Hallo Zusammen,

seit etwa einem Monat ärgert mich mein AntiVir Programm mit der Meldung den Trojaner tr/crypt.xpack.gen3 gefunden zu haben. Dieser taucht entweder unter C:\Users\Christina\AppData\Local\Temp oder unter C:\Program Files auf.

Auf der Suche nach Hilfe im Internet habe ich öfters gelesen, dass es einfach mit dem AntiVir zusammenhängen kann und eine Neuinstallation des Virenprogramms helfen könnte?!

Wie könnte ich dem Trojaner den Garaus machen??

Vielen Dank im Voraus für eure Hilfe!!

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Christina (administrator) on LH-ED3IJZ1XJ9IA on 16-06-2015 15:28:59
Running from C:\Users\Christina\Downloads
Loaded Profiles: Christina (Available Profiles: Christina)
Platform: Microsoft® Windows Vista™ Home Premium  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
(Cognizance Corporation) C:\Program Files\Bioscrypt\VeriSoft\Bin\asghost.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
(SaveSense) C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Napster) C:\Program Files\Napster\napster.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Geek Software GmbH) C:\Program Files\pdf24\pdf24.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\Update\Install\{C8A7B453-5A7F-4A4D-8577-5C95E95721F9}\GoogleUpdateSetup.exe
(Microsoft Corporation) C:\Program Files\MSN Messenger\msnmsgr.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Update\GoogleUpdate.exe
(Spotify Ltd) C:\Users\Christina\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardgui.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardgui.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardgui.exe
(Google Inc.) C:\Program Files\GUMC051.tmp\GoogleUpdate.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardgui.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardgui.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mmc.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [729088 2006-10-09] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [827392 2007-01-13] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4390912 2007-03-09] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [ccApp] => c:\Program Files\Common Files\Symantec Shared\ccApp.exe [115816 2007-01-10] (Symantec Corporation)
HKLM\...\Run: [IS CfgWiz] => c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe [431752 2007-01-13] (Symantec Corporation)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [176128 2007-04-24] (CyberLink Corp.)
HKLM\...\Run: [NapsterShell] => C:\Program Files\Napster\napster.exe [323216 2007-01-13] (Napster)
HKLM\...\Run: [QlbCtrl] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [159744 2007-02-13] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [50696 2007-03-12] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472776 2007-03-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [317128 2007-01-11] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49152 2005-02-17] (Hewlett-Packard Co.)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [CognizanceTS] => rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [266497 2008-06-12] (Avira GmbH)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] => C:\Program Files\pdf24\pdf24.exe [193568 2014-10-13] (Geek Software GmbH)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [44128 2006-11-08] (soft thinks)
HKLM\...\InprocServer32: [Default-wbemess] wbemess.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-12-21] (Google Inc.)
HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Run: [msnmsgr] => C:\Program Files\MSN Messenger\msnmsgr.exe [5674352 2007-01-19] (Microsoft Corporation)
HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Run: [Google Update] => C:\Users\Christina\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-21] (Google Inc.)
HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Run: [Spotify Web Helper] => C:\Users\Christina\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-30] (Spotify Ltd)
HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Run: [Spotify] => C:\Users\Christina\AppData\Roaming\Spotify\Spotify.exe [7168568 2015-04-30] (Spotify Ltd)
HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\MountPoints2: {01e7fead-7674-11e1-8897-001e3701aef1} - G:\start.exe
HKU\S-1-5-21-44100919-1438707008-839284535-1000\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION! ====> ZeroAccess?
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [56832 2006-07-13] (Cognizance Corporation)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-09-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-44100919-1438707008-839284535-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
URLSearchHook: HKU\S-1-5-21-44100919-1438707008-839284535-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} -  No File
SearchScopes: HKLM -> {0F0870DA-0D3F-4E93-909B-282D117970B9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-44100919-1438707008-839284535-1000 -> DefaultScope {1AFF00F5-1273-4D29-90D7-B7FE4772A05F} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de
SearchScopes: HKU\S-1-5-21-44100919-1438707008-839284535-1000 -> {0F0870DA-0D3F-4E93-909B-282D117970B9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKU\S-1-5-21-44100919-1438707008-839284535-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://www.search.ask.com/web?p2=%5EADN%5EOSJ000%5EYY%5EAT&gct=sb&itbv=12.6.0.11&o=APN10616&tpid=ORJ-V7&apn_uid=EC23F2B5-EACB-42A0-BA3A-9A2DC1CB9460&apn_ptnrs=ADN&apn_dtid=%5EOSJ000%5EYY%5EAT&apn_dbr=ie_7.0.6000.16982&doi=2013-10-18&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKU\S-1-5-21-44100919-1438707008-839284535-1000 -> {1AFF00F5-1273-4D29-90D7-B7FE4772A05F} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de
SearchScopes: HKU\S-1-5-21-44100919-1438707008-839284535-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30] (Adobe Systems Incorporated)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: SaveSense -> {0f21b1e5-5afc-43c9-9c66-515046e92ec2} -> C:\Program Files\SaveSense\SaveSenseIE.dll [2013-11-04] (SaveSense)
BHO: No Name -> {1E8A6170-7264-4D0F-BEAE-D42A53123C75} -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-01-12] (Symantec Corporation)
BHO: Speed Test Analysis -> {310D38FE-EB4C-467C-8781-B7C2AEB7847D} -> C:\Program Files\Speed Test Analysis\ScriptHost.dll [2013-09-30] (SpeedAnalysis.com)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} ->  No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-02-28] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
BHO: VeriSoft Access Manager -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [2006-11-21] (Bioscrypt Inc.)
Toolbar: HKLM - Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-01-12] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-44100919-1438707008-839284535-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-44100919-1438707008-839284535-1000 -> No Name - {4F524A2D-5637-006A-76A7-7A786E7484D7} -  No File
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn.uibk.ac.at/CACHE/stc/1/binaries/vpnweb.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game07.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://online.jetztspielen.de/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.234.128.9 195.234.128.16

FireFox:
========
FF ProfilePath: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\tdh8calo.default
FF NetworkProxy: "autoconfig_url", "hxxp://wpad.fh-hof.de/wpad.dat"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll [2014-09-14] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [2013-12-13] (SaveSense)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [2013-12-13] (SaveSense)
FF Plugin HKU\S-1-5-21-44100919-1438707008-839284535-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-44100919-1438707008-839284535-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-44100919-1438707008-839284535-1000: pokki.com/PokkiDownloadHelper -> C:\Users\Christina\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll [2014-03-30] (Pokki)
FF user.js: detected! => C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\tdh8calo.default\user.js [2014-03-11]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-08-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\tdh8calo.default\searchplugins\buenosearch.xml [2014-03-11]
FF Extension: SaveSense - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\tdh8calo.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2013-12-13]
FF Extension: Speed Test Analysis - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\tdh8calo.default\Extensions\speedtestanalysis@SpeedAnalysis.com.xpi [2014-01-22]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\tdh8calo.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-07-03]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\tdh8calo.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-09]
FF HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.web.de/
CHR Profile: C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-02]
CHR Extension: (YouTube) - C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-02]
CHR Extension: (Google Search) - C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-02]
CHR Extension: (Speed Test Analysis) - C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb [2013-12-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-02]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [kckgnnipheglejoddfhekdjpbdbinhmb] - C:\Users\Christina\AppData\Roaming\SpeedTestAnalysis\SpeedTestAnalysis.crx [2013-09-30]
StartMenuInternet: Google Chrome.MVBL6J3V45RXVWYMAZE65UTM7Y - C:\Users\Christina\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirScheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [68865 2008-10-23] (Avira GmbH) [File not signed]
R2 AntiVirService; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [151297 2008-10-23] (Avira GmbH) [File not signed]
R2 ASBroker; c:\Program Files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation) [File not signed]
R2 ASChannel; c:\Program Files\Bioscrypt\VeriSoft\Bin\AsChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed]
R2 Automatisches LiveUpdate - Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554616 2007-01-10] (Symantec Corporation)
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 ccEvtMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-10] (Symantec Corporation)
R2 ccSetMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-10] (Symantec Corporation)
R2 CLCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [262243 2007-04-24] () [File not signed]
R2 CLSched; C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [106593 2007-04-24] () [File not signed]
R2 CLTNetCnService; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108648 2007-01-10] (Symantec Corporation)
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-01-09] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 comHost; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [49248 2007-01-13] (Symantec Corporation)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [62984 2007-03-14] (Hewlett-Packard)
R2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 ISPwdSvc; c:\Program Files\Norton Internet Security\isPwdSvc.exe [80504 2007-01-14] (Symantec Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-12-15] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2918008 2007-01-10] (Symantec Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2007-02-12] (Sonic Solutions) [File not signed]
S2 savesenselive; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-12-13] (SaveSense)
S3 savesenselivem; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-12-13] (SaveSense)
R3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1174664 2007-05-27] (Symantec Corporation)
R2 SymAppCore; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [47712 2007-01-05] (Symantec Corporation)
S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2006-11-02] (Microsoft Corporation)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [140424 2007-03-28] (AuthenTec, Inc.)
S3 AVCSTRM; C:\Windows\System32\DRIVERS\avcstrm.sys [14208 2006-11-02] (Microsoft Corporation)
R1 avgio; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [11608 2009-05-27] (Avira GmbH)
R3 avgntflt; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [52056 2009-05-27] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [75096 2009-05-27] (Avira GmbH)
R1 eabfiltr; C:\Windows\System32\DRIVERS\eabfiltr.sys [8192 2006-11-30] (Hewlett-Packard Development Company, L.P.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389432 2007-04-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106808 2007-04-30] (Symantec Corporation)
S3 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys [212280 2006-12-28] (Symantec Corporation)
S3 MSTAPE; C:\Windows\System32\DRIVERS\mstape.sys [50048 2006-11-02] (Microsoft Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20070430.018\NAVENG.SYS [77688 2007-04-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20070430.018\NAVEX15.SYS [852824 2007-04-30] (Symantec Corporation)
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [417592 2007-01-03] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [247608 2007-01-12] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [276792 2007-01-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [25400 2007-01-12] (Symantec Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [21248 2007-11-08] (AVIRA GmbH) [File not signed]
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [115000 2007-05-27] (Symantec Corporation)
R0 symlcbrd; C:\Windows\System32\drivers\symlcbrd.sys [10344 2012-06-01] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [27576 2007-01-09] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [191544 2007-01-09] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-16 15:28 - 2015-06-16 15:30 - 00031521 _____ C:\Users\Christina\Downloads\FRST.txt
2015-06-16 15:27 - 2015-06-16 15:29 - 00000000 ____D C:\FRST
2015-06-16 15:24 - 2015-06-16 15:25 - 01148416 _____ (Farbar) C:\Users\Christina\Downloads\FRST.exe
2015-06-16 13:02 - 2015-06-16 13:03 - 00000082 _____ C:\Users\Christina\Downloads\mitgliedschaft.php
2015-06-15 22:50 - 2015-06-15 22:50 - 00003923 _____ C:\Users\Christina\Downloads\Download (1)
2015-06-15 22:50 - 2015-06-15 22:50 - 00003923 _____ C:\Users\Christina\Downloads\Download
2015-06-15 16:21 - 2015-06-15 16:23 - 00000000 ____D C:\Program Files\GUMC051.tmp
2015-06-15 16:21 - 2015-06-15 16:21 - 06420480 _____ C:\Program Files\GUTC052.tmp
2015-06-14 16:31 - 2015-06-15 16:20 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-14 16:30 - 2015-06-14 16:30 - 05499960 _____ (Avast Software s.r.o.) C:\Users\Christina\Downloads\avast_free_antivirus_setup_online.exe
2015-06-13 17:05 - 2015-06-13 17:06 - 00000032 _____ C:\Users\Christina\Downloads\unbenannt (1)
2015-06-13 17:05 - 2015-06-13 17:06 - 00000006 _____ C:\Users\Christina\Downloads\unbenannt (2)
2015-05-28 13:58 - 2015-05-28 13:58 - 00138240 _____ C:\Windows\Minidump\Mini052815-01.dmp
2015-05-22 22:10 - 2015-05-22 22:12 - 00000000 ____D C:\Program Files\GUM1CAD.tmp
2015-05-19 13:02 - 2015-05-19 13:03 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Christina\Downloads\SpyHunter-Installer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-16 15:21 - 2010-10-10 03:23 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-16 15:17 - 2012-12-02 22:01 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-44100919-1438707008-839284535-1000UA.job
2015-06-16 14:59 - 2013-12-13 22:54 - 00000926 _____ C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2015-06-16 14:54 - 2013-12-13 22:54 - 00000306 _____ C:\Windows\Tasks\SaveSense.job
2015-06-16 14:41 - 2006-11-02 14:47 - 00003072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-16 14:41 - 2006-11-02 14:47 - 00003072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-16 12:58 - 2007-10-16 12:42 - 01484902 _____ C:\Windows\WindowsUpdate.log
2015-06-16 00:54 - 2013-12-19 10:54 - 00000158 _____ C:\Users\Christina\AppData\Roaming\WB.CFG
2015-06-15 23:16 - 2012-12-02 22:01 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-44100919-1438707008-839284535-1000Core.job
2015-06-15 21:59 - 2013-12-13 22:54 - 00000922 _____ C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2015-06-15 16:31 - 2012-11-16 14:39 - 00000000 ___RD C:\Users\Christina\Dropbox
2015-06-15 16:31 - 2012-11-14 23:40 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox
2015-06-15 16:31 - 2008-09-20 16:43 - 00000426 ____H C:\Windows\Tasks\User_Feed_Synchronization-{91FB1A06-13B7-42FB-8075-357162F4F5B3}.job
2015-06-15 16:26 - 2014-09-03 16:35 - 00000000 ____D C:\Users\Christina\AppData\Local\Spotify
2015-06-15 16:26 - 2014-09-03 16:34 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Spotify
2015-06-15 16:23 - 2008-09-20 13:57 - 00027715 _____ C:\Users\Christina\AppData\Roaming\nvModes.001
2015-06-15 16:23 - 2007-05-27 06:38 - 00000148 _____ C:\Users\Public\Documents\hpqp.ini
2015-06-15 16:21 - 2010-10-10 03:23 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-15 16:21 - 2007-05-27 06:57 - 00000000 ____D C:\Windows\SMINST
2015-06-15 16:20 - 2007-05-27 06:28 - 00037474 _____ C:\Windows\PFRO.log
2015-06-15 16:20 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-15 16:18 - 2007-10-16 12:42 - 00001660 _____ C:\Windows\bthservsdp.dat
2015-06-15 16:18 - 2006-11-02 15:01 - 00032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-14 19:17 - 2009-02-22 00:39 - 00000000 ____D C:\Users\Christina\Desktop\Praktikum
2015-06-10 12:51 - 2006-11-02 12:33 - 01608054 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-28 13:58 - 2014-10-14 17:26 - 222926973 _____ C:\Windows\MEMORY.DMP
2015-05-28 13:58 - 2010-07-08 21:41 - 00000000 ____D C:\Windows\Minidump
2015-05-20 21:53 - 2013-12-13 22:52 - 00000000 ____D C:\Program Files\Speed Test Analysis
2015-05-19 13:08 - 2008-09-18 19:47 - 00000000 ____D C:\Users\Christina

==================== Files in the root of some directories =======

2015-06-15 16:21 - 2015-06-15 16:21 - 6420480 _____ () C:\Program Files\GUTC052.tmp
2008-09-20 13:57 - 2015-06-15 16:23 - 0027715 _____ () C:\Users\Christina\AppData\Roaming\nvModes.001
2008-09-19 12:11 - 2009-08-25 23:17 - 0027715 _____ () C:\Users\Christina\AppData\Roaming\nvModes.dat
2015-03-25 21:56 - 2015-04-05 20:50 - 0000154 _____ () C:\Users\Christina\AppData\Roaming\Rim.Desktop.Exception.log
2015-03-25 17:45 - 2015-03-25 17:46 - 0001847 _____ () C:\Users\Christina\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-03-25 21:56 - 2015-04-05 20:50 - 0000154 _____ () C:\Users\Christina\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-03-25 22:23 - 2015-04-05 20:50 - 0000154 _____ () C:\Users\Christina\AppData\Roaming\Rim.Transcoder.Exception.log
2013-12-19 10:54 - 2015-06-16 00:54 - 0000158 _____ () C:\Users\Christina\AppData\Roaming\WB.CFG
2008-09-18 20:05 - 2008-09-18 20:05 - 0000000 _____ () C:\Users\Christina\AppData\Local\AtStart.txt
2011-06-19 14:59 - 2012-12-28 17:30 - 0007592 _____ () C:\Users\Christina\AppData\Local\d3d9caps.dat
2008-09-20 14:35 - 2015-04-28 13:34 - 0029696 _____ () C:\Users\Christina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-09-18 20:05 - 2008-09-18 20:05 - 0000000 _____ () C:\Users\Christina\AppData\Local\DSwitch.txt
2008-09-18 20:05 - 2008-09-18 20:05 - 0000000 _____ () C:\Users\Christina\AppData\Local\QSwitch.txt
2014-02-13 18:28 - 2014-02-13 18:28 - 0007280 _____ () C:\Users\Christina\AppData\Local\recently-used.xbel
2010-09-02 17:25 - 2010-09-02 17:25 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2007-05-27 06:47 - 2007-05-27 06:47 - 0000320 _____ () C:\ProgramData\hpzinstall.log

ZeroAccess:
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@

ZeroAccess:
C:\Users\Christina\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}
C:\Users\Christina\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@

Some files in TEMP:
====================
C:\Users\Christina\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe53axj.dll
C:\Users\Christina\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Christina\AppData\Local\Temp\symlcsv1.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\nsprs.dll
C:\Windows\System32\serauth1.dll
C:\Windows\System32\serauth2.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-15 16:39

==================== End of log ============================
         

--- --- ---


Und hier noch die Addition.txt - Danke für deine Hilfe!!!

