 00000859 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-17 19:45 - 2015-04-17 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-17 19:45 - 2015-04-17 19:45 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-04-17 19:45 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-17 19:45 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-16 10:42 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 10:30 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 10:30 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 10:30 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 10:29 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 10:29 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-16 10:29 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:40 - 2015-04-16 09:40 - 00013898 _____ () C:\ComboFix.txt
2015-04-16 09:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-16 09:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-16 09:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-16 09:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-16 09:00 - 2015-04-16 09:41 - 00000000 ____D () C:\Qoobox
2015-04-16 09:00 - 2015-04-16 09:32 - 00000000 ____D () C:\Windows\erdnt
2015-04-16 08:51 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-16 08:51 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-16 08:51 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-16 08:51 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-16 08:51 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-16 08:51 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-16 08:51 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-16 08:51 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-16 08:51 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-16 08:51 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-16 08:51 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-16 08:51 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-16 08:45 - 2015-04-16 08:45 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-04-14 09:37 - 2015-04-17 19:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-14 09:36 - 2015-04-19 23:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-14 09:36 - 2015-04-14 10:23 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-14 09:34 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-11 16:46 - 2015-04-17 21:10 - 00168236 _____ () C:\Windows\PFRO.log
2015-04-04 17:52 - 2015-04-04 17:52 - 00038022 _____ () C:\Users\COMPAQ\Documents\Addition.txt
2015-04-04 17:48 - 2015-04-19 23:14 - 00000000 ____D () C:\FRST
2015-04-04 15:57 - 2015-04-04 15:57 - 00000000 ____D () C:\ProgramData\Gigaset QuickSync
2015-04-04 15:52 - 2015-04-04 15:52 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Gigaset_Communications_Gm
2015-04-04 15:49 - 2015-04-04 15:49 - 00001821 _____ () C:\Users\Public\Desktop\Gigaset QuickSync.lnk
2015-04-04 15:49 - 2015-04-04 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync
2015-04-04 15:49 - 2015-04-04 15:49 - 00000000 ____D () C:\Program Files\Gigaset QuickSync
2015-04-04 15:43 - 2015-04-04 15:43 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Downloaded Installations

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 23:14 - 2011-01-01 19:00 - 00000000 ____D () C:\Users\COMPAQ\AppData\Roaming\Skype
2015-04-19 22:25 - 2012-09-10 22:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 22:09 - 2009-09-07 11:13 - 01326666 _____ () C:\Windows\WindowsUpdate.log
2015-04-19 22:05 - 2011-02-10 22:30 - 00000600 _____ () C:\Users\COMPAQ\AppData\Local\PUTTY.RND
2015-04-19 21:31 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-19 21:31 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-19 13:38 - 2006-11-02 12:33 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-19 13:32 - 2009-09-14 18:58 - 00031966 _____ () C:\ProgramData\nvModes.001
2015-04-19 13:31 - 2014-11-15 21:06 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-04-19 13:31 - 2009-09-14 18:58 - 00031966 _____ () C:\ProgramData\nvModes.dat
2015-04-19 13:31 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 22:36 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-17 20:26 - 2012-09-10 22:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-17 20:26 - 2011-12-24 01:40 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-16 10:42 - 2013-08-15 14:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 10:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-16 10:31 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-16 09:41 - 2011-09-05 15:45 - 00000000 ____D () C:\Users\COMPAQ\AppData\Local\Apps\2.0
2015-04-16 09:41 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2015-04-16 09:41 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2015-04-16 09:28 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2015-04-11 17:46 - 2009-10-17 17:04 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2015-04-11 16:53 - 2014-10-20 11:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 16:53 - 2012-12-18 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-11 16:53 - 2012-12-17 14:47 - 00000000 ____D () C:\Program Files\Avira
2015-04-07 18:37 - 2012-12-17 14:55 - 00000000 ____D () C:\Users\COMPAQ\AppData\Roaming\Avira
2015-04-07 18:35 - 2012-06-08 14:59 - 00000000 ____D () C:\ProgramData\Avira
2015-04-04 17:36 - 2009-09-07 11:58 - 00000000 ____D () C:\Users\COMPAQ
2015-04-04 16:08 - 2009-09-22 20:16 - 00012800 _____ () C:\Users\COMPAQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories =======

