Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


Plagegeister aller Art und deren Bekämpfung: Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.05.2015, 20:45   #1
Hektor25
 
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Standard

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


Sehr geehrte Damen und Herren,

ich habe eine E-mail von der angeblichen Firma Directpay AG erhalten und habe den Anhang über eine offene Rechnung geöffnet. In dem zip-Ordner war eine exe-Datei, die ich auf meinen Desktop geladen habe. Es handelt sich um einen Trojaner. Laut den Internetforen handelt es sich dabei um einen Trojaner, der den Übeltätern die Möglichkeit gibt, auf meine Daten zuzugreifen und meinen PC zu kontrollieren.
Ich habe bereits mein Antivirenprogramm Kaspersky drüberlaufen lassen und er hat ein paar Sachen gefunden und neutralisiert.
Allerdings möchte ich auf nummer sicher gehen, dass sich auch wirklich keine Schadhafte Software mehr auf meinem PC befindet.
Darum würde ich meinen PC gerne komplett darauf untersuchen...

Vielen Dank im Voraus für eure Hilfe

Beste Grüße

Alt 04.05.2015, 20:51   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Standard

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet




Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 04.05.2015, 20:56   #3
Hektor25
 
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Standard

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


vielen Dank vorweg!!! eine kurze Frage hätte ich noch: unter dem Link: so ladet ihr unsere Tools richtig, heißt es, ich soll mir AdwCleaner herunterladen. Soll ich das machen?
__________________
Alt 04.05.2015, 21:00   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Standard

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


Zitat:
Zitat von Hektor25 Beitrag anzeigen
vielen Dank vorweg!!! eine kurze Frage hätte ich noch: unter dem Link: so ladet ihr unsere Tools richtig, heißt es, ich soll mir AdwCleaner herunterladen. Soll ich das machen?
Also ich lese dort:

Zitat:
Dein Helfer hat Dir z.B. diese Anweisung gepostet:


Adwcleaner steht als Beispiel, wie und wohin man die Tools runterladen soll. Was steht denn unter Schritt 1?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 04.05.2015, 21:11   #5
Hektor25
 
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Standard

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-05-2015
Ran by Karl (administrator) on R101040 on 04-05-2015 22:00:34
Running from C:\Users\Karl\Desktop
Loaded Profiles: Karl (Available profiles: Karl)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Akamai Technologies, Inc.) C:\Users\Karl\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Akamai Technologies, Inc.) C:\Users\Karl\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}] => C:\Windows\test.bat
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [163840 2008-03-26] (Alps Electric Co., Ltd.)
HKLM\...\Run: [VeriFaceManager] => C:\Program Files\Lenovo\VeriFace\PManage.exe
HKLM\...\Run: [UpdateP2GShortCut] => C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4097864 2009-04-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1089536 2008-02-19] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [86016 2007-12-21] (Brother Industries, Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-15] (Google Inc.)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [Akamai NetSession Interface] => C:\Users\Karl\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [Seafile] => C:\Program Files\Seafile\bin\seafile-applet.exe [2429466 2014-05-12] ()
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\MountPoints2: G - G:\LaunchU3.exe
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\MountPoints2: {f1eb68e5-9b82-11de-8f3c-806e6f6e6963} - E:\aoesetup.exe /autorun
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\MountPoints2: {f9d2178e-e749-11df-9c4f-002622093d48} - G:\LaunchU3.exe
Startup: C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-06-24]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-05-10]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-295811439-4261906240-936036311-1004] => proxy.stusta.mhn.de:3130
AutoConfigURL: [S-1-5-21-295811439-4261906240-936036311-1004] => hxxp://wpad.stusta.mhn.de/proxy.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/webhp?sourceid=navclient&hl=de&ie=UTF-8
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ub.tum.de/
hxxp://www.engineering.mse.tum.de/
https://campus.tum.de/tumonline/webnav.ini
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www2.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=B6370026820E3B95
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF1A18780-B3CC-4E2F-A1EE-0A46CA4BEA3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF1A18780-B3CC-4E2F-A1EE-0A46CA4BEA3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B6370026820E3B95&affID=127912&tsp=5142
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b6379cca0000000000000026820e3b95&tlver=1.4.19.19&ss=1&affID=17395
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {FD6D2DE9-BC85-44ED-B54C-DC44B76543FF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8E50A152-DDD2-49F5-85E6-4922167AA496&apn_sauid=969A02E4-7197-4432-B1EA-1CDC6B0572C5&
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-11-02] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO: Windows Live Toolbar Helper -> {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -> C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-13] (Microsoft Corporation)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-13] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
Tcpip\..\Interfaces\{268C76BF-EA06-4C57-91E4-B054E7FB15A8}: [NameServer] 10.150.127.2,10.150.125.2

FireFox:
========
FF ProfilePath: C:\Users\Karl\AppData\Roaming\Mozilla\Firefox\Profiles\ggma9nae.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll [2014-07-04] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-02] ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-11-02] ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-02] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Karl\AppData\Roaming\Mozilla\Firefox\Profiles\ggma9nae.default\user.js [2014-11-02]
FF Extension: Adblock Plus - C:\Users\Karl\AppData\Roaming\Mozilla\Firefox\Profiles\ggma9nae.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-02]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-02]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-02]
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-02]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-11-02]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-11-02]
FF HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\Karl\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games 111 - C:\Users\Karl\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-01-29]
FF HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\Karl\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test 127 - C:\Users\Karl\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2014-01-29]

Chrome: 
=======
CHR Profile: C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-04-25]
CHR Extension: (Safe Money) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-04-25]
CHR Extension: (Virtual Keyboard) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-04-25]
CHR Extension: (Anti-Banner) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-04-25]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-04-22] (Flexera Software, Inc.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [32768 2008-02-14] (Lenovo Group Limited) [File not signed]
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [379968 2009-05-06] (Lenovo Group Limited) [File not signed]
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [412736 2009-05-06] (Lenovo Group Limited) [File not signed]
R2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [579384 2010-12-08] (Autodesk, Inc.)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [270336 2007-04-11] (Lenovo Group Limited) [File not signed]
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [98304 2008-02-15] (Lenovo Group Limited) [File not signed]
R2 System_Repair_UpdateMonitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [430080 2008-09-27] (Lenovo Group Limited) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [14848 2009-01-06] (Lenovo Corporation)
R3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [1273640 2009-05-22] (Bison Electronics. Inc. )
R1 funfrm; C:\Windows\system32\Drivers\funfrm.sys [48192 2009-09-07] () [File not signed]
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112136 2014-11-02] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [34400 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [644808 2014-11-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [188392 2010-07-01] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32872 2010-07-01] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\System32\DRIVERS\RTL2832U_IRHID.sys [37280 2009-07-13] (Realtek)
R0 Wdkbdmou; C:\Windows\System32\DRIVERS\Wdkbdmou.sys [8832 2009-03-03] ()
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [8832 2009-03-03] (Windows (R) Codename Longhorn DDK provider)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008-01-10] (CyberLink)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-04 22:00 - 2015-05-04 22:02 - 00025640 _____ () C:\Users\Karl\Desktop\FRST.txt
2015-05-04 21:59 - 2015-05-04 22:00 - 00000000 ____D () C:\FRST
2015-05-04 21:58 - 2015-05-04 21:58 - 01140736 _____ (Farbar) C:\Users\Karl\Desktop\FRST.exe
2015-04-16 21:47 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 21:38 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 21:36 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 21:36 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-16 21:36 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 21:36 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 21:36 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 23:09 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 23:09 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 23:09 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 23:09 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 23:09 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 23:09 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 23:09 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 23:09 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-15 23:08 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 23:08 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 23:08 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-07 16:19 - 2015-04-07 22:28 - 01661553 ____H () C:\Users\Karl\Desktop\~WRL0005.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-04 21:31 - 2011-11-05 19:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-04 21:26 - 2009-09-07 09:52 - 02082539 _____ () C:\Windows\WindowsUpdate.log
2015-05-04 21:25 - 2010-11-15 15:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-04 21:25 - 2009-07-21 07:43 - 00000270 _____ () C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2015-05-04 18:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-04 18:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-04 14:19 - 2010-11-15 15:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-04 14:18 - 2014-10-22 10:38 - 00000000 ___RD () C:\Users\Karl\Desktop\Studium
2015-05-04 14:18 - 2012-11-05 09:30 - 00000000 ___RD () C:\Users\Karl\Desktop\Privat
2015-05-04 13:12 - 2012-10-29 21:16 - 00000540 _____ () C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2015-05-04 12:11 - 2009-07-21 07:40 - 00000056 ___SH () C:\_PartitionInfo
2015-05-04 12:11 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-30 09:15 - 2006-11-02 15:01 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-17 17:35 - 2006-11-02 14:52 - 00290031 _____ () C:\Windows\setupact.log
2015-04-17 16:37 - 2009-09-07 10:09 - 00074360 _____ () C:\Windows\system32\ICAutoUpdate.log.bak
2015-04-16 21:47 - 2013-07-15 09:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 21:44 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-16 21:38 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-16 21:37 - 2009-07-21 07:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 21:34 - 2006-11-02 12:33 - 01600262 _____ () C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2009-12-28 13:41 - 2015-02-03 23:38 - 0001356 _____ () C:\Users\Karl\AppData\Local\d3d9caps.dat
2009-12-28 14:02 - 2015-02-10 00:19 - 0016896 _____ () C:\Users\Karl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-05 19:20 - 2011-11-05 19:20 - 0017408 _____ () C:\Users\Karl\AppData\Local\WebpageIcons.db
2010-11-15 15:42 - 2010-11-15 15:42 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-12-29 15:52 - 2009-12-29 15:52 - 0000088 _____ () C:\ProgramData\profile.xml

Some content of TEMP:
====================
C:\Users\Karl\AppData\Local\Temp\0grcjodk.dll
C:\Users\Karl\AppData\Local\Temp\AcDeltree.exe
C:\Users\Karl\AppData\Local\Temp\ApnStub.exe
C:\Users\Karl\AppData\Local\Temp\dlLogic.exe
C:\Users\Karl\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Karl\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Karl\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqlg8sk.dll
C:\Users\Karl\AppData\Local\Temp\fdminst.exe
C:\Users\Karl\AppData\Local\Temp\GoogleToolbarInstaller.exe
C:\Users\Karl\AppData\Local\Temp\h153adw5.dll
C:\Users\Karl\AppData\Local\Temp\i4jdel0.exe
C:\Users\Karl\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Karl\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Karl\AppData\Local\Temp\nsg9F14.exe
C:\Users\Karl\AppData\Local\Temp\nsh7824.exe
C:\Users\Karl\AppData\Local\Temp\nsr8D77.exe
C:\Users\Karl\AppData\Local\Temp\setup.exe
C:\Users\Karl\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Karl\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Karl\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Karl\AppData\Local\Temp\swt-xulrunner-win32-3448.dll
C:\Users\Karl\AppData\Local\Temp\uninstall.exe
C:\Users\Karl\AppData\Local\Temp\_isE6F7.exe
C:\Users\Karl\AppData\Local\Temp\{91B2FEB5-9672-444C-8882-46212E1EDB7B}-GoogleUpdateSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 12:19