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Christina at 2015-06-16 15:30:42
Running from C:\Users\Christina\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-44100919-1438707008-839284535-500 - Administrator - Disabled)
Christina (S-1-5-21-44100919-1438707008-839284535-1000 - Administrator - Enabled) => C:\Users\Christina
Gast (S-1-5-21-44100919-1438707008-839284535-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Amelie's Cafe Deluxe (HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Amelie's Cafe Deluxe) (Version: 1.0.0 - Zylom Games)
AppCore (Version: 1 - Symantec Corporation) Hidden
Apple Application Support (32-Bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.7.0.62 - AuthenTec, Inc.) Hidden
AV (Version: 1 - Symantec Corporation) Hidden
Avira AntiVir Personal - Free Antivirus (HKLM\...\AntiVir PersonalEdition Classic) (Version:  - Avira GmbH)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version:  - )
ccCommon (Version: 106.2.0.21 - Symantec) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\CopyTrans Suite) (Version: 3.006 - WindSolutions)
Dropbox (HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
ESU for Microsoft Vista (HKLM\...\{7968EB30-5580-4955-8925-4A17CD625118}) (Version: 2.0.3.1 - Hewlett-Packard)
FotoWorks (HKLM\...\FotoWorks_is1) (Version: Aktuelle Version - IN MEDIA KG)
Free Audio CD Burner version 1.4 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Studio version 4.2 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free Video to MP3 Converter version 5.0.6.221 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.6.221 - DVDVideoSoft Ltd.)
Free YouTube to iPod Converter version 3.1 (HKLM\...\Free YouTube to iPod Converter_is1) (Version:  - DVD Video Soft Limited.)
Free YouTube to MP3 Converter version 3.10.15.1228 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GMATPrep(TM) (HKLM\...\{BFE903DE-4845-4387-9C6C-98B21B8445A3}) (Version: 2.3.601.409 - Graduate Management Admission Council ®)
Google Chrome (HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard Active Check (Version: 1.1.7.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent (Version: 2.0.58.0 - HP) Hidden
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.1.0.2278 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.1.0.2279 - Hewlett-Packard)
HP Help and Support (HKLM\...\{9061CEF2-51F5-42C9-8A70-9ED351C6597A}) (Version: 1.1.0 - Hewlett-Packard)
HP Photosmart Essential 2.0 (HKLM\...\HP Photosmart Essential) (Version: 2.0 - HP)
HP Quick Launch Buttons 6.20 B1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.20 B1 - Hewlett-Packard)
HP QuickPlay 3.2 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
HP Update (HKLM\...\{8C6027FD-53DC-446D-BB75-CACD7028A134}) (Version: 4.000.005.007 - Hewlett-Packard)
HP User Guides 0057 (HKLM\...\{DDFD9BA2-8E26-4E49-92AE-882424DAB1BC}) (Version: 1.03.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{D32067CD-7409-4792-BFA0-1469BCD8F0C8}) (Version: 3.00 F1 - Hewlett-Packard)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
ICQ6.5 (HKLM\...\{60DE4033-9503-48D1-A483-7846BD217CA9}) (Version: 6.5 - ICQ)
Intel Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
JPEG to PDF 1.0 (HKLM\...\{4097ADD8-7890-4CBD-953A-1187EF2C6FA5}_is1) (Version:  - jpegtopdf.com)
Langenscheidt Vokabeltrainer 5.0 Französisch (HKLM\...\{D2EB920F-0A55-49D1-A35D-B71247EF8350}) (Version: 5.0.0 - Langenscheidt)
LightScribe  1.4.136.1 (Version: 1.4.136.1 - hxxp://www.lightscribe.com) Hidden
LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.41 - Symantec Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mendeley Desktop 1.11 (HKLM\...\Mendeley Desktop) (Version: 1.11 - Mendeley Ltd.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
MovieShaker 3.1 für MICROMV (HKLM\...\{20EFD980-3787-11D5-B64E-00C04F790F76}) (Version:  - )
Mozilla Firefox 32.0.3 (x86 de) (HKLM\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSCU for Microsoft Vista (HKLM\...\{194C14D5-3CB0-4977-8886-A79DFC00E820}) (Version: 1.0.1.1 - Hewlett-Packard)
MSRedist (Version: 1.0.0.0 - Symantec Corporation) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Napster (HKLM\...\{BBBCAE4B-B416-4182-A6F2-438180894A81}) (Version: 3.8.1.4 - Napster)
Napster Burn Engine (Version: 3.5.0000 - Ihr Firmenname) Hidden
Norton AntiVirus (Version: 14.2.0.29 - Symantec Corporation) Hidden
Norton Confidential Browser Component (Version: 1.5.0.29 - Symantec Corporation) Hidden
Norton Confidential Web Protection Component (Version: 1.5.0.29 - Symantec Corporation) Hidden
Norton Internet Security (Symantec Corporation) (HKLM\...\SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}) (Version: 10.2.0.30 - Symantec Corporation)
Norton Internet Security (Version: 10.1.0 - Symantec Corp.) Hidden
Norton Internet Security (Version: 10.2.0.30 - Symantec Corporation) Hidden
Norton Protection Center (Version: 2007.2.0.22 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
PDF24 Creator 6.8.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.6 - Frank Heindörfer, Philip Chinery)
PDFTK Builder 3.5.3 (HKLM\...\PDFTK Builder_is1) (Version:  - )
Pokki Download Helper (HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
PSSWCORE (Version: 2.00.5000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\QuickTime) (Version:  - )
RealProducer Basic 8.5 (HKLM\...\RealProducer 8.5) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5384 - Realtek Semiconductor Corp.)
Restaurant Rush Deluxe (HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Restaurant Rush Deluxe) (Version: 1.0.0 - Zylom Games)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}) (Version: 9.0.551 - Roxio)
SaveSense (HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\SaveSense) (Version:  - ) <==== ATTENTION
SaveSense (remove only) (HKLM\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPBBC 32bit (Version: 3.2.0.21 - Symantec Corporation) Hidden
Speed Test Analysis (HKLM\...\Speed Test Analysis) (Version: 1.0.0.5 - Speed Analysis) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Spotify (HKU\S-1-5-21-44100919-1438707008-839284535-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
SPSS 15.0 für Windows [Auswertung Version] (HKLM\...\{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}) (Version: 15.0.1 - SPSS Inc.)
SpyHunter 4 (HKLM\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Symantec Real Time Storage Protection Component (Version: 10.1.4.2 - Symantec Corporation) Hidden
SymNet (Version: 7.2.0.15 - Symantec Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.11.0 - Synaptics)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
VeriSoft Access Manager (HKLM\...\{0ABA40AF-288D-41F1-B735-C5155692CD7D}) (Version: 2.1.2.880.15 - Bioscrypt Inc.)
Vokabeltrainer-Update 5.0.3 (HKLM\...\{6675C262-A7BD-4C09-9C7F-77168A871D95}) (Version: 5.0.3 - Langenscheidt)
Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8-0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation)
Word 2 PDF 1 (HKLM\...\Word 2 PDF 1) (Version:  - )
WordToPDF 2.5 (HKLM\...\WordToPDF_is1) (Version: 2.5 - Mario Noack)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Christina\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}\InprocServer32 -> C:\Users\Christina\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{3C70D620-5735-4E90-922E-50E66CC3FC65}\localserver32 -> C:\Program Files\Mendeley Desktop\MendeleyWordPlugin.exe ()
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Christina\AppData\Local\Google\Chrome\Application\42.0.2311.152\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\CHRIST~1\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44100919-1438707008-839284535-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Christina\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points =========================
         

Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

• Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
• Klicke auf Optionen und wähle als Sprache Deutsch.
• Suche im Uninstallerfeld nach den Programmen:
  
  SaveSense
  
  SaveSense
  
  Speed Test Analysis
  
  
  
• Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

 

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
• Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Vielen Dank für deine schnelle Hilfe, schrauber!!

Ich habe den Scan über Malwarebytes jetzt dreimal durchlaufen lassen, aber das Programm stürzt -vermutlich am Ende des Scans- immer ab!:/ also bis zum cleanup button komme ich leider gar nicht erst...

AV Programm ist aus? Bitte mal im abgesicherten Modus versuchen.

Ok, also im abgesichteren Modus bin ich leider auch nicht bis zum Cleanup-Button gekommen, aber es wurde bis zum Abbruch des Scans immer eine Malware gefunden. Beim Finden dieser Malware bin ich dann auf Scan Abbruch gegangen und so konnte ich zumindest dann diese eine Malware mit dem Cleanup entfernen...

Die mbar.txt wurde aber im Ordner erstellt

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.19.02
  rootkit: v2015.06.15.01

Windows Vista x86 NTFS (Safe Mode)
Internet Explorer 7.0.6000.16982
Christina :: LH-ED3IJZ1XJ9IA [administrator]

21.06.2015 14:51:08
mbar-log-2015-06-21 (14-51-08).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 59738
Time elapsed: 11 minute(s), 30 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ (Backdoor.0Access) -> Delete on reboot. [d3bb9d1f6a20f640b7d4d52b3fc19868]

Physical Sectors Detected: 0
(No malicious items detected)
         

Die Ordner/Dateien, die den Trojaner beinhalten, wurden von Malware auch gescannt aber nicht als Trojaner erkannt.