2012-03-28 22:44 - 2012-03-28 22:44 - 3993600 _____ () C:\Program Files\GUT7C59.tmp
2010-07-16 17:15 - 2010-07-16 17:15 - 0000268 ___RH () C:\Users\COMPAQ\AppData\Roaming\Textures
2010-07-16 17:19 - 2010-07-16 17:19 - 0000268 ___RH () C:\Users\COMPAQ\AppData\Roaming\Track Settings
2009-09-09 17:08 - 2013-12-04 00:36 - 0000392 _____ () C:\Users\COMPAQ\AppData\Roaming\wklnhst.dat
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\AtStart.txt
2010-03-05 20:53 - 2012-12-15 00:39 - 0007808 _____ () C:\Users\COMPAQ\AppData\Local\d3d9caps.dat
2009-09-22 20:16 - 2015-04-04 16:08 - 0012800 _____ () C:\Users\COMPAQ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\DSwitch.txt
2011-02-10 22:30 - 2015-04-19 22:05 - 0000600 _____ () C:\Users\COMPAQ\AppData\Local\PUTTY.RND
2009-09-07 12:14 - 2009-09-07 12:14 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\QSwitch.txt
2011-07-25 00:58 - 2011-07-25 00:58 - 0000000 _____ () C:\Users\COMPAQ\AppData\Local\{D41DDEB0-E855-4C54-B9AB-B9F40547BA67}
2009-09-07 11:28 - 2013-03-23 16:40 - 0000248 _____ () C:\ProgramData\hpqp.ini
2009-11-02 12:43 - 2013-05-13 19:55 - 0000021 _____ () C:\ProgramData\hpqp.txt
2009-09-25 19:25 - 2012-02-02 14:52 - 0004978 _____ () C:\ProgramData\hpzinstall.log
2009-09-14 18:58 - 2015-04-19 13:32 - 0031966 _____ () C:\ProgramData\nvModes.001
2009-09-14 18:58 - 2015-04-19 13:31 - 0031966 _____ () C:\ProgramData\nvModes.dat
2010-07-16 17:15 - 2013-03-04 16:04 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2010-07-16 17:19 - 2012-09-24 18:43 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
2010-07-16 17:15 - 2010-07-16 17:15 - 0000268 ___RH () C:\ProgramData\Transportation
2010-07-16 17:19 - 2010-07-16 17:19 - 0000268 ___RH () C:\ProgramData\Tremolo
2010-07-16 17:15 - 2010-07-16 17:15 - 0000012 ___RH () C:\ProgramData\URLs
2010-07-16 17:19 - 2010-07-16 17:19 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2009-09-07 11:32 - 2009-09-07 11:32 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2008-10-26 16:52 - 2008-10-26 16:52 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-07 11:31 - 2009-09-07 11:31 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2008-10-26 16:45 - 2008-10-26 16:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-07 11:29 - 2009-09-07 11:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-09-07 11:32 - 2009-09-07 11:32 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2008-10-26 16:43 - 2008-10-26 16:44 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2008-10-26 16:46 - 2008-10-26 16:52 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-09-07 11:32 - 2009-09-07 11:33 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\COMPAQ\AppData\Local\Temp\avgnt.exe
C:\Users\COMPAQ\AppData\Local\Temp\Quarantine.exe
C:\Users\COMPAQ\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-19 13:48

==================== End Of Log ============================
--- --- ---
Alt 20.04.2015, 15:44   #15
schrauber
/// the machine
/// TB-Ausbilder
 
Notebook mit Windows Vista wird immer langsamer - Standard

Notebook mit Windows Vista wird immer langsamer


Klar geht das

Java, Adobe und Firefox updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Avira komplett deinstallieren, Speed ohne Avira testen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 1 von 3 1 23

Themen zu Notebook mit Windows Vista wird immer langsamer
adware, antivir, antivirus, avira, browser, defender, desktop, device driver, flash player, frage, home, homepage, internet, langsam, launch, mozilla, newtab, object, problem, refresh, registry, rundll, scan, security, services.exe, software, svchost.exe, vista, windows, windows vista


« G Data meldet wiederholt Problem mit rpcnetp.exe | crossbrowse u.ä. vollständig entfernt? »


Ähnliche Themen: Notebook mit Windows Vista wird immer langsamer


  1. Windows 8 wird immer langsamer
    Alles rund um Windows - 05.06.2015 (5)
  2. Windows 8: Notebook wird zunehmend langsamer
    Log-Analyse und Auswertung - 28.01.2015 (7)
  3. Notebook wird immer langsamer. Lange Bootzeit. Desktop erst spät verfügbar.
    Plagegeister aller Art und deren Bekämpfung - 05.11.2014 (9)
  4. Windows 7 wird immer langsamer
    Log-Analyse und Auswertung - 06.09.2014 (11)
  5. notebook wird immer langsamer
    Plagegeister aller Art und deren Bekämpfung - 15.08.2014 (22)
  6. Windows wird mit zunehmender Zeit immer langsamer
    Plagegeister aller Art und deren Bekämpfung - 09.06.2014 (19)
  7. Windows wird einfach beendet, Computer wird immer langsamer.....
    Log-Analyse und Auswertung - 21.04.2014 (5)
  8. Notebook wird im Laufe der Zeit immer langsamer
    Log-Analyse und Auswertung - 12.03.2014 (17)
  9. Windows 7: wird immer langsamer
    Log-Analyse und Auswertung - 01.10.2013 (9)
  10. Windows Vista, PC wird immer langsamer, CPU immer hoch, Malwarebytes Anti-Malware Funde
    Log-Analyse und Auswertung - 15.08.2013 (13)
  11. Windows 7 Ultimate 64 bit wird immer langsamer ! HILFE
    Alles rund um Windows - 14.03.2011 (23)
  12. Notebook wird immer langsamer! Trojan.ZbotR.Gen gefunden!
    Log-Analyse und Auswertung - 25.11.2010 (9)
  13. PC wird immer langsamer und schläft fast ein Windows 7
    Log-Analyse und Auswertung - 11.08.2010 (4)
  14. Vista wird immer langsamer.
    Log-Analyse und Auswertung - 18.03.2009 (2)
  15. Windows XP - Laptop wird immer langsamer
    Log-Analyse und Auswertung - 18.09.2008 (4)
  16. Mein Windows XP wird immer langsamer
    Log-Analyse und Auswertung - 24.02.2008 (4)
  17. Notebook wird immer langsamer- aber warum?
    Log-Analyse und Auswertung - 20.07.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Notebook mit Windows Vista wird immer langsamer - Guten Tag, mein Notebook ist inzwischen extrem langsam geworden, so dass ich mich frage, ob ich mir nicht vielleicht ein paar Schädlinge eingefangen habe. Den CC-Cleaner habe ich schon angewendet, - Notebook mit Windows Vista wird immer langsamer...
Archiv
Du betrachtest: Notebook mit Windows Vista wird immer langsamer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55