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-05-2015
Ran by Karl at 2015-05-04 22:02:43
Running from C:\Users\Karl\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-295811439-4261906240-936036311-500 - Administrator - Disabled)
Gast (S-1-5-21-295811439-4261906240-936036311-501 - Limited - Enabled)
Karl (S-1-5-21-295811439-4261906240-936036311-1004 - Administrator - Enabled) => C:\Users\Karl

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Audiograbber 1.83 SE  (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
AutoCAD 2012 - Deutsch (HKLM\...\AutoCAD 2012 - Deutsch) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - Deutsch (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - Deutsch (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Design Review 2012 (HKLM\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1632-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion Plugin for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion Plugin for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (HKLM\...\Autodesk Inventor Professional 2012) (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Vault 2012 (Client) (HKLM\...\Autodesk Vault 2012 (Client)) (Version: 16.0.56.200 - Autodesk, Inc.)
Autodesk Vault 2012 (Client) (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Autodesk Vault 2012 (Client) German Language Pack (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Broadcom Gigabit Integrated Controller (HKLM\...\{9E325417-AE9C-4EE1-A158-13DF451A5987}) (Version: 11.44.04 - Broadcom Corporation)
Broadcom WLAN (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 5.10.38.14 Round2 - Lenovo Electronics Inc.)
Brother MFL-Pro Suite MFC-290C (HKLM\...\{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}) (Version: 1.1.8.0 - Brother Industries, Ltd.)
BrowserProtect (HKLM\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - ) <==== ATTENTION
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.16.0 - Conexant)
Dropbox (HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
DWG TrueView 2012 (HKLM\...\DWG TrueView 2012) (Version: 18.2.51.0 - Autodesk)
DWG TrueView 2012 (Version: 18.2.51.0 - Autodesk) Hidden
Eco Materials Adviser (HKLM\...\{207780D5-A515-4E79-B7C2-E4D32F8A6CA1}) (Version: 1.32.0.0 - Granta Design Limited)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.1.1.8 - Lenovo)
FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (HKLM\...\{D81641E8-ABF1-3D07-803B-60E8FC619368}.KB2635973) (Version: 1 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
ISO to USB (HKLM\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 27 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Java(TM) SE Development Kit 6 Update 37 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160370}) (Version: 1.6.0.370 - Oracle)
Kaspersky Internet Security (HKLM\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.0.463 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 6.32.1018.17 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 6.0.3004 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 6.0.3004 - CyberLink Corp.) Hidden
Lenovo ReadyComm 5.0 (HKLM\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.0.0.15 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Lenovo System Repair - Windows Update Monitor (HKLM\...\{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}) (Version: 1.3.0.3030 - Lenovo)
MATLAB R2012b (HKLM\...\Matlab R2012b) (Version: 8.0 - The MathWorks, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7FB12670-0F93-4E1E-B2F5-4F339199A03A}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{849A32C3-E75A-4791-9B11-E568BA3525A4}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetBeans IDE 7.2.1 (HKLM\...\nbi-nb-base-7.2.1.0.201210100934) (Version: 7.2.1 - NetBeans.org)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Paint.NET v3.5.2 (HKLM\...\{4F77F6EE-2C99-49F7-940A-2E9C208C3BE1}) (Version: 3.52.0 - dotPDN LLC)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d1 - CyberLink Corp.)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20132 - Realtek Semiconductor Corp.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM\...\{7A8FF745-BBC5-482B-88E4-18D3178249A9}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1632-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk)
Seafile 3.0.4 (HKLM\...\{0D56A3F4-7600-4280-91F8-0CDC43D5BFE3}) (Version: 3.0.4 - HaiWenHuZhi ltd.)
Secure Download Manager (HKLM\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Skype Toolbars (HKLM\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.4035.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Paradigm 11.1 (HKLM\...\1106-5897-7327-6550) (Version: 11.1 - Visual Paradigm International Ltd.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Windows Live Toolbar (HKLM\...\Windows Live Toolbar) (Version: 03.01.0130 - Microsoft Corporation)
wx-devcpp 6.10.2 (4.9.9.2) (HKLM\...\wx-devcpp) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Deutsch\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Deutsch\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Deutsch\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Deutsch\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll ()
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll No File

==================== Restore Points  =========================

04-04-2015 19:09:14 Geplanter Prüfpunkt
07-04-2015 10:29:37 Windows Update
08-04-2015 20:55:52 Geplanter Prüfpunkt
10-04-2015 21:51:45 Windows Update
12-04-2015 12:08:09 Geplanter Prüfpunkt
14-04-2015 16:44:05 Windows Update
16-04-2015 21:27:34 Windows Update
22-04-2015 17:17:51 Windows Update
24-04-2015 15:54:54 Geplanter Prüfpunkt
30-04-2015 09:12:36 Windows Update
04-05-2015 12:25:26 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {013927B3-D7E0-4013-B6FD-DD710CC803C2} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {0210312E-31AC-4CC0-9213-E1EB17C6AEE5} - System32\Tasks\MATLAB R2012b Startup Accelerator => C:\Users\Karl\Desktop\Matlab1\bin\win32\MATLABStartupAccelerator.exe [2012-07-20] ()
Task: {0D685AFE-0420-4CC3-AA63-434226609FD8} - System32\Tasks\{921DA5AA-9244-4DD9-BB01-FBAADABF5A5A} => Firefox.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {3E090486-33EB-4CB7-B082-EAA711FCDAA3} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Karl => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {605B1BD9-6B49-4420-A1FD-D65D606AE193} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {64AD004E-3727-4CC5-B994-A2283377B6E1} - System32\Tasks\{6BA5BED7-7BB4-4C18-A73A-6D8B7F863B17} => Firefox.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {672580C1-C873-4085-860E-E68100E6C429} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {6EBE9B99-FBED-4DAC-9581-37F9A6DD7228} - System32\Tasks\{AF3F3C59-34F9-4128-BEAD-12DA23D2E03A} => pcalua.exe -a "C:\Users\Karl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UIC64X29\matlab_R2012b_win64_installer[1].exe" -d C:\Users\Karl\Desktop
Task: {6F56C736-552E-44D8-8AA9-6C69078A2E82} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {7CC2965C-D8F3-465A-AADE-5DA7E772915F} - System32\Tasks\{7D96C5AB-32DC-4D22-8313-4C32AAE8ADD1} => C:\Program Files\Skype\\Phone\Skype.exe [2015-01-23] (Skype Technologies S.A.)
Task: {83873325-BAA4-48B2-B58B-D2D7F6DF93B4} - System32\Tasks\{F5E56337-AD1C-421A-9A32-E921972477E2} => pcalua.exe -a "C:\Program Files\phase-6\phase-6\uninstall.exe" -d "C:\Program Files\phase-6\phase-6"
Task: {A2F98BFD-9909-43AB-9B64-AEC0BE4D8EAA} - System32\Tasks\{DCCAE805-721A-4B18-BFD6-855F5B588F02} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/en/abandoninstall?page=tsChrome&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {BA94EE03-705C-4CB8-82A7-B336F51704C1} - System32\Tasks\{B2BA1B4E-8C8F-4059-B964-DD031C4CCEC1} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {E285928D-843E-4483-B7A9-676FB21A9C3C} - System32\Tasks\{BF294347-4C09-42FB-8B76-C01764F9648B} => pcalua.exe -a "C:\Users\Karl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HF6M2BQ3\matlab_R2012b_win64_installer[1].exe" -d C:\Users\Karl\Desktop
Task: {EAF8E065-15FA-43AE-911A-D2BD82083FF0} - System32\Tasks\Auf Updates für Windows Live Toolbar prüfen => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-13] (Microsoft Corporation)
Task: {F0AD3425-EC0E-46D4-883C-58110C6BE006} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Users\Karl\Desktop\Matlab1\bin\win32\MATLABStartupAccelerator.exe

==================== Loaded Modules (whitelisted) ==============

2011-05-23 10:41 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-11-13 09:12 - 2013-11-13 09:12 - 00024064 _____ () C:\Windows\System32\ssm4mlm.dll
2011-02-02 14:08 - 2011-02-02 14:08 - 00018656 _____ () C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
2014-03-06 16:00 - 2014-03-06 16:00 - 01269952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2009-07-21 07:35 - 2008-01-04 04:23 - 00167936 _____ () C:\Program Files\Lenovo\OneKey App\System Repair\LenovoAPI.dll
2009-09-07 10:13 - 2008-12-20 12:20 - 00063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2009-09-07 10:13 - 2008-12-20 12:20 - 00051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2011-01-17 16:19 - 2011-05-10 22:06 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-11-10 21:30 - 2014-11-10 21:31 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-20 02:42 - 2014-11-02 18:03 - 00642344 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 02:42 - 2014-04-20 02:42 - 00468672 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 02:42 - 2014-04-20 02:42 - 00347328 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-295811439-4261906240-936036311-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Karl\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 10.150.127.2 - 10.150.125.2

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{6CF18113-FBCF-46E1-AE80-130A015E962C}] => (Allow) C:\Windows\System32\IgrsSvcs.exe
FirewallRules: [{526C9A6B-E4A2-4F2B-A7BF-F16DBADFAB19}] => (Allow) C:\Windows\System32\IgrsSvcs.exe
FirewallRules: [{7DB374B0-447B-414F-9AAD-6DE9651B9841}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{95EF95CB-ED23-4B89-A141-43FBFC50F665}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{6566DB88-F3D7-46E5-9472-14EE535F114C}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyCom.exe
FirewallRules: [{767CB0F8-5467-4C2B-A29A-47EFC6714335}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe
FirewallRules: [{6ED7CEA3-D71A-4AB4-A384-315540BFAD79}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{00793C23-8D82-41F3-AF50-DA78D23908A8}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{5620F4BB-9324-4BC3-BD26-5E1ADF6248FB}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{FB90F1A3-539B-486A-9977-13E0CCED7B1A}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{AB17A295-A272-47C1-B5E6-C6B1BDAE0E4A}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{8128328E-A38B-4D12-A348-5431EE8F7B0D}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{5994BD88-8814-4461-ADFB-77E96EB3D95F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ThreeGService.exe
FirewallRules: [{6488006E-F1F9-4D38-A813-7FB3AB3A1A59}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ThreeGService.exe
FirewallRules: [{C8A2066C-39A2-4AED-B136-98D782A56652}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{5D4C6E8C-A115-44F2-ADE6-5BFCDEB6E28D}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{B2D394F4-9CDA-45C6-8130-6A7C32B04046}] => (Allow) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{35A40F2F-F304-48BD-B3DA-5E3B7890C286}] => (Allow) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{B651EBF2-60B5-4823-9245-388BE236097B}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{65B5497B-3715-4893-811C-C42DFC31AF86}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{4C1829F4-D781-4227-AC8F-CAF18E6913A4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E20950FF-8EB2-42A5-96F9-B8CD1EB67936}] => (Allow) LPort=80
FirewallRules: [{913FAA9D-963C-4C5E-812E-A150EBB137CC}] => (Allow) LPort=80
FirewallRules: [{0FB3CE80-5404-43D3-9717-09A69CACF6F4}] => (Allow) LPort=80
FirewallRules: [{CD143F39-3FE2-4347-93B9-0AF69EE1033B}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{724EE0D2-9E29-4572-88F0-066AEB76B59F}] => (Allow) C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{70CBD1D1-7796-40D7-85DB-2EF2275CF1E3}] => (Allow) C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CC82BDAB-87C8-47FF-B1FB-596B8C5E9E44}] => (Allow) C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9FE6510F-7271-4510-9DCB-80A105DFF8E3}] => (Allow) C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{ABC1E165-39DB-4D98-8282-2449AA0C8A0E}C:\users\karl\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\karl\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{DD8574B8-AD7B-4323-BE9E-0E753F2604C9}C:\users\karl\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\karl\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F6E1DEA8-C66E-42C9-A649-943CF10AFF5A}C:\users\karl\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\karl\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{DDBA055D-C43E-4CF2-A007-A6C199B20B47}C:\users\karl\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\karl\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{863E6C01-7EC7-43A6-B636-E4065B205E30}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{656FBB8D-9232-4F03-82D1-4776A6A24C15}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{7279DE03-40DB-4D51-9E24-DC59AFEA64C4}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{DB961D5A-8EE6-4B05-81B0-01288970AD1D}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files\microsoft games\age of empires ii\empires2.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2015 00:12:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2015 08:51:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2015 09:08:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/28/2015 08:08:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 09:54:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 02:24:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2015 01:39:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2015 08:14:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2015 05:06:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2015 07:13:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (04/14/2014 07:28:58 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 92 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/08/2012 04:18:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2658 seconds with 900 seconds of active time.  This session ended with a crash.