Und hier noch die TDSSKiller.txt

Code: Alles auswählenAufklappen

ATTFilter

16:17:48.0490 0x06e8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:17:53.0910 0x06e8  ============================================================
16:17:53.0910 0x06e8  Current date / time: 2015/06/21 16:17:53.0910
16:17:53.0910 0x06e8  SystemInfo:
16:17:53.0911 0x06e8  
16:17:53.0911 0x06e8  OS Version: 6.0.6000 ServicePack: 0.0
16:17:53.0911 0x06e8  Product type: Workstation
16:17:53.0911 0x06e8  ComputerName: LH-ED3IJZ1XJ9IA
16:17:53.0911 0x06e8  UserName: Christina
16:17:53.0911 0x06e8  Windows directory: C:\Windows
16:17:53.0911 0x06e8  System windows directory: C:\Windows
16:17:53.0911 0x06e8  Processor architecture: Intel x86
16:17:53.0912 0x06e8  Number of processors: 2
16:17:53.0912 0x06e8  Page size: 0x1000
16:17:53.0912 0x06e8  Boot type: Normal boot
16:17:53.0912 0x06e8  ============================================================
16:17:55.0113 0x06e8  KLMD registered as C:\Windows\system32\drivers\58494287.sys
16:17:55.0642 0x06e8  System UUID: {4D85295A-2F65-0A62-65D5-CE234D2CC9B9}
16:17:56.0828 0x06e8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:17:56.0919 0x06e8  ============================================================
16:17:56.0919 0x06e8  \Device\Harddisk0\DR0:
16:17:56.0920 0x06e8  MBR partitions:
16:17:56.0920 0x06e8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C2D0572
16:17:56.0920 0x06e8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C2D05B1, BlocksNum 0xEF3FD0
16:17:56.0920 0x06e8  ============================================================
16:17:57.0306 0x06e8  C: <-> \Device\Harddisk0\DR0\Partition1
16:17:57.0554 0x06e8  D: <-> \Device\Harddisk0\DR0\Partition2
16:17:57.0554 0x06e8  ============================================================
16:17:57.0555 0x06e8  Initialize success
16:17:57.0555 0x06e8  ============================================================
16:19:07.0684 0x1158  ============================================================
16:19:07.0684 0x1158  Scan started
16:19:07.0684 0x1158  Mode: Manual; SigCheck; TDLFS; 
16:19:07.0684 0x1158  ============================================================
16:19:07.0684 0x1158  KSN ping started
16:19:21.0468 0x1158  KSN ping finished: true
16:19:22.0351 0x1158  ================ Scan system memory ========================
16:19:22.0351 0x1158  System memory - ok
16:19:22.0352 0x1158  ================ Scan services =============================
16:19:22.0659 0x1158  [ 45EF15EE13010FD53ED870FD240FA929, B1BEEB00A2A3D177D3481C85D6AC2F1ED55E76586D029528F2E217BC9D522A28 ] 61883           C:\Windows\system32\DRIVERS\61883.sys
16:19:23.0527 0x1158  61883 - ok
16:19:23.0638 0x1158  [ 84FC6DF81212D16BE5C4F441682FECCC, 73F3BE94A98225A9F276C1A6C8BCA05571FF3BB012E7FF877F6C4AB11F62CBA0 ] ACPI            C:\Windows\system32\drivers\acpi.sys
16:19:23.0682 0x1158  ACPI - ok
16:19:23.0755 0x1158  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:19:23.0862 0x1158  adp94xx - ok
16:19:23.0900 0x1158  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:19:23.0991 0x1158  adpahci - ok
16:19:24.0017 0x1158  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
16:19:24.0061 0x1158  adpu160m - ok
16:19:24.0087 0x1158  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:19:24.0134 0x1158  adpu320 - ok
16:19:24.0184 0x1158  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:19:24.0402 0x1158  AeLookupSvc - ok
16:19:24.0438 0x1158  [ 5D24CAF8EFD924A875698FF28384DB8B, FA3DE58D8F4180E9B9FE1DED4B1BE09245F401899E614DBD6A3867CEF6E34977 ] AFD             C:\Windows\system32\drivers\afd.sys
16:19:24.0618 0x1158  AFD - ok
16:19:24.0694 0x1158  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:19:24.0719 0x1158  agp440 - ok
16:19:24.0764 0x1158  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
16:19:24.0796 0x1158  aic78xx - ok
16:19:24.0824 0x1158  [ E69FB0E3112C40FDC0EF7D21A52DC951, 6FB299330EDEF77DC91FC279D90D8ADEA138EC98342116121F5879B50070963D ] ALG             C:\Windows\System32\alg.exe
16:19:24.0894 0x1158  ALG - ok
16:19:24.0912 0x1158  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:19:24.0933 0x1158  aliide - ok
16:19:24.0987 0x1158  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:19:25.0012 0x1158  amdagp - ok
16:19:25.0046 0x1158  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:19:25.0067 0x1158  amdide - ok
16:19:25.0093 0x1158  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
16:19:25.0173 0x1158  AmdK7 - ok
16:19:25.0184 0x1158  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:19:25.0369 0x1158  AmdK8 - ok
16:19:25.0447 0x1158  [ D6C8942BEA3698A2E7559BD423BFA5D7, 61BD5CE8A4CF55200AFCAB771247D4D4EE1FE95B08F6D590CEC1FB4C54F6C952 ] AntiVirScheduler C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
16:19:25.0542 0x1158  AntiVirScheduler - detected UnsignedFile.Multi.Generic ( 1 )
16:19:27.0997 0x1158  Detect skipped due to KSN trusted
16:19:27.0997 0x1158  AntiVirScheduler - ok
16:19:28.0025 0x1158  [ 335A142923FE7F97E8C8388ACD067568, E9A61145F28053FBCDB2F7436D77D725F0C8B39AF617F49228A2BDFEC484B040 ] AntiVirService  C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
16:19:28.0074 0x1158  AntiVirService - detected UnsignedFile.Multi.Generic ( 1 )
16:19:30.0434 0x1158  Detect skipped due to KSN trusted
16:19:30.0434 0x1158  AntiVirService - ok
16:19:30.0688 0x1158  [ CFA455816879F06F1C4E5BBF9E8AEF7D, E10781DEE5A9CDD2D79E1696577B24095258DC261E0D303177B5D7E719F58B20 ] Appinfo         C:\Windows\System32\appinfo.dll
16:19:30.0864 0x1158  Appinfo - ok
16:19:31.0430 0x1158  [ D2B87FC03BE28CD0B33C2B5C1119FD8E, 97EB74CB7F62C0D06D45CB250E3A90657A0F107C2FC20738FF6B2C87B0240080 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:19:31.0801 0x1158  Apple Mobile Device - ok
16:19:31.0933 0x1158  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
16:19:32.0030 0x1158  arc - ok
16:19:32.0142 0x1158  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:19:32.0198 0x1158  arcsas - ok
16:19:32.0780 0x1158  [ 2EEDA27C19259C2340324EF7180D086B, 5426BF8EED7F87CEEA4D3EE1E721305A3703B0C490E01DE97DE5AFA0003C93D6 ] ASBroker        c:\Program Files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll
16:19:33.0042 0x1158  ASBroker - detected UnsignedFile.Multi.Generic ( 1 )
16:19:35.0404 0x1158  Detect skipped due to KSN trusted
16:19:35.0404 0x1158  ASBroker - ok
16:19:35.0481 0x1158  [ BB3C0521ECCA4BB17AC55EB640DF0FA5, 125B285960B45E0384EB1770B10488BEBB87F6CD1785EA83C0C24CDD9B9EDEAF ] ASChannel       c:\Program Files\Bioscrypt\VeriSoft\Bin\AsChnl.dll
16:19:35.0514 0x1158  ASChannel - detected UnsignedFile.Multi.Generic ( 1 )
16:19:37.0873 0x1158  Detect skipped due to KSN trusted
16:19:37.0873 0x1158  ASChannel - ok
16:19:38.0004 0x1158  [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:19:38.0084 0x1158  aspnet_state - ok
16:19:38.0120 0x1158  [ E86CF7CE67D5DE898F27EF884DC357D8, 24C86D0A6340B618E97C91066A8E639EA672112A571C4B36B0BC1EB717DDA782 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:19:38.0219 0x1158  AsyncMac - ok
16:19:38.0245 0x1158  [ B35CFCEF838382AB6490B321C87EDF17, A13985B87B5918D123072C7128E12DC28B0FCFD68383AFA6E1DA72A25BD781E0 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:19:38.0266 0x1158  atapi - ok
16:19:38.0296 0x1158  [ FB2162AFF83D519CD77431A1BC5EE0ED, D4077CC8F72A8B52EC61CFD85531FD53492F5650B23A2F4C9CC3F0390CA4E284 ] ATSWPDRV        C:\Windows\system32\DRIVERS\ATSwpDrv.sys
16:19:38.0394 0x1158  ATSWPDRV - ok
16:19:38.0447 0x1158  [ E760FC1BD68F7F6F1B17EB4E8D9480B0, 9E76A76B3D75AA6AFA8552412C48BCB88BC8708F75EDAFEFBD97EFEE4387A4AF ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:19:38.0519 0x1158  AudioEndpointBuilder - ok
16:19:38.0547 0x1158  [ E760FC1BD68F7F6F1B17EB4E8D9480B0, 9E76A76B3D75AA6AFA8552412C48BCB88BC8708F75EDAFEFBD97EFEE4387A4AF ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:19:38.0600 0x1158  Audiosrv - ok
16:19:38.0669 0x1158  [ C0E25BB0E6A159D332048AFAA2ED24CE, 5FF4BACDC01B8E652F2A6F141736E8440EE8DE7835B1026B73679A9E2BAB817F ] Automatisches LiveUpdate - Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
16:19:38.0726 0x1158  Automatisches LiveUpdate - Scheduler - ok
16:19:38.0771 0x1158  [ 18C8269BE7F0F65A2EFC5B408D4A17DF, BFD866A45FFC10F1E66A61AFD8EB8DEC194A736EA80A64713B83AFA227576E7E ] Avc             C:\Windows\system32\DRIVERS\avc.sys
16:19:38.0848 0x1158  Avc - ok
16:19:38.0878 0x1158  [ B81958C4C42CBC77B5DB7710962F99C3, 66CBD0F9116173424345793A2B1CAEAEDA000E9A9A1EC0669EDC3011E82B1B68 ] AVCSTRM         C:\Windows\system32\DRIVERS\avcstrm.sys
16:19:38.0943 0x1158  AVCSTRM - ok
16:19:38.0962 0x1158  [ 87828ECD657F81503465AC705E845076, 574916C2181EE8EF79985E53E4DD1EFAD7057F7FD5CBC80890C494216D30328D ] avgio           C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
16:19:38.0979 0x1158  avgio - ok
16:19:39.0000 0x1158  [ FCB30820BED1D3FEB55E3DD55A3F947F, 2795EB5342E820EF4C89F23664EC07C0C3BC4563E850D759AE7F8413D16EA7B3 ] avgntflt        C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
16:19:39.0020 0x1158  avgntflt - ok
16:19:39.0033 0x1158  [ 0B09DF022250FB7BA91FB932EAC6EA9B, D2D44CB767920A55385ED28E3C18B197B242F5CF2B67B7E8F2CAE258F6C3C2E3 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:19:39.0057 0x1158  avipbb - ok
16:19:39.0156 0x1158  [ CF6A67C90951E3E763D2135DEDE44B85, DD31F105665C6980D4CEF5C5C0F29590CF1DC0B4AEB3809C8659915E5E95931B ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
16:19:39.0263 0x1158  BCM43XV - ok
16:19:39.0292 0x1158  [ AC3DD1708B22761EBD7CBE14DCC3B5D7, 395769C8DAA505E261033B9EA0319A7ED56A6289BAE11FDDA49002E25D9D8698 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:19:39.0346 0x1158  Beep - ok
16:19:39.0403 0x1158  [ 98EBDFFB824A7C265337D68DD480E45C, 81E495C7104FE9C1F996B2672ED22BE9E294D5C54B67FFCC6D2DD979DC94363C ] BFE             C:\Windows\System32\bfe.dll
16:19:39.0485 0x1158  BFE - ok
16:19:39.0561 0x1158  [ DA551697E34D2B9943C8B1C8EAFFE89A, 5C0D13F7AE1D58E625932B00AD53F792B58900C93A1D5F97BD1D9605FCEAD51A ] BITS            C:\Windows\System32\qmgr.dll
16:19:39.0668 0x1158  BITS - ok
16:19:39.0819 0x1158  [ 686045905787B68D829CE647A6DFAD2B, 09B925A3E02B3BA45D5D408B59A279D3255AC854B3B696E243DCD14EF18CEC92 ] Blackberry Device Manager C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
16:19:39.0898 0x1158  Blackberry Device Manager - detected UnsignedFile.Multi.Generic ( 1 )
16:19:42.0436 0x1158  Detect skipped due to KSN trusted
16:19:42.0436 0x1158  Blackberry Device Manager - ok
16:19:42.0439 0x1158  blbdrive - ok
16:19:42.0475 0x1158  [ 913CD06FBE9105CE6077E90FD4418561, EC0ECE5A0DBCD8DC1B202517902D90FF0FC0F3875557828BFA079DDE92EF6F5D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:19:42.0578 0x1158  bowser - ok
16:19:42.0630 0x1158  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
16:19:42.0707 0x1158  BrFiltLo - ok
16:19:42.0727 0x1158  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
16:19:42.0788 0x1158  BrFiltUp - ok
16:19:42.0825 0x1158  [ BEB6470532B7461D7BB426E3FACB424F, 16439FD066EBBFF3F469FD5EC3A2FCAEC47DE9737A7DE93DA344EC4E2180D2F0 ] Browser         C:\Windows\System32\browser.dll
16:19:42.0931 0x1158  Browser - ok
16:19:42.0961 0x1158  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
16:19:43.0032 0x1158  Brserid - ok
16:19:43.0051 0x1158  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
16:19:43.0122 0x1158  BrSerWdm - ok
16:19:43.0146 0x1158  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
16:19:43.0220 0x1158  BrUsbMdm - ok
16:19:43.0241 0x1158  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
16:19:43.0311 0x1158  BrUsbSer - ok
16:19:43.0346 0x1158  [ CF97C2D6A011EE9403B42191B5F95BA8, A82A0553D5621E8B87724442F585F2FE19A119F855B462635E996EAA52779F67 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:19:43.0412 0x1158  BthEnum - ok
16:19:43.0440 0x1158  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:19:43.0509 0x1158  BTHMODEM - ok
16:19:43.0538 0x1158  [ B8C3D9DDF85FD197C3E5F849FEF71144, 9DA9D7D4970814051E93288F06A6676BC4B09EF52C1E4E70541E0D9937729E84 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:19:43.0617 0x1158  BthPan - ok
16:19:43.0659 0x1158  [ B4CE8000AAB30A9AB16CD0FB3DB4D7CF, FE9762B9204B1771D64AD9D63D74E8117C442FB43E03A82ACDFA3F646B275BF6 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:19:43.0707 0x1158  BTHPORT - ok
16:19:43.0736 0x1158  [ 58EE7F5E68310BC8D4E7CEBD8358C12E, 2EBA4A861E2C2AA56016DD8F5AE7C969BF515EF1B3E153F97F1E48E0983F17BB ] BthServ         C:\Windows\System32\bthserv.dll
16:19:43.0795 0x1158  BthServ - ok
16:19:43.0813 0x1158  [ 9A4DDC8544C1459AA2A118A8858DADE3, 5D20C076FCCD13908C44C773CE46F13CAAE33B98DCA8DDAF593D2B28EFF5500D ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:19:43.0845 0x1158  BTHUSB - ok
16:19:43.0887 0x1158  [ 751CBE2EDC33C58A6278E2EBBC7D964A, 91AFAADF4918CE7FE24A094CC69D5FDA8FA765B3B1F1549FFCBF59AB23B2E652 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
16:19:43.0919 0x1158  btwavdt - ok
16:19:43.0985 0x1158  [ FE69C498B922CE835E2E2123FBD0A272, E1FE90E1CE9A3992B0703A91CCFD11C5B72C57B73F36041C414B88703E4A3B22 ] ccEvtMgr        c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
16:19:44.0008 0x1158  ccEvtMgr - ok
16:19:44.0014 0x1158  [ FE69C498B922CE835E2E2123FBD0A272, E1FE90E1CE9A3992B0703A91CCFD11C5B72C57B73F36041C414B88703E4A3B22 ] ccSetMgr        c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
16:19:44.0037 0x1158  ccSetMgr - ok
16:19:44.0065 0x1158  [ 6C3A437FC873C6F6A4FC620B6888CB86, B316A1ABCDF74597C555B86A05DDED3B3F49F9D3B26D06AB312426C0A08B1AF6 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:19:44.0137 0x1158  cdfs - ok
16:19:44.0175 0x1158  [ 8D1866E61AF096AE8B582454F5E4D303, 4506E77C727E1B4CAD24CAFB4654CFE82872621D25BB30B730F746AA80A14B84 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:19:44.0236 0x1158  cdrom - ok
16:19:44.0262 0x1158  [ 0600E04315FE543802A379D5D23C8BE0, 48DD5028D9F415B9E5A949FA32051243C8F5B475EFA909FD625D940DA227E252 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:19:44.0316 0x1158  CertPropSvc - ok
16:19:44.0340 0x1158  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:19:44.0409 0x1158  circlass - ok
16:19:44.0707 0x1158  [ DBAFC6734C054FEEF9087754BD80F847, 96E72640DE42602D78CD4ECB56AFF756309A98ADFDB1A132A93E14ED73C39EB7 ] CLCapSvc        C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
16:19:44.0759 0x1158  CLCapSvc - detected UnsignedFile.Multi.Generic ( 1 )
16:19:47.0110 0x1158  Detect skipped due to KSN trusted
16:19:47.0111 0x1158  CLCapSvc - ok
16:19:47.0169 0x1158  [ 1B84FD0937D3B99AF9BA38DDFF3DAF54, 2ECF54240673F4518ECD7C9FE5CAA171CE64B5F293FA8C6C66A8AA65A35A9080 ] CLFS            C:\Windows\system32\CLFS.sys
16:19:47.0256 0x1158  CLFS - ok
16:19:47.0336 0x1158  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:19:47.0410 0x1158  clr_optimization_v2.0.50727_32 - ok
16:19:47.0490 0x1158  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:19:47.0566 0x1158  clr_optimization_v4.0.30319_32 - ok
16:19:47.0602 0x1158  [ E67F8F036FD882E4AB62501C0D45B536, A65E39C61E918EFEC1EBF5D8B456D6383B2B15A09A4BC98B45D793C879287898 ] CLSched         C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
16:19:47.0648 0x1158  CLSched - detected UnsignedFile.Multi.Generic ( 1 )
16:19:50.0099 0x1158  Detect skipped due to KSN trusted
16:19:50.0099 0x1158  CLSched - ok
16:19:50.0155 0x1158  [ FE69C498B922CE835E2E2123FBD0A272, E1FE90E1CE9A3992B0703A91CCFD11C5B72C57B73F36041C414B88703E4A3B22 ] CLTNetCnService c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
16:19:50.0199 0x1158  CLTNetCnService - ok
16:19:50.0241 0x1158  [ ED97AD3DF1B9005989EAF149BF06C821, 914F8779883A5B66AE984C0672BABA873857EF2FACC8D6F88605FACB2BBB2468 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:19:50.0350 0x1158  CmBatt - ok
16:19:50.0396 0x1158  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:19:50.0416 0x1158  cmdide - ok
16:19:50.0510 0x1158  [ A5AAA656403E5E7AFA9647CE73DBF944, 8132182A1A7B96EC790DB063D501289CBD1730256539FF89D95CD90F6E6863D2 ] Com4Qlb         C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
16:19:50.0560 0x1158  Com4Qlb - detected UnsignedFile.Multi.Generic ( 1 )
16:19:52.0925 0x1158  Detect skipped due to KSN trusted
16:19:52.0925 0x1158  Com4Qlb - ok
16:19:53.0022 0x1158  [ 3B38F3DEFD61DB294421993F969BC88F, 64806F1CCE7476BA0FAE221D22A555D59954B641DC3E00569ACC86BFA9DED594 ] comHost         c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
16:19:53.0106 0x1158  comHost - ok
16:19:53.0141 0x1158  [ 722936AFB75A7F509662B69B5632F48A, C386EA5E933C5D3F3FE162AE91F7D81C7C0765A1F790B1FF7B396A9DBDB4AD33 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:19:53.0197 0x1158  Compbatt - ok
16:19:53.0210 0x1158  COMSysApp - ok
16:19:53.0248 0x1158  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:19:53.0298 0x1158  crcdisk - ok
16:19:53.0330 0x1158  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
16:19:53.0397 0x1158  Crusoe - ok
16:19:53.0425 0x1158  [ 1C26FB097170A2A91066D1E3A24366E3, 277B8EBBAFA038C355B52CF32F390E057BCA5992EC0C5778F60C53CB0AA10777 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:19:53.0506 0x1158  CryptSvc - ok
16:19:53.0560 0x1158  [ 7B981222A257D076885BFFB66F19B7CE, 83B044B93FB30D54B9AFC991D608BF5FDBC2F31317E0AEA99E78B2B49655BCBB ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:19:53.0749 0x1158  DcomLaunch - ok
16:19:53.0778 0x1158  [ A7179DE59AE269AB70345527894CCD7C, 6AA67F34C7349B8B7EFA6E6C143DDA08F80D8D027E2E1AC41490E351C22BFA5B ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:19:53.0841 0x1158  DfsC - ok
16:19:53.0961 0x1158  [ E0D584AA76C7D845BA9F3A788260528F, 5C3C3C95DF1BA8A32EC848B695793D44E7DF8BEA0BC3B91D54751CC20317EC22 ] DFSR            C:\Windows\system32\DFSR.exe
16:19:54.0186 0x1158  DFSR - ok
16:19:54.0241 0x1158  [ DC45739BC22D528D2B3E50D3F6761750, A19AF7E001CF2BE0A2164435F6FDE5D9ABBBB697F1D0FE90DD7DF72AE564996F ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
16:19:54.0301 0x1158  Dhcp - ok
16:19:54.0313 0x1158  [ 841AF4C4D41D3E3B2F244E976B0F7963, 304920DB44B88881FE4FDC892CC8D529E16FE5E6AEA548BDFD4507DF0A1BF8C1 ] disk            C:\Windows\system32\drivers\disk.sys
16:19:54.0339 0x1158  disk - ok
16:19:54.0374 0x1158  [ EECBA1DD142BF8693C476BE8F32FE253, 93241BD6F4E2D6F27BD5ED2F38C26AED7A666161F64C28A44E6608C7D1DF0D40 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:19:54.0438 0x1158  Dnscache - ok