Error: (06/19/2012 09:14:05 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 808 seconds with 780 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-05-04 22:01:43.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:42.528
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:41.468
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:40.469
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:39.346
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:38.472
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:37.630
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:36.756
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:35.571
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-04 22:01:34.682
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 66%
Total physical RAM: 3031.86 MB
Available physical RAM: 1019.38 MB
Total Pagefile: 6277.7 MB
Available Pagefile: 3999.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:188.93 GB) (Free:64.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lenovo) (Fixed) (Total:29.19 GB) (Free:27.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 274BF56F)
Partition 1: (Active) - (Size=188.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=29.2 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End Of Log ============================
War das so richtig? Können nur Sie diese Nachrichten lesen oder ist das für das ganze Portal zugänglich?


Alt 05.05.2015, 08:55   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Standard

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


Zitat:
Zitat von Hektor25 Beitrag anzeigen
War das so richtig? Können nur Sie diese Nachrichten lesen oder ist das für das ganze Portal zugänglich?
Das ist ein Forum.
Das kann jeder lesen.

Wurde die exe-Datei ausgeführt bzw. gestartet duch Anklicken?

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet

Alt 05.05.2015, 22:28   #7
Hektor25
 
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Standard

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


Ja, die exe-Datei wurde durch anklicken ausgeführt bzw. gestartet!