16:19:54.0458 0x1158  [ 1F795D214820E496BF1124434A6DB546, FC10DEF5A4A81540B347C54D7BE5C7D11F8E407AD28FD91E7CBAC15864FCC389 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:19:54.0548 0x1158  dot3svc - ok
16:19:54.0577 0x1158  [ 032C90AD677BF7B7A8013D6087C7A921, 99CC6F49FCE59550E48CF86BEE91F15E9D108AA5FBCF903AC997E404ABF6AF46 ] DPS             C:\Windows\system32\dps.dll
16:19:54.0642 0x1158  DPS - ok
16:19:54.0681 0x1158  [ EE472CD2C01F6F8E8AA1FA06FFEF61B6, 03C6E0033C05120431FA2A02E206C458C4E1F18E511B1AA7F1867226617AB660 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:19:54.0740 0x1158  drmkaud - ok
16:19:54.0788 0x1158  [ 334988883DE69ADB27E2CF9F9715BBDB, ECDF29DECF577784BEE37A175BDEE8793F314E3BF35109A7D44017DC9B0E868B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:19:54.0866 0x1158  DXGKrnl - ok
16:19:54.0916 0x1158  [ C0B00E55CF82D122D25983C7A6A53DEA, 88C7A1A4907DD03F025A0E523887ADBDEB5AE0AFF7CD726FE00CDD0380BA93D7 ] E100B           C:\Windows\system32\DRIVERS\e100b325.sys
16:19:54.0988 0x1158  E100B - ok
16:19:55.0013 0x1158  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
16:19:55.0085 0x1158  E1G60 - ok
16:19:55.0109 0x1158  [ E88B0CFCECF745211BBA87F44F85D0DD, 919C228ED7171BB54F7D3D97FAC8652BA4C926E7887BE9E28DAEFE04D93074A8 ] eabfiltr        C:\Windows\system32\DRIVERS\eabfiltr.sys
16:19:55.0174 0x1158  eabfiltr - ok
16:19:55.0224 0x1158  [ 90A0A875642E18618010645311B4E89E, 499C6A29E3FEF3A1AC08DDDD00623AB93ACBB1511A0BFF004C4D4795B402412C ] EapHost         C:\Windows\System32\eapsvc.dll
16:19:55.0267 0x1158  EapHost - ok
16:19:55.0296 0x1158  [ 0EFC7531B936EE57FDB4E837664C509F, 47F6D5380DA44514C1C13BFAF8227FBF356B14C46C45EC66C9E1431C4CFC85E3 ] Ecache          C:\Windows\system32\drivers\ecache.sys
16:19:55.0325 0x1158  Ecache - ok
16:19:55.0377 0x1158  [ 2D401F82D4E81AAF89DAAA45F04782A2, F6B0469D2E0BEEE1E70F206106FD7351DAFE605D7B4D2A8FA83982AF59FF0996 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
16:19:55.0425 0x1158  eeCtrl - ok
16:19:55.0519 0x1158  [ B4580122B0A7B263B6EE9ACBA69C8013, 94722F6B0E687709B854C055EFEF94AD8388AA0A2770FF75AD00C13ACC26F11F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:19:55.0616 0x1158  ehRecvr - ok
16:19:55.0636 0x1158  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
16:19:55.0665 0x1158  ehSched - ok
16:19:55.0688 0x1158  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
16:19:55.0721 0x1158  ehstart - ok
16:19:55.0788 0x1158  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:19:55.0820 0x1158  elxstor - ok
16:19:55.0875 0x1158  [ 3226FDA08988526E819E364E8CCE4CEE, EFFEC5C44A7AC0B82C77E354C818BD700B4DBE69B345A81F2652BFA87D6FBE4F ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
16:19:56.0022 0x1158  EMDMgmt - ok
16:19:56.0076 0x1158  [ 0BA056AF309DF18DB58137B1384C7FC6, 821089F6F6E503341E6B9C35AB3811A2F6953C2081D1673E082D57C184FCD652 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:19:56.0098 0x1158  EraserUtilRebootDrv - ok
16:19:56.0158 0x1158  [ 7B4971C3D43525175A4EA0D143E0412E, D61D19F1A7CDDF1130F48255EE77B95183125E01A05DDE0F96FDE8DF697277A0 ] EventSystem     C:\Windows\system32\es.dll
16:19:56.0250 0x1158  EventSystem - ok
16:19:56.0282 0x1158  [ 84A317CB0B3954D3768CDCD018DBF670, 96AEFEE67D467A83BC10B72A097C8B296F7FEDFA8F4CB69C6D385713952C2AF2 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:19:56.0366 0x1158  fastfat - ok
16:19:56.0412 0x1158  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:19:56.0482 0x1158  fdc - ok
16:19:56.0504 0x1158  [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1, 84555C567D4E728A7250D530518BF228E596E1CDE248D587C61634CC13EAC0BC ] fdPHost         C:\Windows\system32\fdPHost.dll
16:19:56.0562 0x1158  fdPHost - ok
16:19:56.0583 0x1158  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:19:56.0638 0x1158  FDResPub - ok
16:19:56.0670 0x1158  [ 65773D6115C037FFD7EF8280AE85EB9D, 71C7DDB71C9AA859B7DDCE01430E4913E58C928B22A46662A913209F5EC68120 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:19:56.0697 0x1158  FileInfo - ok
16:19:56.0733 0x1158  [ C226DD0DE060745F3E042F58DCF78402, 9C67A5AC809B462EF97519DD2B0AC966915F9AF9F4DE82BEEB71B7321AAB892C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:19:56.0799 0x1158  Filetrace - ok
16:19:56.0830 0x1158  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:19:56.0907 0x1158  flpydisk - ok
16:19:56.0933 0x1158  [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3, C1007CB38F97AEE4B7A5A4E83A224F53EE59AFDA61A091960F6E1EB70E33E5C8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:19:56.0961 0x1158  FltMgr - ok
16:19:57.0045 0x1158  [ C9BE08664611DDAF98E2331E9288B00B, C645DDAB5FD588486553DF2DD5750AF5A967FEE988F4EB29E05362E3362DF4A2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:19:57.0066 0x1158  FontCache3.0.0.0 - ok
16:19:57.0097 0x1158  [ 66A078591208BAA210C7634B11EB392C, 5C101E10CF8E576352CAC1D059D5938251185D1CCB824645AC1471D9C90EC183 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:19:57.0157 0x1158  Fs_Rec - ok
16:19:57.0201 0x1158  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:19:57.0227 0x1158  gagp30kx - ok
16:19:57.0272 0x1158  [ BCF6589C42D8F6A20F33EF133FFE0524, E3F82E90BCB58489E2D77F16163B888A0D9BC5D357AA929076027965E97DB5CA ] gpsvc           C:\Windows\System32\gpsvc.dll
16:19:57.0397 0x1158  gpsvc - ok
16:19:57.0492 0x1158  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
16:19:57.0513 0x1158  gupdate - ok
16:19:57.0519 0x1158  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:19:57.0538 0x1158  gupdatem - ok
16:19:57.0581 0x1158  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:19:57.0674 0x1158  gusvc - ok
16:19:57.0707 0x1158  [ DE15777902A5D9121857D155873A1D1B, 98D6E8204B9A773C8B11D6011ADC77676B0F94F6236CC764D3234FFD43AC86EB ] HBtnKey         C:\Windows\system32\DRIVERS\cpqbttn.sys
16:19:57.0741 0x1158  HBtnKey - ok
16:19:57.0817 0x1158  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:19:57.0917 0x1158  HdAudAddService - ok
16:19:57.0953 0x1158  [ 0DB613A7E427B5663563677796FD5258, 82D50E0571196A8645B4F67274990BD7AA406F913534505D296AD3BAA0BBF1E8 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:19:58.0015 0x1158  HDAudBus - ok
16:19:58.0046 0x1158  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:19:58.0134 0x1158  HidBth - ok
16:19:58.0156 0x1158  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:19:58.0240 0x1158  HidIr - ok
16:19:58.0286 0x1158  [ 8FA640195279ACE21BEA91396A0054FC, 20541E5FA29B3FBD8824F3DF93C7D63AFEE56948F82FFDE20E9E87F5C0A3A789 ] hidserv         C:\Windows\system32\hidserv.dll
16:19:58.0350 0x1158  hidserv - ok
16:19:58.0366 0x1158  [ 3C64042B95E583B366BA4E5D2450235E, B431F9692D66188AFEE372F312581178B14F49D763F8D1100D264623A239002A ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:19:58.0443 0x1158  HidUsb - ok
16:19:58.0470 0x1158  [ D40AA05E29BF6ED29B139F044B461E9B, 052C07B7E0B082EA8E9E35A69855436A9E1BAA1B7C1A4AB5830C246158D863C5 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:19:58.0550 0x1158  hkmsvc - ok
16:19:58.0611 0x1158  [ 2CEEB349216FEBD91A907013D4ABCFF7, 91C224CD83BEC21510976563F8056F678140322DA5B738566B5AFEFAB0F6A246 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
16:19:58.0639 0x1158  HP Health Check Service - ok
16:19:58.0670 0x1158  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
16:19:58.0702 0x1158  HpCISSs - ok
16:19:58.0738 0x1158  [ 04C1DCBB226C6AE647B794833CE3CEB6, 7C89908766962169FA877D1A78C3628EDBAE2B25A3BBEE6DBB1D19C272A428D0 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:19:58.0775 0x1158  hpqwmiex - detected UnsignedFile.Multi.Generic ( 1 )
16:20:01.0341 0x1158  Detect skipped due to KSN trusted
16:20:01.0341 0x1158  hpqwmiex - ok
16:20:01.0421 0x1158  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:20:01.0539 0x1158  HSFHWAZL - ok
16:20:01.0641 0x1158  [ EC36F1D542ED4252390D446BF6D4DFD0, DB55D73726E96D3653C37EEBE628D48466D766A9EC1219ED735D5D8FF2822BE2 ] HSF_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:20:01.0800 0x1158  HSF_DPV - ok
16:20:01.0865 0x1158  [ EA24FE637D974A8A31BC650F478E3533, 2B754B4AFD89325A1E7B0EC9FCE110B87F5F2A9DCE72855AC812C3286887E4D9 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:20:02.0036 0x1158  HTTP - ok
16:20:02.0060 0x1158  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
16:20:02.0082 0x1158  i2omp - ok
16:20:02.0132 0x1158  [ 1C9EE072BAA3ABB460B91D7EE9152660, 516436E905AA00C2826CC910EFA8C13005C11B66D1E415584189616BF91C4AA5 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:20:02.0203 0x1158  i8042prt - ok
16:20:02.0294 0x1158  [ 582F2D900A3AC34C98FBDC2C0ABEF6B9, 2B3879F89A8626FA560E6879F0E5B2AC4804C934EEA68B425A395D1114E64C4D ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:20:02.0383 0x1158  IAANTMON - ok
16:20:02.0477 0x1158  [ 496DB78E6A0C4C44023D9A92B4A7AC31, 2B44213C39F05090D2057E3A21C1718DFC4478E976D44255B6FA5C3B8CF20FFF ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
16:20:02.0819 0x1158  ialm - ok
16:20:02.0891 0x1158  [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:20:02.0924 0x1158  iaStor - ok
16:20:02.0970 0x1158  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
16:20:03.0016 0x1158  iaStorV - ok
16:20:03.0135 0x1158  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:20:03.0207 0x1158  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
16:20:05.0575 0x1158  Detect skipped due to KSN trusted
16:20:05.0575 0x1158  IDriverT - ok
16:20:05.0710 0x1158  [ 7B630ACAED64FEF0C3E1CF255CB56686, 9DCC6953BC6EF77C3916F8AA226CEC0662513A23AB60E9F714D53746E82FB372 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:20:05.0988 0x1158  idsvc - ok
16:20:06.0129 0x1158  [ 67070D3859BDE8EF7DBC995EBD49227E, 54716613D0DDBF091D3A337AF88457F30CDDC151B9955D1BF930B49AF411D4DF ] IDSvix86        C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20070108.003\IDSvix86.sys
16:20:06.0196 0x1158  IDSvix86 - ok
16:20:06.0222 0x1158  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:20:06.0280 0x1158  iirsp - ok
16:20:06.0333 0x1158  [ 35662FE4D8622F667AA5A5568F7F1B40, 1BE7B8D5E5E4E4D9E8ECC697AACF3C6EDB390051A2C18B7DCF63B337343B76D6 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:20:06.0442 0x1158  IKEEXT - ok
16:20:06.0554 0x1158  [ 8D7EB1FD498FD0A34C95A298685EC1C7, D9A8F2049DF6257328BF5E6F868576DD85A586D4AC84037BF28C962850455076 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:20:06.0846 0x1158  IntcAzAudAddService - ok
16:20:06.0920 0x1158  [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:20:06.0941 0x1158  intelide - ok
16:20:06.0974 0x1158  [ CE44CC04262F28216DD4341E9E36A16F, 2B316C4124DCFEAD7838B3D8FB8DBEC3F3B1EA8EA612AABB05B1275D0B230CCD ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:20:07.0142 0x1158  intelppm - ok
16:20:07.0178 0x1158  [ 88CF5281ED9880D74DC9011CF8B5262D, 8DC118BE00235A6FD490D2FD9E8FDB90E7FA25DC8A91C78839AA8A1DC42F8C37 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:20:07.0228 0x1158  IPBusEnum - ok
16:20:07.0254 0x1158  [ 880C6F86CC3F551B8FEA2C11141268C0, 0BB04C193BF8FCC6F5B78C6A027CD09F9BE25523974C8000936394C73059243D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:20:07.0348 0x1158  IpFilterDriver - ok
16:20:07.0418 0x1158  [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6, 96AD0EBDB112082FE4310B35B4DE448182C332E7F11ADD019E926768D10B7E66 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:20:07.0479 0x1158  iphlpsvc - ok
16:20:07.0484 0x1158  IpInIp - ok
16:20:07.0513 0x1158  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
16:20:07.0592 0x1158  IPMIDRV - ok
16:20:07.0626 0x1158  [ 10077C35845101548037DF04FD1A420B, D45110C3D38739787E1A7E6DC70E1543BD9BA069507F684BD0791FADA18DE7D1 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
16:20:07.0692 0x1158  IPNAT - ok
16:20:07.0708 0x1158  [ A82F328F4792304184642D6D397BB1E3, 02ED64261ACEFAC38D1F2BE6160F92379D23EBB90CF97DB58237EA8F0510F571 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:20:07.0764 0x1158  IRENUM - ok
16:20:07.0779 0x1158  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:20:07.0803 0x1158  isapnp - ok
16:20:07.0825 0x1158  [ 4DCA456D4D5723F8FA9C6760D240B0DF, 812BC60CAEB70DA93A95F360755151863AAF264C0B519BD5342D08214D012F0C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:20:07.0852 0x1158  iScsiPrt - ok
16:20:07.0902 0x1158  [ 31E4D7875FF05D9F81C2ABDF48F51B11, F52355DB5D17BE303635A543C46EE4BA0E0D3A4DE49223AF8882C8495DF625EA ] ISPwdSvc        c:\Program Files\Norton Internet Security\isPwdSvc.exe
16:20:07.0930 0x1158  ISPwdSvc - ok
16:20:07.0959 0x1158  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
16:20:07.0981 0x1158  iteatapi - ok
16:20:08.0001 0x1158  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
16:20:08.0028 0x1158  iteraid - ok
16:20:08.0070 0x1158  [ B076B2AB806B3F696DAB21375389101C, DBD7F6C303CD61EAB3935A702D9499D37801ED0088ED263E5EDA0C2D6DFE792C ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:20:08.0094 0x1158  kbdclass - ok
16:20:08.0127 0x1158  [ ED61DBC6603F612B7338283EDBACBC4B, E43F2AEC4F0462BCD74B68682A3E8E6C3B3C24F043CC1603BBA200416581E080 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:20:08.0150 0x1158  kbdhid - ok
16:20:08.0171 0x1158  [ C731B1FE449D4E9CEA358C9D55B69BE9, 192CB8408BA873F4BA1419B9DAB7BDE9A958FBC5C6FF3C595E1678D983DE84C4 ] KeyIso          C:\Windows\system32\lsass.exe
16:20:08.0250 0x1158  KeyIso - ok
16:20:08.0374 0x1158  [ 0A829977B078DEA11641FC2AF87CEADE, C22CFDEAB8A75073BA965313609F0E2393692ABD4D48587382101DA785A7622D ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:20:08.0430 0x1158  KSecDD - ok
16:20:08.0463 0x1158  [ 45C537FE5DDE9A0146AEFF76E615737D, F4B0DCB5FD8731E34EB4BF18B509A9D7837F9D96B3F22D056A941480D341B0EC ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:20:08.0541 0x1158  KtmRm - ok
16:20:08.0560 0x1158  [ 53D1482FC1AA36AC015A85E6CF2146BD, AD764237410A7D1B7016D421C160644CCFFBC5F42FD53B179D30BF7E50346B4D ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:20:08.0624 0x1158  LanmanServer - ok
16:20:08.0669 0x1158  [ 435F0F6DC87A4B5DA78F1FA309884189, 4ABCE3AA0ED9D36E3439AABFB086B05A09A567E2BEA3714F984D1400DE743516 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:20:08.0732 0x1158  LanmanWorkstation - ok
16:20:08.0788 0x1158  [ 559C9B7800FAC92FC515CD0003D7C631, 1A2C2C3C8E1B862224267462EA3A3BE5A02FE3D0626B292A663CB1EBC8A1B2C5 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
16:20:08.0821 0x1158  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
16:20:11.0190 0x1158  Detect skipped due to KSN trusted
16:20:11.0190 0x1158  LightScribeService - ok
16:20:11.0411 0x1158  [ F3CB12A5791761EBCA4C7BA5FC89F5C2, F40C06A8B7BD00F53D3B68EF64E207C7A156A24B626FA5CE837F89331D180EA0 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
16:20:11.0713 0x1158  LiveUpdate - ok
16:20:11.0764 0x1158  [ FD015B4F95DAA2B712F0E372A116FBAD, A73D472276FE0EF0AC273FB04EEA168C3FF5D62AEB3FB5A22B028BFDEF6F3CDF ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:20:11.0817 0x1158  lltdio - ok
16:20:11.0858 0x1158  [ 7450DBCF754391DD6363FFFD5EF0E789, CD571803825C23D32E43D84376B68FC2B71FDA3A89931CBB6AFE84D0FAD8C2F1 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:20:11.0915 0x1158  lltdsvc - ok
16:20:11.0946 0x1158  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:20:11.0998 0x1158  lmhosts - ok
16:20:12.0021 0x1158  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:20:12.0044 0x1158  LSI_FC - ok
16:20:12.0065 0x1158  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:20:12.0088 0x1158  LSI_SAS - ok
16:20:12.0106 0x1158  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:20:12.0129 0x1158  LSI_SCSI - ok
16:20:12.0145 0x1158  [ 42885BB44B6E065B8575A8DD6C430C52, BC7013C7902C64D4B443D517F358FF264795F638EF30B664E51C2D55C80D39A3 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:20:12.0216 0x1158  luafv - ok
16:20:12.0279 0x1158  [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:20:12.0306 0x1158  MBAMSwissArmy - ok
16:20:12.0379 0x1158  [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
16:20:12.0414 0x1158  McComponentHostService - ok
16:20:12.0463 0x1158  [ E93C1AD58E88A0846EAEE10671C2A8F3, 6635BFBD6F2D6EDCE00A95A105E90E09965C9C4798949105B48EE46189C3E8E0 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:20:12.0486 0x1158  Mcx2Svc - ok
16:20:12.0539 0x1158  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:20:12.0560 0x1158  megasas - ok
16:20:12.0659 0x1158  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:20:12.0695 0x1158  Microsoft Office Groove Audit Service - ok
16:20:12.0723 0x1158  [ 9DFA3A459AF0954AA85B4F7622AD87BB, C7BED7AAAA0DA89C0EE7219FD316DA69C027C27008C02F5028F2D3F33A06CCBF ] MMCSS           C:\Windows\system32\mmcss.dll
16:20:12.0786 0x1158  MMCSS - ok
16:20:12.0807 0x1158  [ 21755967298A46FB6ADFEC9DB6012211, 3F83BA0D0ED6D40CB4A62A41722F6FDB8C34DF7B0C115FFE7D0EA12E1D4B4EFD ] Modem           C:\Windows\system32\drivers\modem.sys
16:20:12.0860 0x1158  Modem - ok
16:20:12.0891 0x1158  [ 7446E104A5FE5987CA9E4983FBAC4F97, 61EDE5042718C12BFC8337D71C924D86FE7357E25182E1FDE25C73719FC7F3BD ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:20:12.0994 0x1158  monitor - ok
16:20:13.0017 0x1158  [ 5FBA13C1A1841B0885D316ED3589489D, 16CAB611D0C3C38138164A7452E826091A57E51149A4DBA8B1E7D8979A37CD9A ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:20:13.0041 0x1158  mouclass - ok
16:20:13.0072 0x1158  [ B569B5C5D3BDE545DF3A6AF512CCCDBA, 4B6EC4E78EDC847EFA69A358718C8466356131D6CF8472BE65E43DD871173D3C ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:20:13.0104 0x1158  mouhid - ok
16:20:13.0124 0x1158  [ 01F1E5A3E4877C931CBB31613FEC16A6, 7312C41A8188BAEBF6E3216B74F7698EFD1E80F77E7BB051B34AB14FB84E4130 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
16:20:13.0150 0x1158  MountMgr - ok
16:20:13.0216 0x1158  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:20:13.0251 0x1158  MozillaMaintenance - ok
16:20:13.0309 0x1158  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:20:13.0345 0x1158  mpio - ok
16:20:13.0402 0x1158  [ 6E7A7F0C1193EE5648443FE2D4B789EC, 56F37438B3252D5385C324A87D472D355572D339C5A27954106D51AF5AD3CE17 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:20:13.0476 0x1158  mpsdrv - ok
16:20:13.0508 0x1158  [ 563ED845885C6A7C09A7715D8BD0585C, 3A8B12D63AA7EBB51331DDF40077E156CCC225FE6FF0630BFAFD6D008988DC58 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:20:13.0583 0x1158  MpsSvc - ok
16:20:13.0626 0x1158  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
16:20:13.0664 0x1158  Mraid35x - ok
16:20:13.0713 0x1158  [ 1D8828B98EE309D65E006F0829E280E5, F53FB67D73788E0B38CFEA4FE9CA79B778C2AD383EA2D61A3AC935C722336E79 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:20:13.0799 0x1158  MRxDAV - ok
16:20:13.0848 0x1158  [ 8AF705CE1BB907932157FAB821170F27, 9C0B0E1F7E366372186BC3D40CA2F1513A9613576F024334ED5C65BCD230BC3A ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:20:13.0920 0x1158  mrxsmb - ok
16:20:13.0944 0x1158  [ 47E13AB23371BE3279EEF22BBFA2C1BE, EE878AD816AD9E0544E00D92CC017930C458179D0E2A396117611B7B81D4DB2C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:20:13.0998 0x1158  mrxsmb10 - ok
16:20:14.0016 0x1158  [ 90B3FC7BD6B3D7EE7635DEBBA2187F66, 879255516B5BBE7C86081DAEB8EDCC8659299019E3C912FD1F7B02B2C78F22D2 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:20:14.0056 0x1158  mrxsmb20 - ok
16:20:14.0096 0x1158  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:20:14.0117 0x1158  msahci - ok
16:20:14.0141 0x1158  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:20:14.0165 0x1158  msdsm - ok
16:20:14.0185 0x1158  [ BC64A92D821EFEA8BAB8E8CAF1B668BC, 3ADC299529AE377D4C131772C9A31E668C3F6BFADD45D01D11501F859536A4F3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:20:14.0211 0x1158  MSDTC - ok
16:20:14.0250 0x1158  [ 729EAFEFD4E7417165F353A18DBE947D, 2C2D9A0F5075C372A63D8D3C9CAAA9D57691703506C9F508F05C01727555AC5A ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:20:14.0319 0x1158  Msfs - ok
16:20:14.0353 0x1158  [ 2C3F1983CD3629573CB9E9658247847A, E0C589C495BF3EC6379780FAC0D97555B9989074696ED2AAD774D94125E5147B ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:20:14.0374 0x1158  msisadrv - ok
16:20:14.0414 0x1158  [ 8ACF956D9154E893E789881430C12632, 222C2F957E69A8FEC1CBBF47D43DE1A3A0EBE3E8888A12862BF1ECCBFD61021D ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:20:14.0489 0x1158  MSiSCSI - ok
16:20:14.0493 0x1158  msiserver - ok
16:20:14.0530 0x1158  [ 892CEDEFA7E0FFE7BE8DA651B651D047, A5FDD8D6CC5B1FEE643BA44A4596F2F1C066240A503214B0B00F074DE76ED0D6 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:20:14.0601 0x1158  MSKSSRV - ok
16:20:14.0617 0x1158  [ AE2CB1DA69B2676B4CEE2A501AF5871C, 576F1F5F52B5E89F0046173BEF8FC870B2DAAEFAD276D16429AC2050FE04FB8E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:20:14.0679 0x1158  MSPCLOCK - ok
16:20:14.0707 0x1158  [ F910DA84FA90C44A3ADDB7CD874463FD, 8CBA93EE6AB074262DC48415927B077CCE0F7790BFEFF6F3BFD653C37C36BE57 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:20:14.0764 0x1158  MSPQM - ok
16:20:14.0791 0x1158  [ 84571C0AE07647BA38D493F5F0015DF7, A810B28957759EBF0616567C8550FB1D5FDABA65FC6A87CF45957370E48FF0DC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:20:14.0820 0x1158  MsRPC - ok
16:20:14.0851 0x1158  [ 1F6F7159C75E4B27D138B5225808860F, 1AFDC1B012B08546DDF0A8AA9CFE3AC826102A506E835CA28707E389EE0A4D81 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:20:14.0882 0x1158  mssmbios - ok
16:20:14.0922 0x1158  [ D79C9C58BA624AF195A54BA2B8244FB3, 5B4791C8B71535EA43623AC19110126D725B2AD0F2C0E2E41A43C1D3D11C3666 ] MSTAPE          C:\Windows\system32\DRIVERS\mstape.sys
16:20:15.0009 0x1158  MSTAPE - ok
16:20:15.0053 0x1158  [ C826DD1373F38AFD9CA46EC3C436A14E, B5BC1C7760BF4CC1AFC714CA9DFD1D75C2D3804D27F17DD08D1C5CF548F93042 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:20:15.0132 0x1158  MSTEE - ok
16:20:15.0148 0x1158  [ FA7AA70050CF5E2D15DE00941E5665E5, 177F19C4436203E028D07300B4C77F5160835C7E02DB8863E8D01F277A678606 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:20:15.0183 0x1158  Mup - ok
16:20:15.0217 0x1158  [ 1CDBB5D002FE2BC5300AA20550D8A52E, 86529AEE13545AADAA2F20C300059096F1663BE8A5A76740E9FEDEA26928A364 ] napagent        C:\Windows\system32\qagentRT.dll
16:20:15.0318 0x1158  napagent - ok
16:20:15.0391 0x1158  [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC, 606449557E11AFD0C370EFD2D2566D58E0A6E90A590BF47779A077761E3FD682 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:20:15.0507 0x1158  NativeWifiP - ok
16:20:15.0569 0x1158  [ 7D4472A6D350F083ACF7316216E14ACD, FB6E7747602898F27846957B0A53142A9261A1BBAE1FADCD3244257CF44220A2 ] NAVENG          C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070430.018\NAVENG.SYS
16:20:15.0601 0x1158  NAVENG - ok
16:20:15.0660 0x1158  [ 72278E81EC294BA2DBFEE646C0B17A8A, 028019A49AEB1C3A65B977C7E09FE321EDA7A67E30EF1FB448BC16357CE4EAE1 ] NAVEX15         C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070430.018\NAVEX15.SYS
16:20:15.0792 0x1158  NAVEX15 - ok
16:20:15.0879 0x1158  [ 227C11E1E7CF6EF8AFB2A238D209760C, C36E450DD54CE9DDF17C3E1240BFC9073D73B409C1E090EF65E80C1EA53A31A5 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:20:15.0978 0x1158  NDIS - ok
16:20:16.0026 0x1158  [ 81659CDCBD0F9A9E07E6878AD8C78D3F, CC62555E680B52541BE4B882BE9438A300EFF0F50D0632E430AF269D4224F5E9 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:20:16.0113 0x1158  NdisTapi - ok
16:20:16.0137 0x1158  [ 5DE5EE546BF40838EBE0E01CB629DF64, 2617B588338AB43E98BD1DDDB4725B9D422029120415FC98C3B37E906F109152 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:20:16.0203 0x1158  Ndisuio - ok
16:20:16.0222 0x1158  [ 397402ADCBB8946223A1950101F6CD94, 612F6D887CB4374BB762BEF24A826D69971EC22D98FB4C0AAA4CC4B367E11AA6 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:20:16.0277 0x1158  NdisWan - ok
16:20:16.0297 0x1158  [ 1B24FA907AF283199A81B3BB37E5E526, 0689F688B73DD521F6B31A81415E55628995D54458F628BC14F88296638162C7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:20:16.0339 0x1158  NDProxy - ok
16:20:16.0354 0x1158  [ 356DBB9F98E8DC1028DD3092FCEEB877, BCCD66AE76DD6AAB0A7A83227329E7D9D05D7D1FD30CDB66B19EB166E9BAD8E5 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:20:16.0425 0x1158  NetBIOS - ok
16:20:16.0449 0x1158  [ E3A168912E7EEFC3BD3B814720D68B41, 0A8B74C07E8E410CD9ACCF8A44C6198D1E89888238C820C800EC0B1B3C5F7BC2 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
16:20:16.0531 0x1158  netbt - ok
16:20:16.0555 0x1158  [ C731B1FE449D4E9CEA358C9D55B69BE9, 192CB8408BA873F4BA1419B9DAB7BDE9A958FBC5C6FF3C595E1678D983DE84C4 ] Netlogon        C:\Windows\system32\lsass.exe
16:20:16.0571 0x1158  Netlogon - ok
16:20:16.0604 0x1158  [ 90A4DAE28B94497F83BEA0F2A3B77092, 9100B9312E92871AD634E373AC1EE8288A36F9E92A1390AF32B1C5B9419344A7 ] Netman          C:\Windows\System32\netman.dll
16:20:16.0677 0x1158  Netman - ok
16:20:16.0723 0x1158  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:20:16.0750 0x1158  NetMsmqActivator - ok
16:20:16.0788 0x1158  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:20:16.0806 0x1158  NetPipeActivator - ok
16:20:16.0845 0x1158  [ 7C5C3D9CEEE838856B828AB6F98A2857, BDFA0F43500E5E8A96EBF539B7E72E547E3EBCCD692A6C6B9452C1F25AD31471 ] netprofm        C:\Windows\System32\netprofm.dll
16:20:16.0912 0x1158  netprofm - ok
16:20:16.0920 0x1158  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:20:16.0939 0x1158  NetTcpActivator - ok
16:20:16.0946 0x1158  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:20:16.0964 0x1158  NetTcpPortSharing - ok
16:20:17.0102 0x1158  [ 1D73499A6664B4DA05D750FF83FDB274, 8A299843DFF7DEEFB639440074C63FC88548FE4EE897FBA9F3B0FE65D17C45FA ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
16:20:17.0403 0x1158  NETw4v32 - ok
16:20:17.0443 0x1158  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:20:17.0466 0x1158  nfrd960 - ok
16:20:17.0503 0x1158  [ C424117A562F2DE37A42266894C79AEB, A027AE08E37058316C004D79D038149FF9E233C1ECCE1D672AB5FE55C3B2B3AD ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:20:17.0555 0x1158  NlaSvc - ok
16:20:17.0573 0x1158  [ 4F9832BEB9FAFD8CEB0E541F1323B26E, FE4B9FDA83F186405C9B4A001E8496CA3DB42B4B4695E80F6DF5946E509F50F0 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:20:17.0635 0x1158  Npfs - ok
16:20:17.0665 0x1158  [ 23B8201A363DE0E649FC75EE9874DEE2, B6C2E40E62E9B4DA9B4E152DC406BD2338BF820CB547D65B03BC2C64D5D84EB2 ] nsi             C:\Windows\system32\nsisvc.dll
16:20:17.0709 0x1158  nsi - ok
16:20:17.0723 0x1158  [ B488DFEC274DE1FC9D653870EF2587BE, A1F4B1D59BA49D760E9D7925FFE1180BE436376C79AFD04119BC0E0E95C69603 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:20:17.0783 0x1158  nsiproxy - ok
16:20:17.0853 0x1158  [ 37430AA7A66D7A63407ADC2C0D05E9F6, EC9B117C42F2905251A6D29C1C5DF883FFEB60CFF3497C07C306500F107E2565 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:20:17.0972 0x1158  Ntfs - ok
16:20:18.0099 0x1158  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
16:20:18.0176 0x1158  ntrigdigi - ok
16:20:18.0207 0x1158  [ EC5EFB3C60F1B624648344A328BCE596, 0416128AA53D8FF79D5AAC69A8D9CE86D929A1517FAE4644AB06FA2362BB63A5 ] Null            C:\Windows\system32\drivers\Null.sys
16:20:18.0278 0x1158  Null - ok
16:20:18.0661 0x1158  [ 0657A6D487CD73DE06B136933A2554ED, 67905FE084294F104B186A317D4BBA47C44DB226E642C9B30E4E7407D03026B9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:20:19.0887 0x1158  nvlddmkm - ok
16:20:19.0945 0x1158  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:20:20.0002 0x1158  nvraid - ok
16:20:20.0041 0x1158  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:20:20.0071 0x1158  nvstor - ok
16:20:20.0095 0x1158  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:20:20.0131 0x1158  nv_agp - ok
16:20:20.0139 0x1158  NwlnkFlt - ok
16:20:20.0146 0x1158  NwlnkFwd - ok
16:20:20.0235 0x1158  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:20:20.0294 0x1158  odserv - ok
16:20:20.0335 0x1158  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
16:20:20.0423 0x1158  ohci1394 - ok
16:20:20.0458 0x1158  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:20:20.0494 0x1158  ose - ok
16:20:20.0573 0x1158  [ 016D01D3B8FB976A193C7434BED8DCCF, 3C490D2536BB3D69A18F2308C92868BFFBBCDAEB0A9EFFB96E3B7A90E85E2D82 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
16:20:20.0709 0x1158  p2pimsvc - ok
16:20:20.0751 0x1158  [ 016D01D3B8FB976A193C7434BED8DCCF, 3C490D2536BB3D69A18F2308C92868BFFBBCDAEB0A9EFFB96E3B7A90E85E2D82 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:20:20.0789 0x1158  p2psvc - ok
16:20:20.0854 0x1158  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
16:20:20.0907 0x1158  Parport - ok
16:20:20.0922 0x1158  [ 555A5B2C8022983BC7467BC925B222EE, D4E8B5FAF5F46F349B9C2554E7D8245808E3F7B86B40A547C37511E462838A89 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:20:20.0947 0x1158  partmgr - ok
16:20:20.0959 0x1158  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
16:20:21.0006 0x1158  Parvdm - ok
16:20:21.0036 0x1158  [ D8C5C215C932233A4F1D7F368F4E4E65, E3FFEFC98FCA95E2290A30EA13793514E0C490C49E7E242C49FE3EA9FD6D651A ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:20:21.0064 0x1158  PcaSvc - ok
16:20:21.0102 0x1158  [ 5BEDD5E1416DA009C4F24ADF8DA13773, FDDEBB4AB598EE97BE3AFFA8EB440A103F81E738E0CFA0E820CAE90466D15352 ] pci             C:\Windows\system32\drivers\pci.sys
16:20:21.0131 0x1158  pci - ok
16:20:21.0161 0x1158  [ CABA65E9C41CD2900D4C92D4F825C5F8, 5D952DBCD3CF63621D1FE38E2E0392F5059A4757F8CD0BF2AD4FBB23E677631B ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
16:20:21.0181 0x1158  pciide - ok
16:20:21.0211 0x1158  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:20:21.0243 0x1158  pcmcia - ok
16:20:21.0313 0x1158  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:20:21.0431 0x1158  PEAUTH - ok
16:20:21.0532 0x1158  [ CD05A38D166BEADE18030BAFC0C0A939, 4C310C4EA270FA5EDD268A5AA17713F5CD7AD526DB3AEA6C691772720BD16801 ] pla             C:\Windows\system32\pla.dll
16:20:21.0699 0x1158  pla - ok
16:20:21.0761 0x1158  [ 747BB4C31F3B6E8D1B5ED0AD61518CB5, 3B4075A24A46C4EE7322AF80F65C280F1A3AD0079DDFF77CC8523662225F01F5 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:20:21.0824 0x1158  PlugPlay - ok
16:20:21.0862 0x1158  [ 016D01D3B8FB976A193C7434BED8DCCF, 3C490D2536BB3D69A18F2308C92868BFFBBCDAEB0A9EFFB96E3B7A90E85E2D82 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
16:20:21.0920 0x1158  PNRPAutoReg - ok
16:20:21.0973 0x1158  [ 016D01D3B8FB976A193C7434BED8DCCF, 3C490D2536BB3D69A18F2308C92868BFFBBCDAEB0A9EFFB96E3B7A90E85E2D82 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
16:20:22.0053 0x1158  PNRPsvc - ok
16:20:22.0090 0x1158  [ 5EBDEC613BD377CE9A85382BE5C6B83B, 528D4DE5AAF113A6F3266EB018247EA46BD2581747DFBA1312D32AE37536E5A3 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:20:22.0175 0x1158  PolicyAgent - ok
16:20:22.0215 0x1158  [ C04DEC5ACE67C5247B150C4223970BB7, 3AD9E856C9B27B60DDB78FD2376DD920444C7890BD6A9F972938EDF8A7DD21C5 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:20:22.0283 0x1158  PptpMiniport - ok
16:20:22.0318 0x1158  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
16:20:22.0387 0x1158  Processor - ok
16:20:22.0502 0x1158  [ 213112E152E68F0E4705E36F052A2880, E5CB788E11DC01B82480FAAE8B1E122C075AA51144591189386C8EBB34197F06 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:20:22.0554 0x1158  ProfSvc - ok
16:20:22.0566 0x1158  [ C731B1FE449D4E9CEA358C9D55B69BE9, 192CB8408BA873F4BA1419B9DAB7BDE9A958FBC5C6FF3C595E1678D983DE84C4 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:20:22.0591 0x1158  ProtectedStorage - ok
16:20:22.0622 0x1158  [ 2C8BAE55247C4E09352E870292E4D1AB, 1AA43E8D62A71F4859ADEDAC90E7F3B73F6356EFA3C700E276C3F5EE58ED6804 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
16:20:22.0669 0x1158  PSched - ok
16:20:22.0697 0x1158  [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
16:20:22.0721 0x1158  PxHelp20 - ok
16:20:22.0790 0x1158  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:20:22.0879 0x1158  ql2300 - ok
16:20:22.0924 0x1158  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:20:22.0950 0x1158  ql40xx - ok
16:20:23.0000 0x1158  [ CA61BDFD3713A7CE75F2812AFC431594, 42CAD3B8EADE4EDCC0F12869BA1B457E2B8712B796BDF1A5D231AF38D0CCF1FF ] QWAVE           C:\Windows\system32\qwave.dll
16:20:23.0041 0x1158  QWAVE - ok
16:20:23.0066 0x1158  [ D2B3E2B7426DC23E185FBC73C8936C12, 543B6341AB0224E122A341068D1199715C503E840A41A852764AA400CEF6D75F ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:20:23.0102 0x1158  QWAVEdrv - ok
16:20:23.0166 0x1158  [ FBE824717B9537383730C634D06CCFB0, 04213616057F5637718F3599E15CFA57B561CED9962AA40193185C5AC5681D33 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
16:20:23.0215 0x1158  RapiMgr - ok
16:20:23.0224 0x1158  [ BD7B30F55B3649506DD8B3D38F571D2A, CFDED547FEE24CC0F9CD32A96D4F445D44FCA908BB99AEE890C720142EF0D68B ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:20:23.0276 0x1158  RasAcd - ok
16:20:23.0291 0x1158  [ F14F4AAB9F54D099FE99192BDB100AC9, 68293A5B23F4B602142442B1FA57B678BE46FA89808B76FBA7EB875FE3AAC3D8 ] RasAuto         C:\Windows\System32\rasauto.dll
16:20:23.0355 0x1158  RasAuto - ok
16:20:23.0376 0x1158  [ 68B0019FEE429EC49D29017AF937E482, 99D6E2B214F24F6F9B42BF3F96B914A923FF7D9CF4E97ABA51AF7891718A87E6 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:20:23.0411 0x1158  Rasl2tp - ok
16:20:23.0444 0x1158  [ 11D65E29BC9D1E4114D18FE68194394C, A2C6345D038E1EB954C0DFA4E5645DC1A78EDF7F0873BDFBE36E7CB047ECC33A ] RasMan          C:\Windows\System32\rasmans.dll
16:20:23.0519 0x1158  RasMan - ok
16:20:23.0540 0x1158  [ CCF4E9C6CBBAC81437F88CB2AE0B6C96, 20F877FAE1D4B592AEE9A20AFD32066F7DE838FEE3501C6F72C44D3F32BC6AE0 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:20:23.0592 0x1158  RasPppoe - ok
16:20:23.0612 0x1158  [ 54129C5D9581BBEC8BD1EBD3BA813F47, 8A19AEFF124F55A99EDE9693E5981F03343736E7924C28290DA10D3092D98675 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:20:23.0674 0x1158  rdbss - ok
16:20:23.0683 0x1158  [ 794585276B5D7FCA9F3FC15543F9F0B9, 71424462303DA4035301F7E66792116ED09856A1724BAACBB47060121EDCE77F ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:20:23.0752 0x1158  RDPCDD - ok
16:20:23.0853 0x1158  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
16:20:23.0925 0x1158  rdpdr - ok
16:20:23.0944 0x1158  [ 980B56E2E273E19D3A9D72D5C420F008, 142CFC831C4E70494275AA483CDAB5F63997EA1977F1DD4AE25AFBD419ABFF62 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:20:23.0999 0x1158  RDPENCDD - ok
16:20:24.0022 0x1158  [ 8830E790A74A96605FABA74F9665BB3C, 3CD2CFE48026485A4D7F6C985BFAF716D8D4B566BE53EA67904FD18B1C8F8604 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:20:24.0095 0x1158  RDPWD - ok
16:20:24.0129 0x1158  [ 6C1A43C589EE8011A1EBFD51C01B77CE, 61206F6AD4BBE241DBB948D48364898118BEA6E289EDD3141FD57B61ED62BB52 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:20:24.0179 0x1158  RemoteAccess - ok
16:20:24.0199 0x1158  [ 9A043808667C8C1893DA7275AF373F0E, 4317B975305F2FD6696A2227FA30214406179D9BB9898390A0FA2663AD27CBCF ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:20:24.0251 0x1158  RemoteRegistry - ok
16:20:24.0270 0x1158  [ 7EC90C316177BA3F1BCE92005264B447, C588611E4BD68F8220B189CBA72929A9C4143932FEF673D2676D83B2821237C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:20:24.0324 0x1158  RFCOMM - ok
16:20:24.0362 0x1158  [ 355AAC141B214BEF1DBC1483AFD9BD50, EB9AF96E81C1644C0190D269119BE71C63B60D50153C6EA2659B488C4456DBDF ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
16:20:24.0412 0x1158  rimmptsk - ok
16:20:24.0424 0x1158  [ A4216C71DD4F60B26418CCFD99CD0815, C189953DD7B3AB31167D8746E8F829D222FEF3F8866317814414EF3E0D92B9E1 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
16:20:24.0474 0x1158  rimsptsk - ok
16:20:24.0534 0x1158  [ BBCE96557881586683611C561FB06269, BB0DA582B2135EC589037D61597DB79F264F579D464DCE5B7D65A3D36CADEB86 ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
16:20:24.0593 0x1158  RimUsb - ok
16:20:24.0631 0x1158  [ C4F4FCD5AE48BDD31648981DDF8EF993, B2C8586D5F09AB2FBCE8BBACC9B1C74D6E1A25A8264A4218E80354C4470C750F ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys
16:20:24.0673 0x1158  RimVSerPort - ok
16:20:24.0710 0x1158  [ C663AF77E2F4EABF8EB08B388D2F1F36, D03FA3C1CED2BC5289DE3B922D7FB3B986E917BCF6C63744E4540DD0F174903F ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
16:20:24.0766 0x1158  rismxdp - ok
16:20:24.0797 0x1158  [ D49D61312B273DE069584D48C81C8B1D, B2A570279EB134AE28F25B17D1DDA6235A47C2A73C6393ED9A5C7819233A16A6 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
16:20:24.0860 0x1158  ROOTMODEM - ok