Code:
ATTFilter
23:18:42.0576 0x0f94  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
23:19:34.0591 0x0f94  ============================================================
23:19:34.0591 0x0f94  Current date / time: 2015/05/05 23:19:34.0591
23:19:34.0591 0x0f94  SystemInfo:
23:19:34.0591 0x0f94  
23:19:34.0591 0x0f94  OS Version: 6.0.6002 ServicePack: 2.0
23:19:34.0591 0x0f94  Product type: Workstation
23:19:34.0591 0x0f94  ComputerName: R101040
23:19:34.0592 0x0f94  UserName: Karl
23:19:34.0592 0x0f94  Windows directory: C:\Windows
23:19:34.0592 0x0f94  System windows directory: C:\Windows
23:19:34.0592 0x0f94  Processor architecture: Intel x86
23:19:34.0592 0x0f94  Number of processors: 2
23:19:34.0592 0x0f94  Page size: 0x1000
23:19:34.0592 0x0f94  Boot type: Normal boot
23:19:34.0592 0x0f94  ============================================================
23:19:40.0506 0x0f94  KLMD registered as C:\Windows\system32\drivers\63487751.sys
23:19:41.0685 0x0f94  System UUID: {0B8F97E3-D0F4-EF59-510A-1FD757C84F39}
23:19:46.0127 0x0f94  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:19:46.0130 0x0f94  ============================================================
23:19:46.0130 0x0f94  \Device\Harddisk0\DR0:
23:19:46.0131 0x0f94  MBR partitions:
23:19:46.0131 0x0f94  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x179DF000
23:19:46.0211 0x0f94  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x179E0800, BlocksNum 0x3A62800
23:19:46.0211 0x0f94  ============================================================
23:19:46.0332 0x0f94  C: <-> \Device\Harddisk0\DR0\Partition1
23:19:46.0372 0x0f94  D: <-> \Device\Harddisk0\DR0\Partition2
23:19:46.0373 0x0f94  ============================================================
23:19:46.0373 0x0f94  Initialize success
23:19:46.0373 0x0f94  ============================================================
23:23:03.0039 0x16ac  ============================================================
23:23:03.0039 0x16ac  Scan started
23:23:03.0039 0x16ac  Mode: Manual; SigCheck; TDLFS; 
23:23:03.0039 0x16ac  ============================================================
23:23:03.0039 0x16ac  KSN ping started
23:23:06.0206 0x16ac  KSN ping finished: true
23:23:07.0095 0x16ac  ================ Scan system memory ========================
23:23:07.0095 0x16ac  System memory - ok
23:23:07.0095 0x16ac  ================ Scan services =============================
23:23:07.0376 0x16ac  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
23:23:07.0656 0x16ac  ACPI - ok
23:23:07.0750 0x16ac  [ 96215DA5D8B131EB87C1077F52A8D10B, EDE0A3FCE4853025CE28D03C5B93ED5342E3DEDEF59673C97C2F6493B2750DD1 ] ACPIVPC         C:\Windows\system32\DRIVERS\AcpiVpc.sys
23:23:07.0906 0x16ac  ACPIVPC - ok
23:23:07.0984 0x16ac  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:23:08.0109 0x16ac  adp94xx - ok
23:23:08.0156 0x16ac  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:23:08.0265 0x16ac  adpahci - ok
23:23:08.0280 0x16ac  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
23:23:08.0343 0x16ac  adpu160m - ok
23:23:08.0374 0x16ac  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:23:08.0436 0x16ac  adpu320 - ok
23:23:08.0483 0x16ac  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:23:08.0546 0x16ac  AeLookupSvc - ok
23:23:08.0608 0x16ac  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
23:23:08.0795 0x16ac  AFD - ok
23:23:08.0873 0x16ac  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:23:08.0920 0x16ac  agp440 - ok
23:23:08.0982 0x16ac  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
23:23:09.0060 0x16ac  aic78xx - ok
23:23:09.0107 0x16ac  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
23:23:09.0232 0x16ac  ALG - ok
23:23:09.0263 0x16ac  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
23:23:09.0310 0x16ac  aliide - ok
23:23:09.0326 0x16ac  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:23:09.0372 0x16ac  amdagp - ok
23:23:09.0404 0x16ac  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
23:23:09.0450 0x16ac  amdide - ok
23:23:09.0482 0x16ac  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
23:23:09.0560 0x16ac  AmdK7 - ok
23:23:09.0591 0x16ac  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:23:09.0669 0x16ac  AmdK8 - ok
23:23:09.0747 0x16ac  [ 0F83CB9BCB247869BCAD28026B8F134B, 3C44950C4714DDB16E397B5C8937129771BC3DB2B432FB01A5CA15297EAD28FA ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
23:23:09.0840 0x16ac  ApfiltrService - ok
23:23:09.0918 0x16ac  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
23:23:09.0965 0x16ac  Appinfo - ok
23:23:10.0012 0x16ac  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
23:23:10.0074 0x16ac  arc - ok
23:23:10.0106 0x16ac  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:23:10.0168 0x16ac  arcsas - ok
23:23:10.0324 0x16ac  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:23:10.0386 0x16ac  aspnet_state - ok
23:23:10.0418 0x16ac  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:23:10.0542 0x16ac  AsyncMac - ok
23:23:10.0574 0x16ac  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
23:23:10.0605 0x16ac  atapi - ok
23:23:10.0667 0x16ac  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:23:10.0730 0x16ac  AudioEndpointBuilder - ok
23:23:10.0776 0x16ac  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:23:10.0823 0x16ac  Audiosrv - ok
23:23:10.0964 0x16ac  [ 1992C2A1867D95AA3A0802539358D162, 795E62858A103A6213B314832032A0E7B45B62919CA67115549069C8C7D52B3F ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
23:23:11.0010 0x16ac  Autodesk Content Service - ok
23:23:11.0244 0x16ac  [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0       C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
23:23:11.0338 0x16ac  AVP15.0.0 - ok
23:23:11.0432 0x16ac  [ 32130FA152CF12EE17EB0673D411B801, A6D1FF2509203B0F912564A684812B2D0759A0975AE7AB2BED53D201C0C80E74 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
23:23:11.0541 0x16ac  b57nd60x - ok
23:23:11.0666 0x16ac  [ 142F6D053DA0D7A53A3B70D25907335E, 80EE02D1A6847B92EFF81D7B4023814F7FBFD01C6A1618B9BDAD7E62D698EDEE ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
23:23:11.0853 0x16ac  BCM43XX - ok
23:23:11.0915 0x16ac  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:23:11.0993 0x16ac  Beep - ok
23:23:12.0087 0x16ac  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
23:23:12.0180 0x16ac  BFE - ok
23:23:12.0290 0x16ac  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
23:23:12.0399 0x16ac  BITS - ok
23:23:12.0430 0x16ac  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
23:23:12.0492 0x16ac  blbdrive - ok
23:23:12.0539 0x16ac  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:23:12.0711 0x16ac  bowser - ok
23:23:12.0742 0x16ac  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
23:23:12.0898 0x16ac  BrFiltLo - ok
23:23:12.0914 0x16ac  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
23:23:13.0023 0x16ac  BrFiltUp - ok
23:23:13.0054 0x16ac  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
23:23:13.0116 0x16ac  Browser - ok
23:23:13.0179 0x16ac  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
23:23:13.0475 0x16ac  Brserid - ok
23:23:13.0522 0x16ac  [ 1A5FC78E41840EDF79D65EC16EFF2787, 05BC4C07C88ADDE6D7FF01B821DDB944EEEC8035AC1B6D780E39FDBD12FCA885 ] BrSerIf         C:\Windows\system32\Drivers\BrSerIf.sys
23:23:13.0631 0x16ac  BrSerIf - ok
23:23:13.0678 0x16ac  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
23:23:13.0818 0x16ac  BrSerWdm - ok
23:23:13.0850 0x16ac  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
23:23:13.0974 0x16ac  BrUsbMdm - ok
23:23:13.0990 0x16ac  [ A24C7B39602218F8DBDB2B6704325FC7, B90A1BA412A33AD041A2CE47FBB73AE296AF07A2F3DF1F56D9FEE5B3B1E0BBD5 ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
23:23:14.0068 0x16ac  BrUsbSer - ok
23:23:14.0099 0x16ac  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:23:14.0240 0x16ac  BTHMODEM - ok
23:23:14.0364 0x16ac  [ E67B2B3E2744C72C28FA3AB076DA9FA4, 39395FE14BE2F28975ABB6B38446976B8C26433C7D6E56215745DEC1ACA0382B ] Cam5607         C:\Windows\system32\Drivers\BisonC07.sys
23:23:14.0676 0x16ac  Cam5607 - ok
23:23:14.0708 0x16ac  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:23:14.0801 0x16ac  cdfs - ok
23:23:14.0848 0x16ac  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:23:14.0926 0x16ac  cdrom - ok
23:23:14.0973 0x16ac  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
23:23:15.0035 0x16ac  CertPropSvc - ok
23:23:15.0082 0x16ac  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:23:15.0160 0x16ac  circlass - ok
23:23:15.0207 0x16ac  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
23:23:15.0300 0x16ac  CLFS - ok
23:23:15.0378 0x16ac  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:23:15.0456 0x16ac  clr_optimization_v2.0.50727_32 - ok
23:23:15.0519 0x16ac  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:23:15.0612 0x16ac  clr_optimization_v4.0.30319_32 - ok
23:23:15.0659 0x16ac  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:23:15.0753 0x16ac  CmBatt - ok
23:23:15.0784 0x16ac  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:23:15.0815 0x16ac  cmdide - ok
23:23:15.0893 0x16ac  [ CF93D97FB04BDE224E05CB5CC87A4204, E80A481EE4F8AB862503E1F6A30998A2DF2DF2C5B24590A4649D788A07CD387E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
23:23:16.0049 0x16ac  CnxtHdAudService - ok
23:23:16.0080 0x16ac  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:23:16.0127 0x16ac  Compbatt - ok
23:23:16.0143 0x16ac  COMSysApp - ok
23:23:16.0143 0x16ac  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:23:16.0190 0x16ac  crcdisk - ok
23:23:16.0221 0x16ac  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
23:23:16.0299 0x16ac  Crusoe - ok
23:23:16.0361 0x16ac  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:23:16.0439 0x16ac  CryptSvc - ok
23:23:16.0564 0x16ac  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:23:16.0689 0x16ac  DcomLaunch - ok
23:23:16.0736 0x16ac  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:23:16.0876 0x16ac  DfsC - ok
23:23:17.0032 0x16ac  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
23:23:17.0313 0x16ac  DFSR - ok
23:23:17.0391 0x16ac  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
23:23:17.0453 0x16ac  Dhcp - ok
23:23:17.0500 0x16ac  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
23:23:17.0562 0x16ac  disk - ok
23:23:17.0609 0x16ac  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:23:17.0672 0x16ac  Dnscache - ok
23:23:17.0718 0x16ac  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
23:23:17.0812 0x16ac  dot3svc - ok
23:23:17.0890 0x16ac  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
23:23:17.0984 0x16ac  DPS - ok
23:23:18.0030 0x16ac  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:23:18.0108 0x16ac  drmkaud - ok
23:23:18.0186 0x16ac  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:23:18.0342 0x16ac  DXGKrnl - ok
23:23:18.0358 0x16ac  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
23:23:18.0452 0x16ac  E1G60 - ok
23:23:18.0530 0x16ac  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
23:23:18.0576 0x16ac  EapHost - ok
23:23:18.0639 0x16ac  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
23:23:18.0717 0x16ac  Ecache - ok
23:23:18.0779 0x16ac  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:23:18.0904 0x16ac  ehRecvr - ok
23:23:18.0935 0x16ac  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
23:23:19.0029 0x16ac  ehSched - ok
23:23:19.0044 0x16ac  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
23:23:19.0091 0x16ac  ehstart - ok
23:23:19.0154 0x16ac  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:23:19.0247 0x16ac  elxstor - ok
23:23:19.0325 0x16ac  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
23:23:19.0434 0x16ac  EMDMgmt - ok
23:23:19.0466 0x16ac  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:23:19.0559 0x16ac  ErrDev - ok
23:23:19.0606 0x16ac  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
23:23:19.0684 0x16ac  EventSystem - ok
23:23:19.0746 0x16ac  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:23:19.0871 0x16ac  exfat - ok
23:23:19.0902 0x16ac  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:23:20.0027 0x16ac  fastfat - ok
23:23:20.0090 0x16ac  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:23:20.0199 0x16ac  fdc - ok
23:23:20.0246 0x16ac  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
23:23:20.0308 0x16ac  fdPHost - ok
23:23:20.0324 0x16ac  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:23:20.0417 0x16ac  FDResPub - ok
23:23:20.0433 0x16ac  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:23:20.0495 0x16ac  FileInfo - ok
23:23:20.0526 0x16ac  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:23:20.0620 0x16ac  Filetrace - ok
23:23:20.0760 0x16ac  [ 73081CF28F0AE20A52CA4F67CEE6E6B0, 806C769F3638D25FF1892C7223E7250AA3B9F627DF3AD83BC5AE1FEF7016F86A ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:23:21.0119 0x16ac  FLEXnet Licensing Service - ok
23:23:21.0182 0x16ac  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:23:21.0353 0x16ac  flpydisk - ok
23:23:21.0400 0x16ac  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:23:21.0494 0x16ac  FltMgr - ok
23:23:21.0603 0x16ac  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
23:23:21.0712 0x16ac  FontCache - ok
23:23:21.0790 0x16ac  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:23:21.0837 0x16ac  FontCache3.0.0.0 - ok
23:23:21.0884 0x16ac  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:23:21.0946 0x16ac  Fs_Rec - ok
23:23:22.0008 0x16ac  [ F923FDEA75675F5C2CC55D01E0FD2891, B48031A7BD589CC56A76C19F99A505E862280622F47E17AC02AF6F8F4BC113FE ] funfrm          C:\Windows\system32\drivers\funfrm.sys
23:23:22.0133 0x16ac  funfrm - detected UnsignedFile.Multi.Generic ( 1 )
23:23:22.0196 0x16ac  Detect skipped due to KSN trusted
23:23:22.0196 0x16ac  funfrm - ok
23:23:22.0242 0x16ac  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:23:22.0289 0x16ac  gagp30kx - ok
23:23:22.0367 0x16ac  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
23:23:22.0476 0x16ac  gpsvc - ok
23:23:22.0617 0x16ac  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:23:22.0648 0x16ac  gupdate - ok
23:23:22.0648 0x16ac  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:23:22.0679 0x16ac  gupdatem - ok
23:23:22.0742 0x16ac  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:23:22.0913 0x16ac  gusvc - ok