16:20:24.0960 0x1158  [ 08FB7D968805001C7ADCBB14B0651FA2, 1339832EA9DB66678C524AE6BAD6C5C412AD2B77BA5ED45E64B85536DA9836CA ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
16:20:25.0106 0x1158  RoxMediaDB9 - detected UnsignedFile.Multi.Generic ( 1 )
16:20:35.0588 0x1158  RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
16:20:35.0588 0x1158  Force sending object to P2P due to detect: RoxMediaDB9
16:20:39.0641 0x1158  Object send P2P result: true
16:20:42.0272 0x1158  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
16:20:42.0386 0x1158  RpcLocator - ok
16:20:42.0444 0x1158  [ 7B981222A257D076885BFFB66F19B7CE, 83B044B93FB30D54B9AFC991D608BF5FDBC2F31317E0AEA99E78B2B49655BCBB ] RpcSs           C:\Windows\system32\rpcss.dll
16:20:42.0501 0x1158  RpcSs - ok
16:20:42.0535 0x1158  [ 97E939D2128FEC5D5A3E6E79B290A2F4, FB71FD62BFD02608347C44E5EC865DCFA41EDFF58011673487D25C8DD79C268E ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:20:42.0591 0x1158  rspndr - ok
16:20:42.0637 0x1158  [ 71B7026D61293C1E91145BDAD11C53BF, 83A3B37A954E01B39A6B8D16803F845407840D16A5D156CC5265EBA460798031 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
16:20:42.0683 0x1158  RTL8169 - ok
16:20:42.0702 0x1158  [ C731B1FE449D4E9CEA358C9D55B69BE9, 192CB8408BA873F4BA1419B9DAB7BDE9A958FBC5C6FF3C595E1678D983DE84C4 ] SamSs           C:\Windows\system32\lsass.exe
16:20:42.0718 0x1158  SamSs - ok
16:20:42.0796 0x1158  savesenselive - ok
16:20:42.0809 0x1158  savesenselivem - ok
16:20:42.0838 0x1158  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:20:42.0864 0x1158  sbp2port - ok
16:20:42.0910 0x1158  [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB, 4222182FF80A6A9DEF7239965C12F3BBE843A5219D16D5BFD167350EDA5A23CF ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:20:42.0959 0x1158  SCardSvr - ok
16:20:43.0007 0x1158  [ 886CEC884B5BE29AB9828B8AB46B11F7, 13901D422D3F0BD9D416865D91561C8A3B0FDC4D7593748460BA5DD45B7C5A6A ] Schedule        C:\Windows\system32\schedsvc.dll
16:20:43.0115 0x1158  Schedule - ok
16:20:43.0136 0x1158  [ 0600E04315FE543802A379D5D23C8BE0, 48DD5028D9F415B9E5A949FA32051243C8F5B475EFA909FD625D940DA227E252 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:20:43.0181 0x1158  SCPolicySvc - ok
16:20:43.0207 0x1158  [ 7B3973CC28B8AA3E9E2E5D53E720E2C9, 55A642869F92FCAA8FC149E61297D82FF2510D34FE22E84827E18A3D057D98DA ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
16:20:43.0266 0x1158  sdbus - ok
16:20:43.0280 0x1158  [ F7B6BF02240D0A764ADF8C8966735552, E3A21C746E8B79B4F08B0CC3C1610AE3F2BBC8FB6D237C653C7883F4EEA6F6E7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:20:43.0330 0x1158  SDRSVC - ok
16:20:43.0351 0x1158  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:20:43.0416 0x1158  secdrv - ok
16:20:43.0435 0x1158  [ 8388C4133DDBE62AD7BC3EC9F14271ED, 38BF611174C660A0F737D97DAD4488E589CF0CC6242F7B9A8DA034F0D4E22A4F ] seclogon        C:\Windows\system32\seclogon.dll
16:20:43.0492 0x1158  seclogon - ok
16:20:43.0515 0x1158  [ 34350AE2C1D33D21C7305F861BD8DAD8, C2CF4DDC0B223F2CFEFC3BC4EE5B8BC0F3E1E972BE894C388FBA067D52945C2B ] SENS            C:\Windows\System32\sens.dll
16:20:43.0563 0x1158  SENS - ok
16:20:43.0588 0x1158  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:20:43.0640 0x1158  Serenum - ok
16:20:43.0663 0x1158  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
16:20:43.0720 0x1158  Serial - ok
16:20:43.0735 0x1158  [ 450ACCD77EC5CEA720C1CDB9E26B953B, 3B053BDB8EDDC99274C46E9330AEE83851AA3AD37472BBCBE5624233CA9B1B55 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:20:43.0775 0x1158  sermouse - ok
16:20:43.0798 0x1158  [ 78878235DA4DF0D116E86837A0A21DF8, E66B050B56F9F1E902DA6A55126BD2D6AD8F9A40995942055387DC1CDE857B9F ] SessionEnv      C:\Windows\system32\sessenv.dll
16:20:43.0860 0x1158  SessionEnv - ok
16:20:43.0880 0x1158  [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
16:20:43.0917 0x1158  sffdisk - ok
16:20:43.0948 0x1158  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:20:44.0013 0x1158  sffp_mmc - ok
16:20:44.0027 0x1158  [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
16:20:44.0069 0x1158  sffp_sd - ok
16:20:44.0087 0x1158  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:20:44.0156 0x1158  sfloppy - ok
16:20:44.0210 0x1158  [ 9A82BF4C90B00A63150A606A1E2FD82B, 48F9B5CD950668F2F28D89F77E54C1EF02849F0E28DC104780F9D62AEE1BF247 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:20:44.0254 0x1158  SharedAccess - ok
16:20:44.0296 0x1158  [ B264DFA21677728613267FE63802B332, 46AB67C795C8FA36B22BC1C4DB75E0281824AC99C9BC37EB3A3B13B435F75129 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:20:44.0325 0x1158  ShellHWDetection - ok
16:20:44.0347 0x1158  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:20:44.0372 0x1158  sisagp - ok
16:20:44.0393 0x1158  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
16:20:44.0415 0x1158  SiSRaid2 - ok
16:20:44.0437 0x1158  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:20:44.0460 0x1158  SiSRaid4 - ok
16:20:44.0551 0x1158  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
16:20:44.0593 0x1158  SkypeUpdate - ok
16:20:44.0716 0x1158  [ A1DCD30534835CB67733AD00175125A6, 04E77F80D365ED8A500B5818015739B7D3562C528CC005E63012D07767132D71 ] slsvc           C:\Windows\system32\SLsvc.exe
16:20:44.0962 0x1158  slsvc - ok
16:20:45.0006 0x1158  [ 56DA296E7B376A727E7BDC5AC7FBEE02, 6A01699DEADE24DCE15321F51368F41EBC6594A838953D9EF250A57D7C1216B7 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
16:20:45.0030 0x1158  SLUINotify - ok
16:20:45.0054 0x1158  [ AC0D90738ADB51A6FD12FF00874A2162, 81086C33F77BA32DEDE0BE51CDD130AB124DB08DE63350CAA0B974B85A59B834 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:20:45.0128 0x1158  Smb - ok
16:20:45.0188 0x1158  [ 3850ABA97B31094F93BCBE94D6ABBE22, 2D8AB659C92BAD7CB0D9FF1AF953D28D7C7B7AEEC6402CD165C66ED12D74A6DF ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
16:20:45.0313 0x1158  smserial - ok
16:20:45.0344 0x1158  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:20:45.0387 0x1158  SNMPTRAP - ok
16:20:45.0467 0x1158  [ 0FDE4B4895D4691C4482CA67FA532BE0, 29140658BF1B9970DB8CBC7359FEBF7E4C86555B9968386F9068A2920ACB10D1 ] SPBBCDrv        C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
16:20:45.0546 0x1158  SPBBCDrv - ok
16:20:45.0592 0x1158  [ 426F9B029AA9162CECCF65369457D046, 36F47ABD5F16CA406036BD79AA8F89FF265B913C433BA73F115E84292D5FFD26 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:20:45.0616 0x1158  spldr - ok
16:20:45.0635 0x1158  [ DA612EF2556776DF2630B68BF2D48935, 770E883E3CA0CB8B63F5C09D26AD0474054F759EB692905EB37F9BC16D1FE5F4 ] Spooler         C:\Windows\System32\spoolsv.exe
16:20:45.0666 0x1158  Spooler - ok
16:20:45.0702 0x1158  [ ED5E9F3BF11D0BB770F652B22EC26465, CB53F7E534E2DE31F6E394EB2FB6A58D5889805DB2E5027899CCD824C4F622C9 ] SRTSP           C:\Windows\system32\Drivers\SRTSP.SYS
16:20:45.0730 0x1158  SRTSP - ok
16:20:45.0778 0x1158  [ C70A2581E35E03C85F29AA1BC723659A, D56D3C9F836D2DCE2295ED40D89D56F34304A809330DEE1F565D256F163EFF2C ] SRTSPL          C:\Windows\system32\Drivers\SRTSPL.SYS
16:20:45.0807 0x1158  SRTSPL - ok
16:20:45.0828 0x1158  [ 05F2DB228922E6B8A001ED83EE4D1153, B5D5F861E73947B18B42B6B8E28B50496FB3658727EC103EBA9D7DE5AC010DE6 ] SRTSPX          C:\Windows\system32\Drivers\SRTSPX.SYS
16:20:45.0850 0x1158  SRTSPX - ok
16:20:45.0909 0x1158  [ 038579C35F7CAD4A4BBF735DBF83277D, 95B5B32D8818E89A7AE2B6DDEAE3025B9E2B4C7A99E7CAEE4D7BF3E336413377 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:20:45.0978 0x1158  srv - ok
16:20:46.0030 0x1158  [ 6971A757AF8CB5E2CBCBB76CC530DB6C, E8BD4353F6EBCF3316CA6D288C402CAB72C674A94E07EB3003A8010F74BDC90C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:20:46.0119 0x1158  srv2 - ok
16:20:46.0142 0x1158  [ 9E1A4603B874EEBCE0298113951ABEFB, 79C6153AF6E23F7A86642BE977E76B3D420F4D720B72418D0F3FB5A9EAFE36BB ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:20:46.0173 0x1158  srvnet - ok
16:20:46.0213 0x1158  [ 8D3E4BAFF8B3997138C38EB1B600519A, D40E30C86B2B5AB30B29CD211091C97876673E786D708EDDC5068656CB84E7F3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:20:46.0263 0x1158  SSDPSRV - ok
16:20:46.0284 0x1158  [ 71D609C5DFF067906D930BDE031C4CFE, 937822679F9D05AC91E9484C19C26DBF6432C7046DD31FA9EA2CB5788CB9C718 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
16:20:46.0316 0x1158  ssmdrv - detected UnsignedFile.Multi.Generic ( 1 )
16:20:48.0679 0x1158  Detect skipped due to KSN trusted
16:20:48.0679 0x1158  ssmdrv - ok
16:20:48.0763 0x1158  [ A941E099EF46E3CC12F898CBE1C39910, 03419E0FC240C51A05B432041F1747068475EF2E6E23B06D85D5AEF4F442D32D ] stisvc          C:\Windows\System32\wiaservc.dll
16:20:48.0878 0x1158  stisvc - ok
16:20:48.0959 0x1158  [ A9A23C8AF361F7A93FD632E91A8C346F, A353E69B60E2A904E4079D05B2DF25354B2A590ECA843822E3FA3B7923012142 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
16:20:48.0992 0x1158  stllssvr - ok
16:20:49.0029 0x1158  [ 92894DD7FDD62AF808B1409B73AF9C73, 73B944B9FBC56793E346619C8A00C0961DBDBF72DB8EA2C9C151AEC5CF9D76B2 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:20:49.0048 0x1158  swenum - ok
16:20:49.0078 0x1158  [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0, 376C3FDAB5926DDDE8BF009988D782A96AA198D9BC147C799016D558AEE6537E ] swprv           C:\Windows\System32\swprv.dll
16:20:49.0152 0x1158  swprv - ok
16:20:49.0227 0x1158  [ 43CFCA936D211BF7F1CDE1DDF807CB76, 13F8990591AD3816C88B97A3F1E71B36642C09DDA5E8C004015BE88B88EA99D9 ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
16:20:49.0351 0x1158  Symantec Core LC - ok
16:20:49.0395 0x1158  [ EFF5C2A0A06BCBFC5CF931C00CF6146D, 9E2D112580C1B8D95DCD033E8FF7899B27B726EE63D9069F55A95315897F47FD ] SymAppCore      c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
16:20:49.0415 0x1158  SymAppCore - ok
16:20:49.0448 0x1158  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
16:20:49.0471 0x1158  Symc8xx - ok
16:20:49.0513 0x1158  [ 403BD24FA5C55FC648ABDD039629A954, 16EE9E5253DEBA053522788AAF333CCEF1E2640AFE29E81CB6D12B4E6C6F743C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
16:20:49.0539 0x1158  SymEvent - ok
16:20:49.0579 0x1158  [ B226F8A4D780ACDF76145B58BB791D5B, 6E8304956E9FD827A2FCAB0CB9D200500E8E71CE79C9909684666DD548D3FD31 ] symlcbrd        C:\Windows\system32\drivers\symlcbrd.sys
16:20:49.0596 0x1158  symlcbrd - ok
16:20:49.0615 0x1158  [ 829830A3CA1C5E329D68E26C9CD2DE8D, 6D08BEF2AF59E05FF265656D2A8207AC12DE61B6C4BC1F8B678FA621FA191BE1 ] SYMREDRV        C:\Windows\System32\Drivers\SYMREDRV.SYS
16:20:49.0655 0x1158  SYMREDRV - ok
16:20:49.0710 0x1158  [ B1AA9704124B494C34E8D372E6654196, 964C6D3347499AFA2514CC06AEDB2FFA5766651DFC0FCB556AAA055B190A337E ] SYMTDI          C:\Windows\System32\Drivers\SYMTDI.SYS
16:20:49.0740 0x1158  SYMTDI - ok
16:20:49.0764 0x1158  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
16:20:49.0786 0x1158  Sym_hi - ok
16:20:49.0800 0x1158  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
16:20:49.0823 0x1158  Sym_u3 - ok
16:20:49.0856 0x1158  [ 8327106D1C93E9A7B98E63B9FCC24BB7, B602BAE109959C363BE72BCB323F63B4D13C862C24F86FE0D98684571F699199 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:20:49.0883 0x1158  SynTP - ok
16:20:49.0943 0x1158  [ 8F2B5FEDE18BD3C4C926CBF88E6F1264, A6398F4CBD27C59A1160AE7F79B651F4956F8BEFB829353A263502CEFBDEBF36 ] SysMain         C:\Windows\system32\sysmain.dll
16:20:50.0117 0x1158  SysMain - ok
16:20:50.0144 0x1158  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:20:50.0211 0x1158  TabletInputService - ok
16:20:50.0238 0x1158  [ EF3DD33C740FC2F82E7E4622F1C49289, 56CA8119E23AE7B9A6E454C7F52514D361AFFE92F46B63FBCA36AA7273624E52 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:20:50.0310 0x1158  TapiSrv - ok
16:20:50.0338 0x1158  [ 68FA52794AE9ACC61BDE16FE0956B414, 3848DAF78246935134443FCEBA4E48843E98E5201DCD1B7C4C2BA46E2E106F50 ] TBS             C:\Windows\System32\tbssvc.dll
16:20:50.0417 0x1158  TBS - ok
16:20:50.0500 0x1158  [ 4A82FA8F0DF67AA354580C3FAAF8BDE3, 4E946A7F4236B3A815172CAB9179E2171F4D69BF18606E02E6552EC5FA317CFA ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:20:50.0635 0x1158  Tcpip - ok
16:20:50.0707 0x1158  [ 4A82FA8F0DF67AA354580C3FAAF8BDE3, 4E946A7F4236B3A815172CAB9179E2171F4D69BF18606E02E6552EC5FA317CFA ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
16:20:50.0789 0x1158  Tcpip6 - ok
16:20:50.0825 0x1158  [ 5CE0C4A7B12D0067DAD527D72B68C726, BA2B482C5A9B59721A893B11475E199808E8182A0C39DA82BF87E6BE03B61867 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:20:50.0893 0x1158  tcpipreg - ok
16:20:50.0915 0x1158  [ 964248AEF49C31FA6A93201A73FFAF50, 479174899E7375C29E7C0EA7715AF1FDB09D7565B0678E15DC109C32B08624AD ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:20:50.0966 0x1158  TDPIPE - ok
16:20:50.0985 0x1158  [ 7D2C1AE1648A60FCE4AA0F7982E419D3, E08F2A380388E3F0886B9EF440758AAE85F619A6B98C8054E55190423B7377DB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:20:51.0055 0x1158  TDTCP - ok
16:20:51.0076 0x1158  [ AB4FDE8AF4A0270A46A001C08CBCE1C2, E420B59E716C09623A28A95CD20721EA3FA2804E44F0D9226C0DCBA8FB716A78 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:20:51.0131 0x1158  tdx - ok
16:20:51.0161 0x1158  [ 85908DA29AF0AB835048107AD2AD07D1, D09E20C636496C6211A2A2460A963F6DE7712977C252A85282BC9B3C1F10551E ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:20:51.0180 0x1158  TermDD - ok
16:20:51.0221 0x1158  [ FAD71C1E8E4047B154E899AE31EB8CAA, 44DDADAFF31B4D6D840DA48A9A435204184CF3016EA426B24249F19C4C5AF304 ] TermService     C:\Windows\System32\termsrv.dll
16:20:51.0294 0x1158  TermService - ok
16:20:51.0319 0x1158  [ B264DFA21677728613267FE63802B332, 46AB67C795C8FA36B22BC1C4DB75E0281824AC99C9BC37EB3A3B13B435F75129 ] Themes          C:\Windows\system32\shsvcs.dll
16:20:51.0345 0x1158  Themes - ok
16:20:51.0361 0x1158  [ 9DFA3A459AF0954AA85B4F7622AD87BB, C7BED7AAAA0DA89C0EE7219FD316DA69C027C27008C02F5028F2D3F33A06CCBF ] THREADORDER     C:\Windows\system32\mmcss.dll
16:20:51.0406 0x1158  THREADORDER - ok
16:20:51.0419 0x1158  [ 6BBA0582C0025D43729A1112D3B57897, 052B291EBE695FB1DF40F65085CBA74624C877D57F881CE79027DEEBFE07FBA2 ] TrkWks          C:\Windows\System32\trkwks.dll
16:20:51.0473 0x1158  TrkWks - ok
16:20:51.0520 0x1158  [ 34E388A395FEDBA1D0511ED39BBF4074, 9A44459AC8A258380E0E46F4F9FD8D9FB34B2FB127F0A672824642886E90A1D7 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:20:51.0564 0x1158  TrustedInstaller - ok
16:20:51.0605 0x1158  [ 29F0ECA726F0D51F7E048BDB0B372F29, FC4D5859633DA90A14CC5026347EF95BA3309594F8485F4F8C6451F44A8A8787 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:20:51.0656 0x1158  tssecsrv - ok
16:20:51.0702 0x1158  [ 65E953BC0084D44498B51F59784D2A82, 64A33090CE2A9046F413C9A0D0209ABF4B3FA0E44031CB871B20CF7C6ADA7021 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
16:20:51.0726 0x1158  tunmp - ok
16:20:51.0735 0x1158  [ 4A39BDA5E0FD30BDF4884F9D33AE6105, C827FCA940CCB4B5305A35E02AB296AD0CB9455B401555BDB2938BAED4A2A5D0 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:20:51.0782 0x1158  tunnel - ok
16:20:51.0807 0x1158  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:20:51.0832 0x1158  uagp35 - ok
16:20:51.0871 0x1158  [ 6348DA98707CEDA8A0DFB05820E17732, FEADD72EBF7CE3E85463D676B45E05E5141EB80C76594DE66E2F3D27569AE90B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:20:51.0948 0x1158  udfs - ok
16:20:51.0989 0x1158  [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD, 8145A7668103B6768D49B5EADCA47C0D75E09C190325892DC74A29A5E959CE37 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:20:52.0017 0x1158  UI0Detect - ok
16:20:52.0042 0x1158  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:20:52.0067 0x1158  uliagpkx - ok
16:20:52.0092 0x1158  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
16:20:52.0118 0x1158  uliahci - ok
16:20:52.0178 0x1158  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
16:20:52.0203 0x1158  UlSata - ok
16:20:52.0235 0x1158  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
16:20:52.0261 0x1158  ulsata2 - ok
16:20:52.0280 0x1158  [ 3FB78F1D1DD86D87BECECD9DFFA24DD9, B6344D33D064B56311168B02315B01238964D834AA44EB6C2B3788698F2077CF ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:20:52.0343 0x1158  umbus - ok
16:20:52.0367 0x1158  [ 8EB871A3DEB6B3D5A85EB6DDFC390B59, 84D8A02CC4597078D868F1C31992D04B2D4B3CC4FAF4F57625A2054C13AE1513 ] upnphost        C:\Windows\System32\upnphost.dll
16:20:52.0440 0x1158  upnphost - ok
16:20:52.0473 0x1158  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
16:20:52.0533 0x1158  USBAAPL - ok
16:20:52.0562 0x1158  [ ED74360CBB08D69DECD0588464A199A8, C7C11BC05284B49CFF9322971088D5607B07E0D953261D248E7A24B349CF40DB ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:20:52.0630 0x1158  usbccgp - ok
16:20:52.0665 0x1158  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:20:52.0748 0x1158  usbcir - ok
16:20:52.0786 0x1158  [ 518FE49C2CB56623DED9C35FA6CBEA35, 63E4DC8E118DA3267B0C68B25F540219810B83C3F0F5700532DB818BED3A6977 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:20:52.0834 0x1158  usbehci - ok
16:20:52.0866 0x1158  [ CC01A1353AA160504D6814A554D6B4BE, 86D44D66C5B68DFBA4C57C637961A027231B15841780AC32E88B0707C63B0899 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:20:52.0902 0x1158  usbhub - ok
16:20:52.0930 0x1158  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:20:52.0995 0x1158  usbohci - ok
16:20:53.0007 0x1158  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:20:53.0058 0x1158  usbprint - ok
16:20:53.0089 0x1158  [ 7887CE56934E7F104E98C975F47353C5, A77F4F36119DE0330CB39F0082130398479016C6819860E8A3873485679FFC15 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:20:53.0137 0x1158  USBSTOR - ok
16:20:53.0150 0x1158  [ E8043983EE9EE02D60C45B0C6D3675B4, FB966D2BA05A0510A2F9CCBE7DBEE648DE18F5BC9419EB2BC53DB35753972E40 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:20:53.0189 0x1158  usbuhci - ok
16:20:53.0221 0x1158  [ 0A6B81F01BC86399482E27E6FDA7B33B, EDED102916634ADE83F5ACE327E2E3FF1C145A35A80320FAF03872B069DDA626 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:20:53.0278 0x1158  usbvideo - ok
16:20:53.0324 0x1158  [ C5B70A6AA947667CE0E5FC84A05EC8B6, 9BBFC601212A1091F71C66EB56CD93717AC8AF067AFDDC10F046142D8ABEB15A ] usnjsvc         C:\Program Files\MSN Messenger\usnsvc.exe
16:20:53.0357 0x1158  usnjsvc - ok