23:23:22.0991 0x16ac  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:23:23.0163 0x16ac  HdAudAddService - ok
23:23:23.0256 0x16ac  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:23:23.0459 0x16ac  HDAudBus - ok
23:23:23.0490 0x16ac  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:23:23.0584 0x16ac  HidBth - ok
23:23:23.0600 0x16ac  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:23:23.0693 0x16ac  HidIr - ok
23:23:23.0740 0x16ac  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
23:23:23.0802 0x16ac  hidserv - ok
23:23:23.0818 0x16ac  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:23:23.0927 0x16ac  HidUsb - ok
23:23:23.0974 0x16ac  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:23:24.0052 0x16ac  hkmsvc - ok
23:23:24.0114 0x16ac  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
23:23:24.0161 0x16ac  HpCISSs - ok
23:23:24.0224 0x16ac  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:23:24.0395 0x16ac  HTTP - ok
23:23:24.0411 0x16ac  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
23:23:24.0458 0x16ac  i2omp - ok
23:23:24.0504 0x16ac  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:23:24.0598 0x16ac  i8042prt - ok
23:23:24.0645 0x16ac  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
23:23:24.0785 0x16ac  iaStorV - ok
23:23:24.0879 0x16ac  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:23:25.0082 0x16ac  idsvc - ok
23:23:25.0581 0x16ac  [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
23:23:26.0829 0x16ac  igfx - ok
23:23:26.0985 0x16ac  [ 19A31DCA2F502D778C9A2B09B863412D, AEA55381AC8497E875F9B8E78E0003C801F41096557C17413E6A73613133459A ] IGRS            C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
23:23:27.0063 0x16ac  IGRS - detected UnsignedFile.Multi.Generic ( 1 )
23:23:27.0141 0x16ac  Detect skipped due to KSN trusted
23:23:27.0141 0x16ac  IGRS - ok
23:23:27.0172 0x16ac  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:23:27.0266 0x16ac  iirsp - ok
23:23:27.0344 0x16ac  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:23:27.0422 0x16ac  IKEEXT - ok
23:23:27.0484 0x16ac  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
23:23:27.0531 0x16ac  intelide - ok
23:23:27.0578 0x16ac  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:23:27.0656 0x16ac  intelppm - ok
23:23:27.0702 0x16ac  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:23:27.0780 0x16ac  IPBusEnum - ok
23:23:27.0812 0x16ac  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:23:27.0890 0x16ac  IpFilterDriver - ok
23:23:27.0936 0x16ac  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:23:28.0014 0x16ac  iphlpsvc - ok
23:23:28.0030 0x16ac  IpInIp - ok
23:23:28.0061 0x16ac  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
23:23:28.0404 0x16ac  IPMIDRV - ok
23:23:28.0420 0x16ac  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
23:23:28.0514 0x16ac  IPNAT - ok
23:23:28.0545 0x16ac  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:23:28.0638 0x16ac  IRENUM - ok
23:23:28.0794 0x16ac  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:23:28.0841 0x16ac  isapnp - ok
23:23:28.0904 0x16ac  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:23:28.0997 0x16ac  iScsiPrt - ok
23:23:29.0044 0x16ac  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
23:23:29.0106 0x16ac  iteatapi - ok
23:23:29.0184 0x16ac  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
23:23:29.0247 0x16ac  iteraid - ok
23:23:29.0278 0x16ac  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:23:29.0325 0x16ac  kbdclass - ok
23:23:29.0372 0x16ac  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:23:29.0450 0x16ac  kbdhid - ok
23:23:29.0481 0x16ac  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
23:23:29.0730 0x16ac  KeyIso - ok
23:23:29.0808 0x16ac  [ 6022F174CEB149650DCB5BE445A0E72A, D5BD12A5220311A60BEFBE34D9F324EE845AFBBC2630F97AA27E1C1CF0189978 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
23:23:29.0871 0x16ac  KL1 - ok
23:23:29.0949 0x16ac  [ 3EAA179537FF9A3C9071E868C07275FA, 4412D57E2BECA9871B8BE6EC4EB7EACB33761D999BC69D85B8E84959BA6D4795 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
23:23:30.0011 0x16ac  klflt - ok
23:23:30.0074 0x16ac  [ C02EC9EEE4E3CFEF82478B9C345F94FE, C86CD0AAE4C9B5AD53FE3CAA60CC957BBBBA8F67A073C1B74A89A93EF2596B85 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
23:23:30.0136 0x16ac  klhk - ok
23:23:30.0245 0x16ac  [ 894A09BF826E79C1971ADE0121F2B607, E88E87D75E6EB2DBB48DFD50F6B9191F9279E39DD503EF926DE5497D14B44D20 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
23:23:30.0417 0x16ac  KLIF - ok
23:23:30.0448 0x16ac  [ D1FC14342F8CAD20A0764305AD62483D, FC3010AAD57C7CEB987AE930C1B7A7C1AD9291B98F92F5C9448D56C92270C9F1 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
23:23:30.0495 0x16ac  KLIM6 - ok
23:23:30.0557 0x16ac  [ 9C7132A2E609E0BACF2A54AC13C9BDCB, E7E3949C6FA35CC06A1B010DA04462824BC7F3EE6A498F64CB2457C901F999F7 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
23:23:30.0588 0x16ac  klkbdflt - ok
23:23:30.0651 0x16ac  [ 035724BA6D5676B76FD3AFB66AB4F1E3, 81B30112B96DD3E7250420EEFF2ACECD424A2BE155E83C44434321CEA7DBE117 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
23:23:30.0698 0x16ac  klmouflt - ok
23:23:30.0744 0x16ac  [ EB0D72D2844C57F5F146D7A15B04FBF9, 3DFEDA024AD5D54EEAF7D4411153CFA8AD95FCF217E09F2B7AFD2D91EE623BF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
23:23:30.0791 0x16ac  klpd - ok
23:23:30.0838 0x16ac  [ 3EA7D183499C7C5824AA13DA1A7CDA26, E47B6B1A4050D135CE3CD3EC1076A221E4995798B21B1534A3CDB7E050FB0F65 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
23:23:30.0885 0x16ac  kltdi - ok
23:23:30.0947 0x16ac  [ E111A2947A4D26CC4A30D2BF2E7A8D69, DF63FF0AB60C9894EF1302A2155EBAF25177811069A9CEFF1504D10C28A48380 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
23:23:31.0041 0x16ac  kneps - ok
23:23:31.0119 0x16ac  [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:23:31.0322 0x16ac  KSecDD - ok
23:23:31.0384 0x16ac  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:23:31.0478 0x16ac  KtmRm - ok
23:23:31.0509 0x16ac  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:23:31.0602 0x16ac  LanmanServer - ok
23:23:31.0712 0x16ac  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:23:31.0790 0x16ac  LanmanWorkstation - ok
23:23:31.0883 0x16ac  [ AF3C911152DEB7DCCF166FD0F7A9E1EA, 2B92A8EB501B3B88E6CC268B457D9718BDE383F040D147DBEEBCDC5FC8D10974 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
23:23:32.0148 0x16ac  Lenovo ReadyComm AppSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:32.0336 0x16ac  Detect skipped due to KSN trusted
23:23:32.0336 0x16ac  Lenovo ReadyComm AppSvc - ok
23:23:32.0398 0x16ac  [ 81D5DA5DFEDA6D46340DB18F3A260CF1, 07A715C7525C4EA92D658DB52A26C7663988BADAEC53B1B4AC689DC8A285E663 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
23:23:32.0585 0x16ac  Lenovo ReadyComm ConnSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:32.0663 0x16ac  Detect skipped due to KSN trusted
23:23:32.0663 0x16ac  Lenovo ReadyComm ConnSvc - ok
23:23:32.0710 0x16ac  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:23:32.0850 0x16ac  lltdio - ok
23:23:32.0897 0x16ac  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:23:32.0991 0x16ac  lltdsvc - ok
23:23:33.0022 0x16ac  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:23:33.0116 0x16ac  lmhosts - ok
23:23:33.0162 0x16ac  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:23:33.0209 0x16ac  LSI_FC - ok
23:23:33.0256 0x16ac  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:23:33.0303 0x16ac  LSI_SAS - ok
23:23:33.0334 0x16ac  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:23:33.0381 0x16ac  LSI_SCSI - ok
23:23:33.0412 0x16ac  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:23:33.0490 0x16ac  luafv - ok
23:23:33.0521 0x16ac  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:23:33.0584 0x16ac  Mcx2Svc - ok
23:23:33.0615 0x16ac  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
23:23:33.0662 0x16ac  megasas - ok
23:23:33.0693 0x16ac  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
23:23:33.0818 0x16ac  MegaSR - ok
23:23:33.0911 0x16ac  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:23:34.0020 0x16ac  Microsoft Office Groove Audit Service - ok
23:23:34.0176 0x16ac  [ B2896AC99901738B882F28004F79A455, 85DD39249523F5EA10BA31D66259705C093B39B5878DFA2B05A64E68E0E79C35 ] mitsijm2012     C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
23:23:34.0239 0x16ac  mitsijm2012 - ok
23:23:34.0317 0x16ac  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
23:23:34.0379 0x16ac  MMCSS - ok
23:23:34.0410 0x16ac  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
23:23:34.0488 0x16ac  Modem - ok
23:23:34.0520 0x16ac  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:23:34.0613 0x16ac  monitor - ok
23:23:34.0629 0x16ac  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:23:34.0676 0x16ac  mouclass - ok
23:23:34.0691 0x16ac  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:23:34.0754 0x16ac  mouhid - ok
23:23:34.0785 0x16ac  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
23:23:34.0832 0x16ac  MountMgr - ok
23:23:34.0925 0x16ac  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:23:35.0019 0x16ac  MozillaMaintenance - ok
23:23:35.0066 0x16ac  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:23:35.0112 0x16ac  mpio - ok
23:23:35.0159 0x16ac  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:23:35.0237 0x16ac  mpsdrv - ok
23:23:35.0300 0x16ac  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:23:35.0378 0x16ac  MpsSvc - ok
23:23:35.0409 0x16ac  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
23:23:35.0471 0x16ac  Mraid35x - ok
23:23:35.0518 0x16ac  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:23:35.0612 0x16ac  MRxDAV - ok
23:23:35.0643 0x16ac  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:23:35.0736 0x16ac  mrxsmb - ok
23:23:35.0783 0x16ac  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:23:35.0877 0x16ac  mrxsmb10 - ok
23:23:35.0908 0x16ac  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:23:35.0986 0x16ac  mrxsmb20 - ok
23:23:36.0017 0x16ac  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
23:23:36.0064 0x16ac  msahci - ok
23:23:36.0111 0x16ac  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:23:36.0173 0x16ac  msdsm - ok
23:23:36.0204 0x16ac  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
23:23:36.0298 0x16ac  MSDTC - ok
23:23:36.0314 0x16ac  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:23:36.0407 0x16ac  Msfs - ok
23:23:36.0423 0x16ac  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:23:36.0470 0x16ac  msisadrv - ok
23:23:36.0516 0x16ac  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:23:36.0610 0x16ac  MSiSCSI - ok
23:23:36.0610 0x16ac  msiserver - ok
23:23:36.0657 0x16ac  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:23:36.0735 0x16ac  MSKSSRV - ok
23:23:36.0766 0x16ac  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:23:36.0860 0x16ac  MSPCLOCK - ok
23:23:36.0906 0x16ac  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:23:36.0984 0x16ac  MSPQM - ok
23:23:37.0031 0x16ac  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:23:37.0109 0x16ac  MsRPC - ok
23:23:37.0140 0x16ac  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:23:37.0187 0x16ac  mssmbios - ok
23:23:37.0218 0x16ac  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:23:37.0281 0x16ac  MSTEE - ok
23:23:37.0296 0x16ac  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:23:37.0343 0x16ac  Mup - ok
23:23:37.0421 0x16ac  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
23:23:37.0468 0x16ac  napagent - ok
23:23:37.0546 0x16ac  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:23:37.0624 0x16ac  NativeWifiP - ok
23:23:37.0686 0x16ac  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:23:37.0842 0x16ac  NDIS - ok
23:23:37.0874 0x16ac  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:23:37.0952 0x16ac  NdisTapi - ok
23:23:37.0983 0x16ac  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:23:38.0045 0x16ac  Ndisuio - ok
23:23:38.0061 0x16ac  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:23:38.0154 0x16ac  NdisWan - ok
23:23:38.0170 0x16ac  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:23:38.0248 0x16ac  NDProxy - ok
23:23:38.0264 0x16ac  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:23:38.0357 0x16ac  NetBIOS - ok
23:23:38.0404 0x16ac  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
23:23:38.0498 0x16ac  netbt - ok
23:23:38.0513 0x16ac  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
23:23:38.0544 0x16ac  Netlogon - ok
23:23:38.0607 0x16ac  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
23:23:38.0685 0x16ac  Netman - ok
23:23:38.0732 0x16ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:23:38.0810 0x16ac  NetMsmqActivator - ok
23:23:38.0810 0x16ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:23:38.0841 0x16ac  NetPipeActivator - ok
23:23:38.0872 0x16ac  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
23:23:38.0950 0x16ac  netprofm - ok
23:23:38.0966 0x16ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:23:38.0997 0x16ac  NetTcpActivator - ok
23:23:38.0997 0x16ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:23:39.0059 0x16ac  NetTcpPortSharing - ok
23:23:39.0090 0x16ac  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:23:39.0153 0x16ac  nfrd960 - ok
23:23:39.0215 0x16ac  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:23:39.0278 0x16ac  NlaSvc - ok
23:23:39.0324 0x16ac  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:23:39.0402 0x16ac  Npfs - ok
23:23:39.0434 0x16ac  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
23:23:39.0496 0x16ac  nsi - ok
23:23:39.0512 0x16ac  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:23:39.0590 0x16ac  nsiproxy - ok
23:23:39.0699 0x16ac  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:23:39.0995 0x16ac  Ntfs - ok
23:23:40.0026 0x16ac  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
23:23:40.0151 0x16ac  ntrigdigi - ok
23:23:40.0167 0x16ac  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
23:23:40.0245 0x16ac  Null - ok
23:23:40.0276 0x16ac  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:23:40.0338 0x16ac  nvraid - ok
23:23:40.0370 0x16ac  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:23:40.0416 0x16ac  nvstor - ok
23:23:40.0432 0x16ac  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:23:40.0494 0x16ac  nv_agp - ok
23:23:40.0494 0x16ac  NwlnkFlt - ok
23:23:40.0510 0x16ac  NwlnkFwd - ok
23:23:40.0619 0x16ac  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:23:40.0853 0x16ac  odserv - ok
23:23:40.0869 0x16ac  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
23:23:40.0947 0x16ac  ohci1394 - ok
23:23:40.0978 0x16ac  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:23:41.0056 0x16ac  ose - ok
23:23:41.0150 0x16ac  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
23:23:41.0290 0x16ac  p2pimsvc - ok
23:23:41.0321 0x16ac  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:23:41.0399 0x16ac  p2psvc - ok
23:23:41.0415 0x16ac  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
23:23:41.0524 0x16ac  Parport - ok
23:23:41.0571 0x16ac  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:23:41.0618 0x16ac  partmgr - ok
23:23:41.0649 0x16ac  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
23:23:41.0758 0x16ac  Parvdm - ok
23:23:41.0789 0x16ac  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:23:41.0852 0x16ac  PcaSvc - ok
23:23:41.0883 0x16ac  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
23:23:41.0945 0x16ac  pci - ok
23:23:41.0976 0x16ac  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:23:42.0008 0x16ac  pciide - ok
23:23:42.0039 0x16ac  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:23:42.0117 0x16ac  pcmcia - ok
23:23:42.0195 0x16ac  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:23:42.0429 0x16ac  PEAUTH - ok
23:23:42.0554 0x16ac  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
23:23:42.0959 0x16ac  pla - ok
23:23:43.0022 0x16ac  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:23:43.0115 0x16ac  PlugPlay - ok
23:23:43.0178 0x16ac  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
23:23:43.0271 0x16ac  PNRPAutoReg - ok
23:23:43.0334 0x16ac  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
23:23:43.0490 0x16ac  PNRPsvc - ok
23:23:43.0568 0x16ac  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:23:43.0692 0x16ac  PolicyAgent - ok
23:23:43.0755 0x16ac  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:23:43.0848 0x16ac  PptpMiniport - ok
23:23:43.0895 0x16ac  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
23:23:43.0989 0x16ac  Processor - ok
23:23:44.0051 0x16ac  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:23:44.0098 0x16ac  ProfSvc - ok
23:23:44.0129 0x16ac  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
23:23:44.0160 0x16ac  ProtectedStorage - ok
23:23:44.0207 0x16ac  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
23:23:44.0285 0x16ac  PSched - ok
23:23:44.0285 0x16ac  PS_MDP - ok
23:23:44.0379 0x16ac  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:23:44.0597 0x16ac  ql2300 - ok
23:23:44.0628 0x16ac  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:23:44.0722 0x16ac  ql40xx - ok
23:23:44.0769 0x16ac  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
23:23:44.0847 0x16ac  QWAVE - ok
23:23:44.0878 0x16ac  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:23:44.0940 0x16ac  QWAVEdrv - ok
23:23:45.0050 0x16ac  [ 70DBDAB246C18B78E2200D6401D038BE, 18395D084AA9BEAF9C20736C90063CE1F862AF3A80F7752DB4FC0D1870D9996D ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
23:23:45.0112 0x16ac  RapiMgr - ok
23:23:45.0128 0x16ac  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:23:45.0221 0x16ac  RasAcd - ok
23:23:45.0252 0x16ac  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
23:23:45.0330 0x16ac  RasAuto - ok
23:23:45.0377 0x16ac  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:23:45.0455 0x16ac  Rasl2tp - ok
23:23:45.0502 0x16ac  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
23:23:45.0564 0x16ac  RasMan - ok
23:23:45.0596 0x16ac  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:23:45.0674 0x16ac  RasPppoe - ok
23:23:45.0705 0x16ac  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:23:45.0752 0x16ac  RasSstp - ok
23:23:45.0814 0x16ac  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:23:45.0908 0x16ac  rdbss - ok
23:23:45.0923 0x16ac  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:23:45.0986 0x16ac  RDPCDD - ok
23:23:46.0032 0x16ac  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
23:23:46.0188 0x16ac  rdpdr - ok
23:23:46.0220 0x16ac  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:23:46.0313 0x16ac  RDPENCDD - ok
23:23:46.0376 0x16ac  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:23:46.0500 0x16ac  RDPWD - ok
23:23:46.0516 0x16ac  ReadyComm.DirectRouter - ok
23:23:46.0594 0x16ac  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:23:46.0672 0x16ac  RemoteAccess - ok
23:23:46.0719 0x16ac  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:23:46.0797 0x16ac  RemoteRegistry - ok
23:23:46.0859 0x16ac  [ F17713D108ACA124A139FDE877EEF68A, AB254B8B4BDB10685280A8595CA69FEA2F1E68923E676C8CAF3F5468AE4C566E ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
23:23:46.0953 0x16ac  RimUsb - ok
23:23:46.0984 0x16ac  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
23:23:47.0046 0x16ac  RpcLocator - ok
23:23:47.0093 0x16ac  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
23:23:47.0156 0x16ac  RpcSs - ok
23:23:47.0202 0x16ac  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:23:47.0280 0x16ac  rspndr - ok
23:23:47.0343 0x16ac  [ 87FBE0AA5B7DFD003D4BC6B625A2B180, 353B2BB9D6DFFF1A75616DEE7FDAD5301448646D9EEFC9CF196D1433AC3BE52F ] RTL2832UBDA     C:\Windows\system32\drivers\RTL2832UBDA.sys
23:23:47.0421 0x16ac  RTL2832UBDA - ok
23:23:47.0468 0x16ac  [ 1E4462CEA673A4F58A2ADABB19344B93, F36D7EA8E28124666E26196E0D06E36C90E16B8EDF755B90861D299712163216 ] RTL2832UUSB     C:\Windows\system32\Drivers\RTL2832UUSB.sys
23:23:47.0499 0x16ac  RTL2832UUSB - ok
23:23:47.0546 0x16ac  [ ADAC790BAA89AC1FEE08DEEF67D18F5C, 522E409D35AA4D7135840D7451A63513A6D85F2757D2DB1541C955BAF8257A08 ] RTL2832U_IRHID  C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
23:23:47.0577 0x16ac  RTL2832U_IRHID - ok
23:23:47.0592 0x16ac  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
23:23:47.0639 0x16ac  SamSs - ok
23:23:47.0655 0x16ac  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:23:47.0717 0x16ac  sbp2port - ok
23:23:47.0780 0x16ac  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:23:47.0842 0x16ac  SCardSvr - ok
23:23:47.0904 0x16ac  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
23:23:48.0060 0x16ac  Schedule - ok
23:23:48.0107 0x16ac  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:23:48.0154 0x16ac  SCPolicySvc - ok
23:23:48.0201 0x16ac  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
23:23:48.0279 0x16ac  sdbus - ok
23:23:48.0326 0x16ac  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:23:48.0404 0x16ac  SDRSVC - ok
23:23:48.0419 0x16ac  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:23:48.0560 0x16ac  secdrv - ok
23:23:48.0575 0x16ac  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
23:23:48.0638 0x16ac  seclogon - ok
23:23:48.0653 0x16ac  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
23:23:48.0716 0x16ac  SENS - ok
23:23:48.0731 0x16ac  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
23:23:48.0825 0x16ac  Serenum - ok
23:23:48.0856 0x16ac  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
23:23:48.0981 0x16ac  Serial - ok
23:23:48.0996 0x16ac  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:23:49.0074 0x16ac  sermouse - ok
23:23:49.0121 0x16ac  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:23:49.0184 0x16ac  SessionEnv - ok
23:23:49.0199 0x16ac  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:23:49.0277 0x16ac  sffdisk - ok
23:23:49.0293 0x16ac  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:23:49.0371 0x16ac  sffp_mmc - ok
23:23:49.0371 0x16ac  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:23:49.0433 0x16ac  sffp_sd - ok
23:23:49.0464 0x16ac  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:23:49.0558 0x16ac  sfloppy - ok
23:23:49.0620 0x16ac  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:23:49.0714 0x16ac  SharedAccess - ok
23:23:49.0761 0x16ac  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:23:49.0823 0x16ac  ShellHWDetection - ok
23:23:49.0854 0x16ac  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:23:49.0901 0x16ac  sisagp - ok
23:23:49.0932 0x16ac  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
23:23:49.0979 0x16ac  SiSRaid2 - ok
23:23:49.0995 0x16ac  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:23:50.0057 0x16ac  SiSRaid4 - ok
23:23:50.0151 0x16ac  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
23:23:50.0291 0x16ac  SkypeUpdate - ok
23:23:50.0510 0x16ac  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
23:23:50.0946 0x16ac  slsvc - ok
23:23:51.0009 0x16ac  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
23:23:51.0071 0x16ac  SLUINotify - ok
23:23:51.0087 0x16ac  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:23:51.0180 0x16ac  Smb - ok
23:23:51.0290 0x16ac  [ C8A58FC905C9184FA70E37F71060C64D, 3D913E0F7B02EEAC15971DB15608912A96E4FD9BDFBF09E8F8FA4B6390A9B4DE ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
23:23:51.0602 0x16ac  smserial - ok
23:23:51.0648 0x16ac  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:23:51.0695 0x16ac  SNMPTRAP - ok
23:23:51.0711 0x16ac  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:23:51.0758 0x16ac  spldr - ok
23:23:51.0789 0x16ac  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
23:23:51.0836 0x16ac  Spooler - ok
23:23:51.0882 0x16ac  [ D2F4F32B59440011174B4F8137AF4E0C, 82862C39B34D1ED6ED170DAAB385B6ABE5078A6CC995E396828695F2CE2542D9 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:23:51.0992 0x16ac  SQLWriter - ok
23:23:52.0038 0x16ac  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:23:52.0163 0x16ac  srv - ok
23:23:52.0210 0x16ac  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:23:52.0304 0x16ac  srv2 - ok
23:23:52.0335 0x16ac  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:23:52.0413 0x16ac  srvnet - ok
23:23:52.0428 0x16ac  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:23:52.0506 0x16ac  SSDPSRV - ok
23:23:52.0538 0x16ac  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:23:52.0569 0x16ac  SstpSvc - ok
23:23:52.0662 0x16ac  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
23:23:52.0803 0x16ac  stisvc - ok
23:23:52.0881 0x16ac  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:23:52.0928 0x16ac  swenum - ok
23:23:52.0990 0x16ac  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
23:23:53.0115 0x16ac  swprv - ok
23:23:53.0146 0x16ac  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
23:23:53.0208 0x16ac  Symc8xx - ok
23:23:53.0224 0x16ac  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
23:23:53.0271 0x16ac  Sym_hi - ok
23:23:53.0302 0x16ac  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
23:23:53.0364 0x16ac  Sym_u3 - ok
23:23:53.0411 0x16ac  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
23:23:53.0520 0x16ac  SysMain - ok
23:23:53.0598 0x16ac  [ A1B6D369D6919304463565D77EA0F84E, D6A8BEC6163C5D3FA807DF2FFA07E627DE78586D68AE87C389B2401DA11AA0DB ] System_Repair_UpdateMonitor C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
23:23:53.0630 0x16ac  System_Repair_UpdateMonitor - detected UnsignedFile.Multi.Generic ( 1 )
23:23:53.0832 0x16ac  Detect skipped due to KSN trusted
23:23:53.0832 0x16ac  System_Repair_UpdateMonitor - ok
23:23:53.0895 0x16ac  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:23:53.0942 0x16ac  TabletInputService - ok
23:23:53.0988 0x16ac  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:23:54.0051 0x16ac  TapiSrv - ok
23:23:54.0066 0x16ac  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
23:23:54.0144 0x16ac  TBS - ok
23:23:54.0269 0x16ac  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:23:54.0410 0x16ac  Tcpip - ok
23:23:54.0456 0x16ac  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
23:23:54.0534 0x16ac  Tcpip6 - ok
23:23:54.0550 0x16ac  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:23:54.0628 0x16ac  tcpipreg - ok
23:23:54.0659 0x16ac  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:23:54.0737 0x16ac  TDPIPE - ok
23:23:54.0753 0x16ac  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:23:54.0831 0x16ac  TDTCP - ok
23:23:54.0878 0x16ac  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:23:54.0956 0x16ac  tdx - ok
23:23:55.0002 0x16ac  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:23:55.0096 0x16ac  TermDD - ok
23:23:55.0158 0x16ac  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
23:23:55.0268 0x16ac  TermService - ok
23:23:55.0314 0x16ac  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
23:23:55.0361 0x16ac  Themes - ok
23:23:55.0377 0x16ac  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
23:23:55.0424 0x16ac  THREADORDER - ok
23:23:55.0470 0x16ac  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
23:23:55.0533 0x16ac  TrkWks - ok
23:23:55.0595 0x16ac  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:23:55.0642 0x16ac  TrustedInstaller - ok
23:23:55.0689 0x16ac  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:23:55.0751 0x16ac  tssecsrv - ok
23:23:55.0814 0x16ac  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
23:23:55.0860 0x16ac  tunmp - ok
23:23:55.0907 0x16ac  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:23:56.0032 0x16ac  tunnel - ok
23:23:56.0063 0x16ac  [ 49FE965D0730BAF71751CCA22CA15AB1, ED3D119EAF1C4648A6AEB9B58B771E3F7480C15D8FAB06765E31C9EC507E5EF3 ] tvtumon         C:\Windows\system32\DRIVERS\tvtumon.sys
23:23:56.0141 0x16ac  tvtumon - ok
23:23:56.0172 0x16ac  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:23:56.0219 0x16ac  uagp35 - ok
23:23:56.0282 0x16ac  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:23:56.0391 0x16ac  udfs - ok
23:23:56.0438 0x16ac  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:23:56.0516 0x16ac  UI0Detect - ok
23:23:56.0547 0x16ac  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:23:56.0594 0x16ac  uliagpkx - ok
23:23:56.0625 0x16ac  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
23:23:56.0718 0x16ac  uliahci - ok
23:23:56.0734 0x16ac  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
23:23:56.0796 0x16ac  UlSata - ok
23:23:56.0812 0x16ac  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
23:23:56.0874 0x16ac  ulsata2 - ok
23:23:56.0906 0x16ac  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:23:56.0999 0x16ac  umbus - ok