16:20:53.0388 0x1158  [ F79D0D7C9004474CB42746D9B2C30A2B, B693C6DEB1AB879F91BF5362ECD02C8C676A6AAB82D01CB534734CC07FA6A3D8 ] UxSms           C:\Windows\System32\uxsms.dll
16:20:53.0434 0x1158  UxSms - ok
16:20:53.0467 0x1158  [ C9D0BAFEE0D0A2681F048CA61BC0DA96, DEE8345E0F0E1984001C4305294DD0006C9C6DDA08BF8E23669D53919FB0D479 ] vds             C:\Windows\System32\vds.exe
16:20:53.0557 0x1158  vds - ok
16:20:53.0603 0x1158  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:20:53.0655 0x1158  vga - ok
16:20:53.0681 0x1158  [ 17A8F877314E4067F8C8172CC6D9101C, 86644BE36B12DBB61A14AE076EE5A3C04C1AC5328FD540BB39F80086302E30FA ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:20:53.0750 0x1158  VgaSave - ok
16:20:53.0778 0x1158  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:20:53.0804 0x1158  viaagp - ok
16:20:53.0829 0x1158  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
16:20:53.0904 0x1158  ViaC7 - ok
16:20:53.0920 0x1158  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:20:53.0942 0x1158  viaide - ok
16:20:53.0962 0x1158  [ D9E9490C960624C416FBDE080DEEB7FE, 6D7DCD0B3101D1D8D8DB4DD9E729A1700074E8CF63DD7893966D030538693F18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:20:53.0987 0x1158  volmgr - ok
16:20:54.0009 0x1158  [ 294DA8D3F965F6A8DB934A83C7B461FF, 6761A3B24173C76E8AAE17D131EB897F475D84CAE76C9E1CF1F450DF7AC0A9B7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:20:54.0040 0x1158  volmgrx - ok
16:20:54.0095 0x1158  [ 80DC0C9BCB579ED9815001A4D37CBFD5, E80392798A10DD9354683D80FDAE182D5D34CC3945BD5A7D16B79F0B2ED0D1A5 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:20:54.0123 0x1158  volsnap - ok
16:20:54.0165 0x1158  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:20:54.0190 0x1158  vsmraid - ok
16:20:54.0257 0x1158  [ E0E29D9EF2524ABD11749C7C2FD7F607, 9A463C3BC73309B2114F30E8F923FE458F7AF8A385508403B56F260F1C0D042E ] VSS             C:\Windows\system32\vssvc.exe
16:20:54.0373 0x1158  VSS - ok
16:20:54.0387 0x1158  [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED, 6354B3D18AD753A96B38A71C4DC071944C1EFFBB695507DB3F40355203FB9A78 ] W32Time         C:\Windows\system32\w32time.dll
16:20:54.0442 0x1158  W32Time - ok
16:20:54.0481 0x1158  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:20:54.0550 0x1158  WacomPen - ok
16:20:54.0581 0x1158  [ 6798C1209A53B5A0DED8D437C45145FF, 502E472B9B648F11F820D8A0B49890185ADAD213601CE87B765B39CE4F6571C2 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:20:54.0621 0x1158  Wanarp - ok
16:20:54.0626 0x1158  [ 6798C1209A53B5A0DED8D437C45145FF, 502E472B9B648F11F820D8A0B49890185ADAD213601CE87B765B39CE4F6571C2 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:20:54.0645 0x1158  Wanarpv6 - ok
16:20:54.0683 0x1158  [ 3350874E51132EA86D153C1B566E261D, 6B802C79B2B67EFEA77AC036212EA94C1027DBDCC1C0D574D0AF5813E5E2E9BB ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
16:20:54.0755 0x1158  WcesComm - ok
16:20:54.0798 0x1158  [ C1B19162E0509CEAB4CDF664E139D956, 24F03AD0EB901777F8DDF874A82BF32361D8313F8E79A477C42D58CD6BF12657 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:20:54.0835 0x1158  wcncsvc - ok
16:20:54.0846 0x1158  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:20:54.0882 0x1158  WcsPlugInService - ok
16:20:54.0909 0x1158  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
16:20:54.0930 0x1158  Wd - ok
16:20:54.0995 0x1158  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:20:55.0057 0x1158  Wdf01000 - ok
16:20:55.0074 0x1158  [ 2A424B89B14EF17A3D06BCB5A8F79601, F0C51F3D5029B5E169F461536BF72D5DD811FE604B59C58902253B54FFBF510A ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:20:55.0114 0x1158  WdiServiceHost - ok
16:20:55.0119 0x1158  [ 2A424B89B14EF17A3D06BCB5A8F79601, F0C51F3D5029B5E169F461536BF72D5DD811FE604B59C58902253B54FFBF510A ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:20:55.0140 0x1158  WdiSystemHost - ok
16:20:55.0180 0x1158  [ 01E41C264EEDCB827820A1909162579F, E21E6CFE3A0F46320175A261E31DA86573F28CCD0C710E972E7888C5FB85C494 ] WebClient       C:\Windows\System32\webclnt.dll
16:20:55.0218 0x1158  WebClient - ok
16:20:55.0244 0x1158  [ 9CF67FF7F8D34CBF115D0C278B9F74AA, B5EE61B3345B3DE88230858FD639A90919D00D52D44C8138E3AD66F79DFBB54B ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:20:55.0305 0x1158  Wecsvc - ok
16:20:55.0323 0x1158  [ B68CAB45DB1DAB59D92ACADFAD6364A8, 47491F6E759CDE7C343648C41302A57B0A41EAD49B7F55AD545743AEF9E168ED ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:20:55.0388 0x1158  wercplsupport - ok
16:20:55.0407 0x1158  [ 36BA0707680EF4236FD752BEE982CC25, 215E20E83A13B0B680990E4557DFBA5B83B60D2FCF356C1AB5BEFEA22B134B0A ] WerSvc          C:\Windows\System32\WerSvc.dll
16:20:55.0470 0x1158  WerSvc - ok
16:20:55.0517 0x1158  [ 5C7BDCF5864DB00323FE2D90FA26A8A2, E948B6BF8985CFF56FBE99AF7AF78CC3123AE5DAC9A5420ADE3C8B52CA702686 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:20:55.0594 0x1158  winachsf - ok
16:20:55.0677 0x1158  [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0, 7FE7C635B811E882AB02437FED1778A11F32F273E44E669DC445E929EF2C9B2D ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:20:55.0699 0x1158  WinDefend - ok
16:20:55.0707 0x1158  WinHttpAutoProxySvc - ok
16:20:55.0786 0x1158  [ 38A7B89DE4E3417C122317949667FDD8, 611CFCC36EABA5752E99C1E0E3F6269C93CC5E5F53495C257929FB5492DCDE97 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:20:55.0855 0x1158  Winmgmt - ok
16:20:55.0902 0x1158  [ 3F6823040030C3E4DA1CF11CD40B7534, 4B1B1CE5F4E6679A96BA081F6CFC1D43FFCE3CAE58B8C3AD74B261D7F5C70E28 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:20:55.0974 0x1158  WinRM - ok
16:20:56.0007 0x1158  [ 086D2E78EECD6195667282ADC6CA109F, 822111B03680BE09A34A51386F4B4D26EAE72347432A3E154E2C5723E071A7BD ] winusb          C:\Windows\system32\DRIVERS\winusb.sys
16:20:56.0062 0x1158  winusb - ok
16:20:56.0123 0x1158  [ 7640ACEA41348BFEF34B76E245501261, 9B1067197DBE0E71AD547535FF8B97E30A89521FB84008DF9F57C71408B714BA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:20:56.0200 0x1158  Wlansvc - ok
16:20:56.0234 0x1158  [ 17EAC0D023A65FA9B02114CC2BAACAD5, CD5856326959DA58B18E2AFD235552E25A410AC6F23F437E7708350833AD8657 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:20:56.0268 0x1158  WmiAcpi - ok
16:20:56.0296 0x1158  [ A279323BEE5FFFAFDA222910BCE92132, 9A61FCDFBB4ECF3ADA153A62E7BF07309FC430DF43FA7A02F2F829E52D4FC65A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:20:56.0346 0x1158  wmiApSrv - ok
16:20:56.0418 0x1158  [ ACB2E63D50157E3EA7140F29D9E76A48, BA5F1F9EB162C7E4CE56D0582DE674803633B9BAAB9A3726DC4CB8AF9E98BC5A ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:20:56.0564 0x1158  WMPNetworkSvc - ok
16:20:56.0591 0x1158  [ 3D3B3B80C12ABE506F56930C46422C28, 9164F603B6BBE4597FDD99545715369FAE97402A2C2E89FD62F8A09629AB31F9 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:20:56.0673 0x1158  WPCSvc - ok
16:20:56.0689 0x1158  [ C24844A1D0D9528B19D5BC266B8CD572, 2FABE49F7B93E5B99EA13828C81BBD7202BA813ACEBB192552E2AFD1E6AD67FD ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:20:56.0748 0x1158  WPDBusEnum - ok
16:20:56.0807 0x1158  [ 2D27171B16A577EF14C1273668753485, CA18E5A467D4C2EA3141F214E3D227630AB4D568179C1597936B55EEED6F5C2B ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
16:20:56.0897 0x1158  WpdUsb - ok
16:20:57.0019 0x1158  [ 762CD41257671CE9DD1B57967537E0D9, 7B1C886704BE082F8D40119926FDDB92B748665501F3C587715C93B7D7575D6F ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:20:57.0115 0x1158  WPFFontCache_v0400 - ok
16:20:57.0164 0x1158  [ 84620AECDCFD2A7A14E6263927D8C0ED, 0FB188B40EA140DC5C7A0AD289613BC3FEF71C220F7852C57650A0889CF99A87 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:20:57.0250 0x1158  ws2ifsl - ok
16:20:57.0300 0x1158  [ F97CBB919AF6D0A6643D1A59C15014D1, E765BAF504DE624AE954531711AAFDD98CE9624C3806D7F25D228B53F6BDA6A0 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:20:57.0343 0x1158  wscsvc - ok
16:20:57.0347 0x1158  WSearch - ok
16:20:57.0491 0x1158  [ 6298277B73C77FA99106B271A7525163, 9E076697F025167B57D8D66ED0862B184D70324E058BFA36E42D0C6728720B31 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:20:57.0704 0x1158  wuauserv - ok
16:20:57.0775 0x1158  [ A2AAFCC8A204736296D937C7C545B53F, AB9C42AA1917E828F84C9D0E7505664937681CEC833600953BB98307F878DB93 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:20:57.0850 0x1158  WUDFRd - ok
16:20:57.0874 0x1158  [ DB5BF5AAB72B1B99B5331231D09EBB26, E1E49CA488211F6CAFF00FBF7F1F044155882864069FACEA3DD397AB8EDDD72F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:20:57.0920 0x1158  wudfsvc - ok
16:20:57.0936 0x1158  ================ Scan global ===============================
16:20:57.0966 0x1158  [ 8CD98A8EC9CADAF4E051CDCAC15C96C4, E2F18E0FFB31FDDF210798EFA0C9C30C04B41B7CAACD93BFC224DE569000C220 ] C:\Windows\system32\basesrv.dll
16:20:58.0011 0x1158  [ E3F137ADC0A9D7F3A2E4F557272FE6B3, A0F1AD68D8749B7366F7429E3CD5524C1DE6DFAE31B3B790DAB4C71080FED84A ] C:\Windows\system32\winsrv.dll
16:20:58.0055 0x1158  [ E3F137ADC0A9D7F3A2E4F557272FE6B3, A0F1AD68D8749B7366F7429E3CD5524C1DE6DFAE31B3B790DAB4C71080FED84A ] C:\Windows\system32\winsrv.dll
16:20:58.0096 0x1158  [ 329CF3C97CE4C19375C8ABCABAE258B0, 193A99EB3151C8C99B05A1BA4A69C39CC95E776CF1D39D7E318254383A4C9C0D ] C:\Windows\system32\services.exe
16:20:58.0106 0x1158  [ Global ] - ok
16:20:58.0107 0x1158  ================ Scan MBR ==================================
16:20:58.0117 0x1158  [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
16:20:58.0540 0x1158  \Device\Harddisk0\DR0 - ok
16:20:58.0541 0x1158  ================ Scan VBR ==================================
16:20:58.0544 0x1158  [ 7D541B99F5EE535B312AFBD1719F5282 ] \Device\Harddisk0\DR0\Partition1
16:20:58.0578 0x1158  \Device\Harddisk0\DR0\Partition1 - ok
16:20:58.0582 0x1158  [ ABF9C1847AE5D49FEB55D7AB1D99C4A8 ] \Device\Harddisk0\DR0\Partition2
16:20:58.0585 0x1158  \Device\Harddisk0\DR0\Partition2 - ok
16:20:58.0585 0x1158  ================ Scan generic autorun ======================
16:20:58.0651 0x1158  [ 04870A30820F902AAB828317C3B5E897, 582E397A787A4FC55B130FFAA0E055B1743A9C20824B06FBB76EC5B346A54B10 ] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
16:20:58.0772 0x1158  SMSERIAL - ok
16:20:58.0879 0x1158  [ 450497C656D16B45EE9D121D64D3289F, D51F66D22DF8F8372BFD046AE52B1FA362BAA6C833124F47DFB51E0736ADB4AE ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
16:20:59.0037 0x1158  SynTPEnh - ok
16:20:59.0298 0x1158  [ 6F77B5BA086729378197CAA18DBDCB29, ECB9163086F7E3C9278B12CB4CC93A4664355BB48D2F9B4E58B28666842CF30C ] C:\Windows\RtHDVCpl.exe
16:20:59.0848 0x1158  RtHDVCpl - ok
16:20:59.0914 0x1158  [ C7C70AE1DE8F0FCC8F2431C5D15632DF, 2AAD851EF8D7C8D7518B42DEA1AE7EE71D98DAFFDD74CA5441AB2CE9A1217479 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
16:20:59.0939 0x1158  IAAnotif - ok
16:20:59.0967 0x1158  [ 25BE770865658CB79100117112819A7C, 6C804A5B135ABC48E2D4468629364766148EC4AFC426839454196DF88942220D ] c:\Program Files\Common Files\Symantec Shared\ccApp.exe
16:20:59.0985 0x1158  ccApp - ok
16:21:00.0063 0x1158  [ 23A7587DC421849A638BA5DBD290EAC8, FBE497D51A5E131C2E36216EB2513A6039CA3D23A984D99364710B03D9A1D216 ] c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe
16:21:00.0675 0x1158  IS CfgWiz - ok
16:21:00.0797 0x1158  [ 041AF1711BF3D6BFF12FD9D28F0AC303, F03BF9B89F2EA5329334201C4021B2CAAEF9E62721A27370C2EEE8FFEAD66A8D ] C:\Program Files\HP\QuickPlay\QPService.exe
16:21:00.0856 0x1158  QPService - detected UnsignedFile.Multi.Generic ( 1 )
16:21:03.0351 0x1158  Detect skipped due to KSN trusted
16:21:03.0351 0x1158  QPService - ok
16:21:03.0411 0x1158  [ 556C110313072B57D9E04F374F0CFEF0, 87D3F057785AC4F97DAA34D3143D1D62CA344B28898A88AE2B7F2907474A1B30 ] C:\Program Files\Napster\napster.exe
16:21:03.0526 0x1158  NapsterShell - detected UnsignedFile.Multi.Generic ( 1 )
16:21:05.0874 0x1158  Detect skipped due to KSN trusted
16:21:05.0874 0x1158  NapsterShell - ok
16:21:05.0964 0x1158  [ A04BE1DBBA0E554B2F33555CCBA5F969, 61300AF83846472FDEAFD3B4821B6BF75850CBB3C67B734073866FDCC9919678 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
16:21:06.0015 0x1158  QlbCtrl - detected UnsignedFile.Multi.Generic ( 1 )
16:21:08.0575 0x1158  Detect skipped due to KSN trusted
16:21:08.0575 0x1158  QlbCtrl - ok
16:21:08.0636 0x1158  [ 06B28C3CFD5C995B82F5EF1E5A0A576C, FD70FD8DAC33A060486718E564D4F26401241A250279332703647B9619B05158 ] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
16:21:08.0687 0x1158  HP Health Check Scheduler - ok
16:21:08.0772 0x1158  [ AF849798ECA383184C88ED436CF3EFB2, 07EDA5CACB03DCB5BC121350E6CA48465790ABB9CA4E02ADDA4539E7DCDE219C ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
16:21:08.0858 0x1158  hpWirelessAssistant - ok
16:21:08.0907 0x1158  [ F533507FE318B46629E84DF630A316F8, EF306B614DE1F8656E9784C0A1A6ECA51552D821F347B6CFE00345611004BD7F ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
16:21:08.0994 0x1158  WAWifiMessage - ok
16:21:09.0037 0x1158  [ 821F73B833C4DAEBC33C1A9A4B16BB5A, B581041DA43D1CB5455B4AB8A999A574725BC742FF324FD12FDB2ED6371F5129 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
16:21:09.0076 0x1158  HP Software Update - detected UnsignedFile.Multi.Generic ( 1 )
16:21:11.0447 0x1158  Detect skipped due to KSN trusted
16:21:11.0447 0x1158  HP Software Update - ok
16:21:11.0452 0x1158  NvSvc - ok
16:21:11.0459 0x1158  NvCplDaemon - ok
16:21:11.0465 0x1158  NvMediaCenter - ok
16:21:11.0473 0x1158  CognizanceTS - ok
16:21:11.0548 0x1158  [ 6E812818306D460D62B4ABEA9FDC6679, B028871E1404FD8B376FABE00A9B3BA010EF34AABBD1B38FC538561635890C00 ] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
16:21:11.0631 0x1158  avgnt - detected UnsignedFile.Multi.Generic ( 1 )
16:21:14.0096 0x1158  Detect skipped due to KSN trusted
16:21:14.0096 0x1158  avgnt - ok
16:21:14.0203 0x1158  [ 38D198A2DD54A67120040566A38103BA, 01604BD91A5B2C0DDC7B52036511F8219952626716E75979D8464F2C56BA0114 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
16:21:14.0219 0x1158  GrooveMonitor - ok
16:21:14.0251 0x1158  [ 4AB05041D5C922B9A7A5D9059F5538CD, 554885535DB523D25DBDB43FBA9384B8E4EC9DF79B02F3B9FFDE3C498106D463 ] C:\Windows\WindowsMobile\wmdSync.exe
16:21:14.0276 0x1158  Windows Mobile-based device management - ok
16:21:14.0395 0x1158  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
16:21:14.0424 0x1158  SunJavaUpdateSched - ok
16:21:14.0482 0x1158  [ 8EEEF4C038A3FF7E56D47D9C0B912EAC, F3FE8BCC07AF70B4EDA7D599B6E1E68A89137C4F33DC76CB84767F8DB1DE6113 ] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
16:21:14.0510 0x1158  Adobe Reader Speed Launcher - ok
16:21:14.0587 0x1158  [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:21:14.0679 0x1158  Adobe ARM - ok
16:21:14.0746 0x1158  [ B899B4608BB72DB2FCC11D350A36D2C6, 7804CA2F8C72936B47D2490A5D36DA45C706ABD2FF247ED7ABC6544EE1BDF09D ] C:\Program Files\pdf24\pdf24.exe
16:21:14.0782 0x1158  PDFPrint - ok
16:21:14.0893 0x1158  [ BED38B0ADFF5F5CC6E988A6491017E83, B2C0EFDEC9320D7EB5882F244E5ACF11A61C1A0AFED83D080C8BB8F7F1AC7E79 ] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
16:21:14.0952 0x1158  RIMBBLaunchAgent.exe - ok
16:21:15.0010 0x1158  [ 50ECAA360582260ACC5E1495CC34A22E, F9D3EB40B802B7092B34B636B89258934420CDA7DAAA1497312FCD11B5A91490 ] C:\Windows\SMINST\launcher.exe
16:21:15.0070 0x1158  Launcher - detected UnsignedFile.Multi.Generic ( 1 )
16:21:17.0525 0x1158  Detect skipped due to KSN trusted
16:21:17.0525 0x1158  Launcher - ok
16:21:17.0686 0x1158  [ 582F3A0BA61D8F0D50C66B592808B6D6, BA4FE8BFE3C7F03AB0A1CF0A52E2B21B8321FD809FA8448E5714D78535165750 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:21:17.0903 0x1158  Sidebar - ok
16:21:17.0908 0x1158  WindowsWelcomeCenter - ok
16:21:17.0967 0x1158  [ 582F3A0BA61D8F0D50C66B592808B6D6, BA4FE8BFE3C7F03AB0A1CF0A52E2B21B8321FD809FA8448E5714D78535165750 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:21:18.0031 0x1158  Sidebar - ok
16:21:18.0036 0x1158  WindowsWelcomeCenter - ok
16:21:18.0101 0x1158  [ 582F3A0BA61D8F0D50C66B592808B6D6, BA4FE8BFE3C7F03AB0A1CF0A52E2B21B8321FD809FA8448E5714D78535165750 ] C:\Program Files\Windows Sidebar\sidebar.exe
16:21:18.0164 0x1158  Sidebar - ok
16:21:18.0241 0x1158  [ 2E0953919779A44BF9DFB7B07C58535A, 32DC0CCEFA5264C35E521C61F7DD3821317A9DB392202B049AB8A3881D8531DD ] C:\Windows\ehome\ehTray.exe
16:21:18.0262 0x1158  ehTray.exe - ok
16:21:18.0317 0x1158  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
16:21:18.0345 0x1158  swg - ok
16:21:18.0592 0x1158  [ 71EFD3095BCA7D2499FB63742E1716EA, 527B37573CDF06AFD41AC1370A5508750AF8FF11AF6A7BB5AF6C3AFB5C74BBDC ] C:\Program Files\MSN Messenger\msnmsgr.exe
16:21:19.0113 0x1158  msnmsgr - ok
16:21:19.0360 0x1158  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Christina\AppData\Local\Google\Update\GoogleUpdate.exe
16:21:19.0377 0x1158  Google Update - ok
16:21:19.0591 0x1158  [ 9D199992DFADBA8720B9037C045657F2, 7FB89E0EED185341A85C4EE6F96BE26A840904CF6E25C032F489EB23D6242B4B ] C:\Users\Christina\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:21:19.0891 0x1158  Spotify Web Helper - ok
16:21:20.0335 0x1158  [ 89E0B29C7C2636C7F80679F616712B4A, 396B636A7D6E10876B53E768C6008089953F98387117856EA60B342B8AF3F38D ] C:\Users\Christina\AppData\Roaming\Spotify\Spotify.exe
16:21:21.0209 0x1158  Spotify - ok
16:21:21.0307 0x1158  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Christina\AppData\Local\Dropbox\Update\DropboxUpdate.exe
16:21:21.0337 0x1158  Dropbox Update - ok
16:21:21.0338 0x1158  Waiting for KSN requests completion. In queue: 17
16:21:22.0338 0x1158  Waiting for KSN requests completion. In queue: 17
16:21:23.0338 0x1158  Waiting for KSN requests completion. In queue: 17
16:21:24.0539 0x1158  AV detected via SS1: Avira AntiVir PersonalEdition, 8.0.1.30, enabled, outofdate
16:21:24.0539 0x1158  AV detected via SS1: Norton Internet Security, 2007, enabled, outofdate
16:21:24.0541 0x1158  FW detected via SS1: Norton Internet Security, 2007, enabled
16:21:37.0446 0x1158  ============================================================
16:21:37.0446 0x1158  Scan finished
16:21:37.0446 0x1158  ============================================================
16:21:37.0468 0x1434  Detected object count: 1
16:21:37.0468 0x1434  Actual detected object count: 1
16:22:08.0278 0x1434  RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:08.0279 0x1434  RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Danke dir, schrauber!!