23:23:57.0046 0x16ac  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
23:23:57.0124 0x16ac  upnphost - ok
23:23:57.0186 0x16ac  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:23:57.0249 0x16ac  usbccgp - ok
23:23:57.0264 0x16ac  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:23:57.0389 0x16ac  usbcir - ok
23:23:57.0452 0x16ac  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:23:57.0498 0x16ac  usbehci - ok
23:23:57.0514 0x16ac  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:23:57.0623 0x16ac  usbhub - ok
23:23:57.0639 0x16ac  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:23:57.0748 0x16ac  usbohci - ok
23:23:57.0779 0x16ac  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:23:57.0873 0x16ac  usbprint - ok
23:23:57.0935 0x16ac  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:23:58.0013 0x16ac  usbscan - ok
23:23:58.0044 0x16ac  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:23:58.0122 0x16ac  USBSTOR - ok
23:23:58.0138 0x16ac  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:23:58.0216 0x16ac  usbuhci - ok
23:23:58.0278 0x16ac  [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:23:58.0372 0x16ac  usbvideo - ok
23:23:58.0403 0x16ac  [ 228F444F9AF0D3B9ECA9FC3F4FEB12F2, D29C9A0ED5602BCD529A0D7F538DFA8771B1CAC6F433AA686C3A4917DC596369 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
23:23:58.0481 0x16ac  usb_rndisx - ok
23:23:58.0512 0x16ac  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
23:23:58.0575 0x16ac  UxSms - ok
23:23:58.0622 0x16ac  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
23:23:58.0762 0x16ac  vds - ok
23:23:58.0840 0x16ac  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:23:58.0918 0x16ac  vga - ok
23:23:58.0949 0x16ac  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:23:59.0043 0x16ac  VgaSave - ok
23:23:59.0058 0x16ac  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:23:59.0121 0x16ac  viaagp - ok
23:23:59.0136 0x16ac  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
23:23:59.0199 0x16ac  ViaC7 - ok
23:23:59.0230 0x16ac  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
23:23:59.0261 0x16ac  viaide - ok
23:23:59.0292 0x16ac  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:23:59.0339 0x16ac  volmgr - ok
23:23:59.0402 0x16ac  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:23:59.0495 0x16ac  volmgrx - ok
23:23:59.0558 0x16ac  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:23:59.0698 0x16ac  volsnap - ok
23:23:59.0792 0x16ac  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:23:59.0838 0x16ac  vsmraid - ok
23:24:00.0353 0x16ac  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
23:24:00.0681 0x16ac  VSS - ok
23:24:00.0759 0x16ac  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
23:24:00.0852 0x16ac  W32Time - ok
23:24:01.0086 0x16ac  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:24:01.0180 0x16ac  WacomPen - ok
23:24:01.0211 0x16ac  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
23:24:01.0274 0x16ac  Wanarp - ok
23:24:01.0289 0x16ac  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:24:01.0320 0x16ac  Wanarpv6 - ok
23:24:01.0492 0x16ac  [ 779F9C90D3FE9C70B6FFD8EF035F3E83, 4E38026BA53139B4A10D5E8F00413FAF442A2A42FE1388FCF2155F07BE826750 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
23:24:01.0570 0x16ac  WcesComm - ok
23:24:01.0632 0x16ac  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:24:01.0726 0x16ac  wcncsvc - ok
23:24:01.0757 0x16ac  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:24:01.0835 0x16ac  WcsPlugInService - ok
23:24:01.0882 0x16ac  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
23:24:01.0929 0x16ac  Wd - ok
23:24:01.0991 0x16ac  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:24:02.0163 0x16ac  Wdf01000 - ok
23:24:02.0194 0x16ac  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:24:02.0272 0x16ac  WdiServiceHost - ok
23:24:02.0288 0x16ac  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:24:02.0334 0x16ac  WdiSystemHost - ok
23:24:02.0381 0x16ac  [ 36F2BEDA08B629CD3A1F7805D1F90378, 2321032092DCACE6459C3BF477B1AA5ECDB9C2119D48FC713FCB7383DFD6D130 ] Wdkbdmou        C:\Windows\system32\DRIVERS\Wdkbdmou.sys
23:24:02.0459 0x16ac  Wdkbdmou - ok
23:24:02.0490 0x16ac  [ C1043A2336625DFF9F48B9953A2F7291, EC34CF2E130EE951FCC163C63D2D400876354C558671FC115E3C4296D0067ECC ] wdmirror        C:\Windows\system32\DRIVERS\WDMirror.sys
23:24:02.0553 0x16ac  wdmirror - ok
23:24:02.0615 0x16ac  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
23:24:02.0678 0x16ac  WebClient - ok
23:24:02.0709 0x16ac  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:24:02.0834 0x16ac  Wecsvc - ok
23:24:02.0880 0x16ac  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:24:02.0943 0x16ac  wercplsupport - ok
23:24:03.0021 0x16ac  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:24:03.0068 0x16ac  WerSvc - ok
23:24:03.0224 0x16ac  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4, A6020D41FEA0CC76D0C3CA3A88F3E9493022CD5A549E18B02D69A482B579F339 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
23:24:03.0302 0x16ac  WimFltr - ok
23:24:03.0426 0x16ac  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
23:24:03.0458 0x16ac  WinDefend - ok
23:24:03.0473 0x16ac  WinHttpAutoProxySvc - ok
23:24:04.0191 0x16ac  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:24:04.0238 0x16ac  Winmgmt - ok
23:24:04.0378 0x16ac  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:24:04.0643 0x16ac  WinRM - ok
23:24:04.0784 0x16ac  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:24:04.0893 0x16ac  Wlansvc - ok
23:24:05.0033 0x16ac  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:24:05.0111 0x16ac  WmiAcpi - ok
23:24:05.0142 0x16ac  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:24:05.0283 0x16ac  wmiApSrv - ok
23:24:05.0423 0x16ac  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
23:24:05.0548 0x16ac  WMPNetworkSvc - ok
23:24:05.0610 0x16ac  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:24:05.0720 0x16ac  WPCSvc - ok
23:24:05.0782 0x16ac  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:24:05.0860 0x16ac  WPDBusEnum - ok
23:24:05.0907 0x16ac  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
23:24:06.0078 0x16ac  WpdUsb - ok
23:24:06.0234 0x16ac  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:24:06.0328 0x16ac  WPFFontCache_v0400 - ok
23:24:06.0375 0x16ac  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:24:06.0453 0x16ac  ws2ifsl - ok
23:24:06.0515 0x16ac  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:24:06.0546 0x16ac  wscsvc - ok
23:24:06.0546 0x16ac  WSearch - ok
23:24:06.0609 0x16ac  [ 5D0A08EBF9660E07865907FB1AB022B5, D71B6701FF7F533CBB832F55121F2F5811AD1025D6FE9F22C633A71FBB511BA2 ] WSVD            C:\Windows\system32\drivers\WSVD.sys
23:24:06.0671 0x16ac  WSVD - ok
23:24:07.0139 0x16ac  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:24:07.0389 0x16ac  wuauserv - ok
23:24:07.0436 0x16ac  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:24:07.0529 0x16ac  WudfPf - ok
23:24:07.0545 0x16ac  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:24:07.0670 0x16ac  WUDFRd - ok
23:24:07.0716 0x16ac  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:24:07.0779 0x16ac  wudfsvc - ok
23:24:07.0826 0x16ac  ================ Scan global ===============================
23:24:07.0857 0x16ac  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
23:24:07.0935 0x16ac  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:24:08.0075 0x16ac  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:24:08.0262 0x16ac  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
23:24:08.0278 0x16ac  [ Global ] - ok
23:24:08.0278 0x16ac  ================ Scan MBR ==================================
23:24:08.0309 0x16ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:24:09.0932 0x16ac  \Device\Harddisk0\DR0 - ok
23:24:09.0932 0x16ac  ================ Scan VBR ==================================
23:24:09.0963 0x16ac  [ 24D7A248946E249714C629CE2C3E5F42 ] \Device\Harddisk0\DR0\Partition1
23:24:09.0963 0x16ac  \Device\Harddisk0\DR0\Partition1 - ok
23:24:10.0103 0x16ac  [ 64EEF393A701FE3F1F496E1DFC5D5873 ] \Device\Harddisk0\DR0\Partition2
23:24:10.0103 0x16ac  \Device\Harddisk0\DR0\Partition2 - ok
23:24:10.0103 0x16ac  ================ Scan generic autorun ======================
23:24:10.0212 0x16ac  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
23:24:10.0290 0x16ac  Windows Defender - ok
23:24:10.0290 0x16ac  Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0} - ok
23:24:10.0353 0x16ac  [ 4FFF728CD684A4480AC1F97B12B35DC8, D926CD22FDE83A9ED341134B42ED9D883D18969364C47C4DEAFBAEA77CE9C69D ] C:\Program Files\Apoint2K\Apoint.exe
23:24:10.0400 0x16ac  Apoint - ok
23:24:10.0400 0x16ac  VeriFaceManager - ok
23:24:10.0571 0x16ac  [ 9ACFD9D5E12D849B28C78FED6D620EB3, 203D1EECFB44BA7D3936AAA2280B1D88207BA7655AB735C17BF9F3AAF3D8A803 ] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
23:24:10.0712 0x16ac  UpdateP2GShortCut - ok
23:24:11.0195 0x16ac  [ F5D8CC7FE928FAC64E97697CE6052DB0, 2472AE12D1166943720E572B361506E5D5E64F45CEF1855A93018445B97ADF10 ] C:\Program Files\Lenovo\Energy Management\utility.exe
23:24:11.0819 0x16ac  EnergyUtility - ok
23:24:12.0240 0x16ac  [ 2E98F9CEAE2E002E9E31B84DCA0B07B9, F05FD0C448F95DEC9CC5A9C494D2C1F8622D3E80FEB325AA1687389855CA81CF ] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
23:24:12.0646 0x16ac  Energy Management - ok
23:24:12.0708 0x16ac  [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
23:24:12.0864 0x16ac  SSBkgdUpdate - ok
23:24:12.0911 0x16ac  [ 992594885ABD17994D0B38E807F3921A, 8290572D4B759821071060BABA2A793F8D109EC3D6F9DE577923010B3B65DD8B ] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
23:24:12.0927 0x16ac  PaperPort PTD - ok
23:24:12.0942 0x16ac  [ 88F285801C156064201327EAC45B664C, 8C98A8ED4C78E85D95CF28B7E33C3120F56DA67C26F9C64455111033505C4A69 ] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
23:24:13.0036 0x16ac  IndexSearch - ok
23:24:13.0083 0x16ac  [ A4A66195EB0ECD574A32AAA92DC0A7BD, 4E30D565917158316A541BB29D73BF5F3A01DAB1240363276DE0C5D59B2BFFFE ] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
23:24:13.0254 0x16ac  PPort11reminder - ok
23:24:13.0395 0x16ac  [ 022822B3B7B7E30880449EB4E3594C2D, 757C314AEC229A9F910E720DA9813EC1AA4BF3FCD74AAE39062FF233A2E2029A ] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
23:24:13.0488 0x16ac  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
23:24:13.0676 0x16ac  Detect skipped due to KSN trusted
23:24:13.0676 0x16ac  BrMfcWnd - ok
23:24:13.0722 0x16ac  [ 5983E84038FF6CB55B4BA740C341A54B, 646D1B007AFC9520462F5AB88C253C4D3337DFC362E8498719194589B46BE4CD ] C:\Program Files\Brother\ControlCenter3\brctrcen.exe
23:24:13.0800 0x16ac  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
23:24:13.0972 0x16ac  Detect skipped due to KSN trusted
23:24:13.0972 0x16ac  ControlCenter3 - ok
23:24:14.0128 0x16ac  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
23:24:14.0144 0x16ac  GrooveMonitor - ok
23:24:14.0190 0x16ac  [ 1029B84ECBE4B95ACB8491A3FE63D70F, DF765BEE2B20800646F70B9E473B95F52457316CB331A3E0BF6974D827AB989D ] C:\Windows\system32\igfxtray.exe
23:24:14.0206 0x16ac  IgfxTray - ok
23:24:14.0237 0x16ac  [ 3CD5BBDA19A1AB4EBA359E0A14FDF0F0, 992E7322C86DA533F6DB9192427EBDC5A8F4D1A878F4B30A17ABD54656CFF6C1 ] C:\Windows\system32\hkcmd.exe
23:24:14.0268 0x16ac  HotKeysCmds - ok
23:24:14.0284 0x16ac  [ 3142195521FEE436088EE8A5748DE1B1, EE8E65977AA0EAC0BF48F7C4620946E48679F047EFC515D5F2E52EA4B88C5731 ] C:\Windows\system32\igfxpers.exe
23:24:14.0300 0x16ac  Persistence - ok
23:24:14.0362 0x16ac  [ 0AEE5668EB59912F32FF245BFA72465F, 653978E365B0E72D34E8B3ED1BFCF0237B70B41396BD70EBBBEDB31AFD77857B ] C:\Program Files\QuickTime\QTTask.exe
23:24:14.0877 0x16ac  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
23:24:15.0064 0x16ac  Detect skipped due to KSN trusted
23:24:15.0064 0x16ac  QuickTime Task - ok
23:24:15.0111 0x16ac  [ 4AB05041D5C922B9A7A5D9059F5538CD, 554885535DB523D25DBDB43FBA9384B8E4EC9DF79B02F3B9FFDE3C498106D463 ] C:\Windows\WindowsMobile\wmdSync.exe
23:24:15.0158 0x16ac  Windows Mobile-based device management - ok
23:24:15.0236 0x16ac  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
23:24:15.0251 0x16ac  SunJavaUpdateSched - ok
23:24:15.0329 0x16ac  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
23:24:16.0359 0x16ac  Adobe Reader Speed Launcher - ok
23:24:16.0484 0x16ac  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:24:16.0811 0x16ac  Adobe ARM - ok
23:24:16.0952 0x16ac  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:24:17.0108 0x16ac  Sidebar - ok
23:24:17.0108 0x16ac  WindowsWelcomeCenter - ok
23:24:17.0201 0x16ac  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
23:24:17.0310 0x16ac  Sidebar - ok
23:24:17.0326 0x16ac  WindowsWelcomeCenter - ok
23:24:17.0388 0x16ac  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
23:24:17.0513 0x16ac  Sidebar - ok
23:24:17.0513 0x16ac  WindowsWelcomeCenter - ok
23:24:17.0576 0x16ac  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
23:24:17.0622 0x16ac  ehTray.exe - ok
23:24:17.0654 0x16ac  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
23:24:17.0685 0x16ac  swg - ok
23:24:18.0059 0x16ac  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Karl\AppData\Local\Akamai\netsession_win.exe
23:24:18.0792 0x16ac  Akamai NetSession Interface - ok
23:24:18.0886 0x16ac  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
23:24:18.0917 0x16ac  WMPNSCFG - ok
23:24:19.0104 0x16ac  [ 636B12CD59B629509E66AF8CC1BCC294, A1990D286CA73EBFD1D73AA4BFCEA974517903592E0E4CAFBE68D58844653D8A ] C:\Program Files\Seafile\bin\seafile-applet.exe
23:24:19.0572 0x16ac  Seafile - detected UnsignedFile.Multi.Generic ( 1 )
23:24:19.0744 0x16ac  Detect skipped due to KSN trusted
23:24:19.0744 0x16ac  Seafile - ok
23:24:19.0744 0x16ac  Waiting for KSN requests completion. In queue: 24
23:24:20.0976 0x16ac  AV detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
23:24:21.0070 0x16ac  FW detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
23:24:21.0257 0x16ac  ============================================================
23:24:21.0257 0x16ac  Scan finished
23:24:21.0257 0x16ac  ============================================================
23:24:21.0273 0x11f4  Detected object count: 0
23:24:21.0273 0x11f4  Actual detected object count: 0
Es heißt: "No threats found"
Wie sicher kann ich mir sein, dass das stimmt?