Eine Frage hätte ich noch - muss ich also Malwarebytes auch deaktivieren??

ja

Leider finde ich nicht heraus, wie man Malwarebytes deaktivieren kann?! Kannst du mir da vielleicht weiterhelfen? Und den Windows Defender muss ich auch deaktivieren, richtig? Hab Sorge, dass ich irgendwas vergesse zu deaktivieren...

Übrigens kam seit gestern keine Trojanermeldung mehr von Avira AntiVir!

MBAM rechtsklick auf das Icon im Tray, neben der Uhr unten rechts.
Defender kannste anlassen.

Ich glaub combofix hat ganze Arbeit geleitest! Danke schrauber!!!

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 15-06-27.01 - Christina 29.06.2015  15:24:10.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.49.1031.18.2046.1280 [GMT 2:00]
ausgeführt von:: c:\users\Christina\Downloads\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\ARKC783.tmp
c:\program files\SaveSense
c:\program files\SaveSense\icon.ico
c:\program files\SaveSense\SaveSense.crx
c:\program files\SaveSense\SaveSense.xpi
c:\program files\SaveSense\SaveSenseIE.dll
c:\program files\SaveSense\SaveSenseIE64.dll
c:\program files\SaveSense\SaveSenseUpdateVer.exe
c:\program files\SaveSense\uninst.exe
c:\program files\SaveSenseLive
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdate.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_am.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ar.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_bg.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_bn.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ca.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_cs.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_da.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_de.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_el.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_en-GB.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_en.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_es-419.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_es.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_et.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_fa.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_fi.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_fil.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_fr.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_gu.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_hi.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_hr.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_hu.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_id.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_is.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_it.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_iw.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ja.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_kn.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ko.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_lt.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_lv.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ml.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_mr.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ms.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_nl.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_no.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_pl.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-BR.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-PT.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ro.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ru.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_sk.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_sl.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_sr.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_sv.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_sw.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ta.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_te.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_th.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_tr.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_uk.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_ur.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_vi.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-CN.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-TW.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\psmachine.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\psuser.dll
c:\program files\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe
c:\program files\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe
c:\program files\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe
c:\program files\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHelper.msi
c:\program files\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe
c:\program files\SaveSenseLive\Update\SaveSenseLive.exe
c:\programdata\SaveSenseLive
c:\programdata\SaveSenseLive\Update\Log\SaveSenseLive.log
c:\users\Christina\AppData\Roaming\SaveSense
c:\users\Christina\Documents\~WRL3180.tmp
c:\windows\IsUn0411.exe
.
----- Datei Replikatoren -----
.
c:\program files\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{01E23105-C5E2-4CAA-BB53-168A9E2C348C}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{030B49CC-DF1A-4B6A-A46B-3343EA8F8577}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{0A89E70D-C46C-4BC8-A102-686C9AF8EFCE}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{0DDBEF4C-7C5F-494B-8E17-76DCE1489D45}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{100623C0-1E14-467F-9DFA-D4E2CA6BFB84}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{100E156A-54D2-4D5C-BEA8-ABFAB2BAF581}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{102BA6D4-5D4D-4086-B34E-2CE224C0826A}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{14B76669-B198-45EB-A8F0-984736B9C9EC}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{14EFAC5F-9DAD-43A4-BC2A-20080D637E2E}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{1974B593-171B-4F26-B9F2-E3CB005A986F}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{1C52D96D-6A0B-485B-9315-B56EE2408F88}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{1C9EA74F-7FE7-402D-A8E2-44EA46743D56}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{1CA7FBAE-2C0E-41E2-8E5E-C1A08E45BCC1}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{2096C293-9DE2-4C34-BC49-C9FEB2FD9276}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{2443E04F-6B89-4647-903F-F041DC9D1EAD}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{2539CCCB-D01C-4641-BFFF-3DC31AA6196B}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{2734D084-2412-46C0-B34A-4A5215155170}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{2AFE17BC-21C7-4ECC-9025-E9E09DA49C7B}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{2C1C2CA4-6454-4858-9007-B3A2E2D369D0}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{3040797E-9219-497D-BAF8-5F9078B56D7E}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{319AC70D-7C89-468B-8DB2-4567687F9DD7}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{32168090-014F-4C7A-B32D-21294050C267}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{345FDE4A-D9B6-47F0-908F-2C4A37367C05}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{3465F290-0414-43A7-B01A-89318760BF53}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{347A93DC-DEC7-4D1B-8977-56128128CA15}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{34ADAC10-FD3A-45D3-ACDC-C99206F7F9B4}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{38B46C70-E8AC-4321-8189-37D1BED0023D}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{428DC1D2-854D-4FB6-A1FE-018DB2499D40}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{42AFE255-860A-4790-82BA-B87247A1DC1E}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{43375693-4AA0-4D1C-AB6F-3D89CED110F5}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{441A712F-1E42-499C-96B4-762503F4730E}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{490EDF92-9A10-40ED-9A6E-FEA9241675A5}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{4A0D963D-B03A-4093-8C11-D7FCC1F824C5}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{4A924E65-D0AF-4595-A676-547101D46CA8}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{55F09789-4D78-4BE3-8586-A4645458C10E}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{572974BA-C55E-4013-B90F-C4A7917B4979}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{59DD6A5C-FDAA-497A-AB17-9093D3BD051F}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{633282D9-FDE8-48C1-9821-34BDBBAD2237}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{6D3F778D-A98E-4F46-AA2F-22E4F4754434}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{7514646A-22DE-4EEF-ACA9-EF7DC9D6242A}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{763ACCF0-181E-4631-9724-216864B74CB3}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{7C8C42A0-9A7F-48D6-9570-47E85E45B88F}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{7D67B90C-F60D-4EA5-AFC7-5130D3C44E76}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{7D7740E1-0305-4412-9EA1-6D4749A3BDF0}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{80209CB9-1C1E-41A2-883A-1F465A847B99}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{802BB9AD-FEE0-421C-A464-5F5AEC916D0E}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{87A8F0AD-4829-4B46-B4DD-5B81C8AA49C7}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{8E75B04D-5112-4282-B8F7-D52D2423BF17}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{8E9C64AE-F66A-4855-8E34-D6B6145B94A8}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{8FDB7A82-2517-499F-8917-909779574C90}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{92F3B2AA-63BD-482A-A449-731851FBF2EA}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{93DEB3E3-443E-45BB-8962-A0ED45E8754B}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{9ADA8A6E-C74B-47E6-97E7-8E862F6423A3}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{9CDEA666-3341-4F53-941B-27F9F7F1A8DA}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{A0E7AE83-2686-48BC-BFFF-C8AD0B4B41E5}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{A0F093EC-EF32-41C2-97F9-E69B985A22A2}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{A1AD233D-00B9-4360-92D4-09CDCDBD59C4}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{A750F984-E3EC-4B28-ADBF-0A07122E6327}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{A8386B7F-E434-4B81-ACB7-78807253EBF3}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{A97A3944-C0D0-4DA7-B862-64DF0A053D8E}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{AB0F47AA-B894-44D9-AEE3-209B95110F40}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{ADA6F535-16B4-4166-8BE5-9E5799C388C4}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{AE4BECBE-512A-4B56-A1FA-BD2144CD307B}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{AE77942F-A2AC-4E7B-80E7-E65D02C41CEE}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{B050B9AC-2E29-4CA5-8665-11ED0208038E}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{B1425107-87E1-4471-A162-D6F22C8E9F9B}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{BA81198B-CCCF-4895-8B95-E4787861C88B}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{BAB57C62-FD5A-4948-8646-8513B57AD9D4}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{BB371E0C-F503-4CAD-98AB-DD64A56794AA}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{BCCDFA21-D4FB-47D6-8CC6-A39DC33A12E6}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{C1A71211-9C0A-401F-9565-56363B321CA1}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{C5AD292E-33A4-4502-89AF-FAB7478271F5}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{C7E0BFCB-F4AE-4B03-AA90-2976F1B182F1}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{C8A7B453-5A7F-4A4D-8577-5C95E95721F9}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{CBD6826D-92B2-4B0D-A2BC-8908F75B81F6}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{CF8B9042-AD58-4EDD-BFD5-823C2C397BA9}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{D1B22C3D-43E7-440D-8B59-89F5CC59C9C8}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{D4979228-7A0F-44C5-A140-6145C406C64C}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{D65CBF2F-207B-40FA-B0AF-27FAA59E1324}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{D6D5EBA2-96B4-4919-8351-1CA2DA2834D0}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{DB760CD8-1785-44AD-B909-3327397DCE40}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{DC8433FE-E32F-4FEB-91CE-2949CDB3A771}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{DE04A59A-F294-40E8-868C-266E310386AC}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{DE4B581E-1BC5-46A3-8E89-1B0797EA4B31}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{EACED780-82FC-47AA-A016-0DED6D2C7BA4}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{EAD7F457-0EE1-43FC-98DB-D4612053C219}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{F805E73F-5E27-4E0F-A3A7-F1CAF0683CDE}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{FDFA2F80-C533-4045-B109-F8F0A35129FC}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{FEC838FD-2BB5-4B41-9F78-6941EA8C3ED2}\GoogleUpdateSetup.exe
c:\program files\GUMF69F.tmp\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{003C767E-6227-4C54-80BB-C0A79B3F228F}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{03B6F134-0B2E-48EB-AD7D-7E9311F8F072}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{06F17BEC-396B-4312-8C2C-97F899EB327B}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{0ACA8539-C80F-42B5-8A15-F2A8E0B0CA66}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{0B3EEABE-2115-41E8-8251-1DB28F427348}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{0ECE46A1-358E-47E1-AA54-F558AB557283}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{0F91B4E0-730A-4B65-8FC8-5CC959D4D8C8}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{1103AB0E-C622-4921-92EE-928ECECCCD86}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{11639484-5707-41CA-BAA2-953C4B4E1F8E}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{2736393A-458F-4DF8-86B9-F904D5607312}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{275AE7BB-D954-4582-95BD-1E2337E18570}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{2DB16247-6E25-46D4-820A-358757320A6D}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{2E9E840B-4286-4266-8F29-57CCFD6A47BC}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{33C35BC2-EC6B-44AB-A126-31931E851BAC}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{355B163D-0CC6-48FB-A00B-D059DD425EC5}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{372C873E-4457-421C-B139-9325EC9F5C46}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{37A041B5-67B2-41D7-9B28-3780DF20CF76}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{385B4C5E-3749-4EFF-9064-980066081AE8}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{3F591634-08BB-486E-A12C-BAEC41DA6FBC}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{43445342-EC81-490E-9CEA-ABCD58E5464D}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{45DB381B-7C8F-4969-BCE3-1C070F973B87}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{4F2E5CE2-243E-4080-A6F3-113A58AEA17D}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{5089CB55-B1B9-4BD1-9956-324447EB68DB}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{5805325A-2D6B-4E4E-ADA0-A4F663C1FACF}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{5CB1625D-FE7F-4452-9C54-0A562CCE51B8}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{5EECF666-36B8-490E-8076-97C4A6704D9A}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{63F6C798-6A36-4598-943E-DA26B3CE3752}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{6CA1D756-7094-4A02-B12E-BB0D9C4A7614}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{70637ADD-77E4-45D9-A7D7-8D51DA781895}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{72FD5353-8535-4BCE-982E-500908E30790}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{7759469F-8697-40A4-AF19-7D6FB2B7D735}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{784DAB3C-94CB-42C3-9467-4F449276F0E7}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{7994E5FD-DC70-4FF4-9A74-621C2E524805}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{7EA86AFF-0EB3-4C85-9C1B-7896867AB6CB}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{7EA8C95C-95F3-4A16-8F38-F533BCA64897}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{7EC70F0E-C25B-402B-BA89-103C873C53BF}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{825D6435-C424-495D-86BC-38EC3459B08B}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{8493FBAD-EEC7-411F-8C60-C170FDBBF2E2}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{85554883-6730-4804-9B26-BAFAD6F2DD60}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{8881C1FF-5E19-43CC-A948-22B945D1BF11}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{8ADE37EA-6E42-45B5-B345-E03EAC6E9D3D}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{8D9D18F1-049B-4752-B4EE-1C77313D3023}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{938B46FE-593A-4DE9-94C4-1C6F6F12D565}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{93C82808-39E8-46E9-9586-16A7BFC08B91}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{94349983-8CE2-42A1-BDD9-78A12E4A65A2}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{97C82895-07A4-4E2E-A0AB-BAC85CE80968}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{98DB4EE4-03F1-41BD-8A8D-5FF8436E61DC}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{9A5373FD-B709-4064-82AB-57A835F42E0B}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{9B794113-3641-403F-ACEA-C806CFA05AF3}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{9C2A6EE1-D21A-4B8F-A170-F029A68C39A9}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{9E5643BB-EF0B-45F1-A2A7-51BE3B5B4682}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{A023A547-060C-4B43-96F3-4A6696BE8A09}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{A232ABA5-9D1C-465D-8526-874C69615738}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{A6F47445-91F3-4BCF-8604-BDA33CF6EA65}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{AB3F24F5-6214-4FF4-B25E-04C39F11A9FF}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{AE32DF5F-EFEA-442D-A3A2-96DBC9BA6FE2}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{B2691CEF-06EB-43AD-88C9-5464F1FCB6DE}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{B3CF4F25-1175-4C02-A44A-4E35934BCBBA}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{B427ABA1-7AAD-4CD6-B20F-107452271BE8}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{B6B5B5C4-9380-4926-8315-340A970411BC}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{B8D55BBB-C4F7-42B5-B6E3-18B1684EE6CD}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{BA63F426-D3B2-4968-99C6-F777D39A2A4D}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{BA91362D-7F98-400B-AB89-BB754CE67EC0}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{BC8D90FB-139A-4F73-98C3-BD90B305C7D9}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{BF318694-DE24-4354-B893-ABA9422E95A4}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{C1853BE9-F233-49D1-938A-4A2F485AAD43}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{C84AF59B-856E-48CC-A5E4-0B8DDA90E9CF}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{C9289FC3-D003-4E80-AF9D-67ABDA2067A4}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{C942835D-D841-4B29-A087-ED3F2D32567A}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{C960E94B-2CC6-4397-976C-10CB0C978803}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{CB9030E0-2A36-41D4-A12F-7A2B13992EA8}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{CE0E9F5F-20AE-4C9A-BCA3-FE541EE8E5C2}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{DA677AC5-2FA5-4227-9652-461058986FA8}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{DCC8837B-163F-4E40-A910-0B36F2F2D4A9}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{DD52B7F2-2A3D-425D-B934-C8F31562EA9A}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{DEC70527-C4B9-4E61-B69C-F4C79D0BAEFA}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{E0CBB854-8ED4-41CF-A2EE-1D0DBD398DB7}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{E0EABEDF-B922-4EDB-96BF-7407D2593E97}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{E22847AD-B038-44CF-9A8F-E595455AE213}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{EEEAFEA9-5E32-47CF-B06E-2A03305D5548}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{F2F9F6CE-0128-4DD6-8FDB-BF12C341291D}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{F505568B-2BAE-402A-B2B4-6ED7E23972A6}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{F5518481-37DA-4167-9D43-01677C9FE784}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{F8DCD1F1-9464-4D93-B354-4FF2F4006A68}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{FAFD94F2-7668-4E81-BAA1-97CEE28DFF94}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{FC756400-4E44-4C66-AEA0-59FA231D32DA}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{FD690B02-6AE7-4499-A827-EE6A366E5449}\GoogleUpdateSetup.exe
c:\users\Christina\AppData\Local\Google\Update\Install\{FE7CE35C-26F1-411C-BF1C-FD12DE390D64}\GoogleUpdateSetup.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Ias
-------\Service_savesenselive
-------\Service_savesenselivem
-------\Service_savesenselivem
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-28 bis 2015-06-29  ))))))))))))))))))))))))))))))
.
.
2015-06-21 13:20 . 2015-06-21 13:20	--------	d-----w-	c:\users\Christina\AppData\Local\Dropbox
2015-06-21 13:20 . 2015-06-21 13:20	--------	d-----w-	c:\programdata\Dropbox
2015-06-19 14:22 . 2015-06-29 13:35	--------	d-----w-	c:\program files\GUMF69F.tmp
2015-06-19 14:22 . 2015-06-19 14:22	6420480	----a-w-	c:\program files\GUTF6A0.tmp
2015-06-19 11:06 . 2015-06-24 13:10	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-06-19 11:06 . 2015-06-21 13:21	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-19 10:44 . 2015-06-19 10:44	--------	d-----w-	c:\program files\VS Revo Group
2015-06-16 13:27 . 2015-06-16 13:33	--------	d-----w-	C:\FRST
2015-06-15 14:21 . 2015-06-19 11:25	--------	d-----w-	c:\program files\GUMC051.tmp
2015-06-14 14:31 . 2015-06-15 14:20	--------	d-----w-	c:\programdata\AVAST Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-12 07:54 . 2015-06-26 09:57	9252600	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{8364481A-CC0C-4C09-9681-C9A80CC4AFBD}\mpengine.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-10 20:34	151576	----a-w-	c:\users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-10 20:34	151576	----a-w-	c:\users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-06-10 20:34	151576	----a-w-	c:\users\Christina\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-09-20 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-21 39408]
"Spotify Web Helper"="c:\users\Christina\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-21 2023480]
"Spotify"="c:\users\Christina\AppData\Roaming\Spotify\Spotify.exe" [2015-06-21 7415864]
"Dropbox Update"="c:\users\Christina\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-21 134512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 729088]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 4390912]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 115816]
"IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2007-01-13 431752]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-24 176128]
"NapsterShell"="c:\program files\Napster\napster.exe" [2007-01-13 323216]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-01 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-01 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-01 81920]
"CognizanceTS"="c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll" [2003-12-22 17920]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"PDFPrint"="c:\program files\pdf24\pdf24.exe" [2014-10-13 193568]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2013-01-17 267792]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128]
.
c:\users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 43871584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 279456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - COMHOST
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
Cognizance	REG_MULTI_SZ   	ASBroker ASChannel
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-29 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-44100919-1438707008-839284535-1000Core.job
- c:\users\Christina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21 13:20]
.
2015-06-29 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-44100919-1438707008-839284535-1000UA.job
- c:\users\Christina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21 13:20]
.
2015-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 11:31]
.
2015-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 11:31]
.
2015-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-44100919-1438707008-839284535-1000Core.job
- c:\users\Christina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-02 18:56]
.
2015-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-44100919-1438707008-839284535-1000UA.job
- c:\users\Christina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-02 18:56]
.
2015-06-28 c:\windows\Tasks\User_Feed_Synchronization-{91FB1A06-13B7-42FB-8075-357162F4F5B3}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.web.de/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop
IE: Free YouTube to Mp3 Converter - c:\users\Christina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.234.128.9 195.234.128.16
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://vpn.uibk.ac.at/CACHE/stc/1/binaries/vpnweb.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game07.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\tdh8calo.default\
FF - prefs.js: network.proxy.type - 2
FF - ExtSQL: !HIDDEN! 2010-10-06 16:22; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.buenosearch.tlbrSrchUrl - hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=0E9A001E3701AEF1&affID=128491&tsp=5183
FF - user.js: extensions.buenosearch.tb_url - hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_ss&mntrId=0E9A001E3701AEF1&affID=128491&tsp=5183
FF - user.js: extensions.buenosearch.id - 0e9a9822000000000000001e3701aef1
FF - user.js: extensions.buenosearch.appId - {37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
FF - user.js: extensions.buenosearch.instlDay - 16140
FF - user.js: extensions.buenosearch.vrsn - 1.8.28.7
FF - user.js: extensions.buenosearch.vrsni - 1.8.28.7
FF - user.js: extensions.buenosearch.vrsnTs - 1.8.28.711:10
FF - user.js: extensions.buenosearch.prtnrId - buenosearch
FF - user.js: extensions.buenosearch.prdct - buenosearch
FF - user.js: extensions.buenosearch.aflt - babsst
FF - user.js: extensions.buenosearch.smplGrp - none
FF - user.js: extensions.buenosearch.tlbrId - base
FF - user.js: extensions.buenosearch.instlRef - sst
FF - user.js: extensions.buenosearch.dfltLng - en
FF - user.js: extensions.buenosearch.excTlbr - false
FF - user.js: extensions.buenosearch.ffxUnstlRst - true
FF - user.js: extensions.buenosearch.admin - false
FF - user.js: extensions.buenosearch.autoRvrt - false
FF - user.js: extensions.buenosearch.rvrt - false
FF - user.js: extensions.buenosearch.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
WebBrowser-{4F524A2D-5637-006A-76A7-7A786E7484D7} - (no file)
AddRemove-SpyHunter - c:\users\Christina\AppData\Roaming\Enigma Software Group\sh_installer.exe
AddRemove-Amelie's Cafe Deluxe - c:\users\Christina\AppData\Local\Zylom Games\Amelie's Cafe Deluxe\GameInstlr.exe
AddRemove-Restaurant Rush Deluxe - c:\users\Christina\AppData\Local\Zylom Games\Restaurant Rush Deluxe\GameInstlr.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-06-29 15:44
Windows 6.0.6000  NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3956)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-06-29  15:50:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-06-29 13:50
.
Vor Suchlauf: 12 Verzeichnis(se), 147.819.720.704 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 149.562.183.680 Bytes frei
.
- - End Of File - - 36003C8E76046CF6288DEDEBC3DDDBB0
1A1A06F62E891045814007163C1C76C3
         

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.