Alt 05.05.2015, 22:45   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Standard

Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


Zitat:
Zitat von Hektor25 Beitrag anzeigen
Es heißt: "No threats found"
Wie sicher kann ich mir sein, dass das stimmt?
So sicher wie man eben bei der Verwendung eines Tools sein kann.
Wir sind aber auch noch lange nicht fertig!

Schritt 1
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet
anhang, antivirenprogramm, daten, desktop, e-mail, erhalte, firma, foren, geladen, interne, kaspersky, komplett, neu, offene, programm, rechnung, sache, sachen, software, trojaner, vista, windows, windows vista, wirklich, würde


« Malewareinfektion epictory.com und andere | OurSurfing.com Istartsurf und andere Infektionen eingefangen »


Ähnliche Themen: Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet


  1. Windows 7: zip-File aus Mail von DirectPay mit Betreff "Offener Rechnung ..." geöffnet. Trojaner?
    Log-Analyse und Auswertung - 07.09.2015 (13)
  2. DirectPay Zip Datei Handy Trojaner Hilfe!
    Log-Analyse und Auswertung - 28.04.2015 (3)
  3. Trojaner im zip-Ordner von Directpay GmbH via Mail geöffnet und ausgeführt
    Log-Analyse und Auswertung - 20.04.2015 (11)
  4. Rechtsanwalt-Mail von Directpay: zip-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 26.03.2015 (1)
  5. Email Anhang zip-Datei mit iPhone geöffnet
    Plagegeister aller Art und deren Bekämpfung - 24.01.2015 (5)
  6. Rechtsanwaltsrechnung - Anhang mit zip-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 25.11.2014 (13)
  7. Anhang in einer Email geöffnet, Zip-Datei ausversehen ausgeführt, jetzt deutliche Leistungseinbußen, Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (13)
  8. Windows Vista Spam-Email Anhang geöffnet
    Log-Analyse und Auswertung - 23.07.2014 (11)
  9. Schadhaften E-Mail-Anhang geöffnet (.zip-Datei)
    Log-Analyse und Auswertung - 10.07.2014 (9)
  10. A1 Rechnung Email RTF Datei Anhang mit Word geöffnet
    Log-Analyse und Auswertung - 20.06.2014 (23)
  11. A1 Email RTF Datei Anhang mit Word geöffnet
    Plagegeister aller Art und deren Bekämpfung - 15.06.2014 (7)
  12. E-Mail Paypalrechnung von Anwaltskanzlei mit zip-Datei im Anhang geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 21.03.2014 (7)
  13. Windows Vista: Zip Anhang einer Email von einer falschen Rechnung geöffnet-Angst vor Virus
    Plagegeister aller Art und deren Bekämpfung - 23.01.2014 (5)
  14. verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (48)
  15. Windows Vista: Trojaner in Phishing Mail in MS-DOS Zip-Datei als Anhang versteckt?
    Log-Analyse und Auswertung - 20.08.2013 (9)
  16. Windows Vista: Trojaner E-Mail Anhang geöffnet
    Log-Analyse und Auswertung - 16.08.2013 (9)
  17. Mail mit ZIP-Datei im Anhang geöffnet - Trojaner?
    Log-Analyse und Auswertung - 14.05.2013 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet - Sehr geehrte Damen und Herren, ich habe eine E-mail von der angeblichen Firma Directpay AG erhalten und habe den Anhang über eine offene Rechnung geöffnet. In dem zip-Ordner war eine - Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet...
Archiv
Du betrachtest: Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19