Win7: Runter- und Hochfahren dauert einige Minuten

Forcie0815 · 26.02.2016, 02:12

Hallo

das Hoch- und Runterfahren bei Win 7 dauert jedes Mal einige Minuten.

Nach Lesen diverser threads habe ich Spybot und Avira runtergeschmissen.

Ich habe einige Untersuchungen aus euren Empfehlungen durchgeführt. Anschließend habe ich Windows Security Essentials installiert. Allerdings besteht die Problematik des langen Hoch- und Runterfahrens immer noch. Habt ihr eine Idee, woran es liegen könnte? Hier nun die Ergebnisse der durchgeführten Untersuchungen:

mbar:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.25.06
  rootkit: v2016.02.17.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17914
Sven :: SVEN-SCHLÄPPI [administrator]

26.02.2016 00:07:45
mbar-log-2016-02-26 (00-07-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 367238
Time elapsed: 27 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

ADW Cleaner:

Code:

ATTFilter

# AdwCleaner v5.036 - Bericht erstellt am 26/02/2016 um 00:42:10
# Aktualisiert am 22/02/2016 von Xplode
# Datenbank : 2016-02-24.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Sven - SVEN-SCHLÄPPI
# Gestartet von : C:\Users\Sven\Desktop\AdwCleaner_5.036.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [898 Bytes] - [26/02/2016 00:42:10]
C:\AdwCleaner\AdwCleaner[C3].txt - [896 Bytes] - [20/10/2015 14:47:00]
C:\AdwCleaner\AdwCleaner[C4].txt - [790 Bytes] - [20/10/2015 18:12:14]
C:\AdwCleaner\AdwCleaner[R0].txt - [1448 Bytes] - [01/06/2015 21:03:35]
C:\AdwCleaner\AdwCleaner[R1].txt - [952 Bytes] - [01/06/2015 21:26:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [1293 Bytes] - [01/06/2015 21:06:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [2339 Bytes] - [01/06/2015 21:28:13]
C:\AdwCleaner\AdwCleaner[S3].txt - [818 Bytes] - [20/10/2015 14:45:40]
C:\AdwCleaner\AdwCleaner[S4].txt - [720 Bytes] - [20/10/2015 18:10:34]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1549 Bytes] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Home Premium x86 
Ran by Sven (Administrator) on 26.02.2016 at  0:47:03,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 350 

Successfully deleted: C:\Users\Sven\AppData\Local\{00DF92A9-2F34-49F4-9F93-C2570B3ADCF2} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{03C4A340-DBDD-4393-9DE6-E92C9C294E15} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{040601E5-E52E-46E1-93D8-840A5D1994CD} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{04E5AF66-52C3-4BF3-A3EE-4036F3D294CF} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{04FF3C0E-671D-4275-BB71-269B5EFAB828} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{05FCA850-A048-4C0F-A22B-50C90D76B44E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0723636B-E455-4310-9F57-F355EEC61B09} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{079F2396-614E-428C-95DA-0A404532AF29} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{08F50805-518F-4725-80E8-F27958725505} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{098C6959-C137-40DA-995D-C2C81B621268} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{09B3B8BF-6631-4BCD-8F23-E17D568B59F7} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0A28EE32-15A3-4CB7-B3F6-B29DD85838D0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0A2A6E93-37BE-4C9A-807C-568E3926EC31} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0A2D1F1D-5518-4FA1-B122-860A970C8068} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0A36AD20-39A5-49E7-8B35-857EFEC5A7A2} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0A551D3D-D36A-4D85-97BE-25CA44C9AE67} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0B4EB1E5-D2D0-4E0E-8C8B-6B802D22E8FC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0BA8D314-C679-4036-B84B-8C10D4C3BC9D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0C8873F7-C6C1-4995-9439-41223E9CD561} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0C96CF61-EE9D-480E-9D1E-CDAC0655C3E8} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0DCB040C-2A24-4996-B950-A987A608BC3E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0EF23D38-42D9-4DDA-A23C-858697F13EE6} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0F77F025-B9B7-4BD0-8847-4AC70DC17ECE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{0FB2D918-58B7-4633-8D46-85F4D7C0CA67} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{10DFC26F-3A13-46AC-BDC5-4763A030AE12} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{132DBD17-DB49-4EBC-9A46-7B50B4B298EE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{150B0578-CB8A-46E5-8324-002F7A814EC0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{155F9956-DE4B-4093-97E7-0CF3DB58CF6B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{163BEB90-C9A6-4119-BF61-49312F544DEB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{18697478-7FC0-4B8D-9786-D09F9671972B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1885A49E-5379-41F4-B93B-7917A0A61A08} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{19B1D9CD-06D8-4909-8500-6C501DDD9AF9} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1A06EDDD-CAF6-4482-B1F7-8997E3A141F3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1A270594-2BCF-42B2-BCFD-51DE3EB9D487} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1ADC8976-396A-4F7D-B27C-F902F762AE61} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1C5A62DE-6D8E-4125-BC8C-FDA1FCB437A9} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1CB34292-7C2C-4DF2-9B2E-C3F607716261} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1CB675B2-6A44-4B27-84E7-BABEFA7D1723} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1CC96195-AB13-4B0A-8204-C1E4BC6F1669} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1E002088-997F-40E0-83D9-F4F78CAA2E56} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1E32B469-5362-4D2F-9E7B-78BEE29254F0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1E339E22-B2E1-45AD-A365-E16D0E3EBCFC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1E619AFE-2E9B-4601-A4D0-5D71A4439416} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1ED81D9E-A7BE-4894-969A-712CCE011B1C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1EDC445C-EBA3-4DF3-B7E5-C53A5CAA07F4} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1F415529-BC8D-4C37-B91A-0497050438F7} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{1FA42CA0-C928-492B-BC98-F8D9B303CE53} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{200F20AA-E6F4-49FB-AC5D-638EB95E0DB2} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{20AEEDF3-61EE-4D8E-8B4B-9D970A85B4A3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{224C319D-3D46-4D5D-9AF4-33B080E50274} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{23A38A8F-7254-4DB1-BCC7-C55D4191D629} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2414B41D-3D87-4A68-BEC7-9B7537D1CF08} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2531C4D8-7B65-4A65-B753-9767F07413EF} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{259BABA8-CBCD-4991-80D1-770913A2E296} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2896248D-84AA-47BB-9B0F-71884AF01BB3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{28CB52AF-CE58-435A-8A1E-D6521EC5025C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{291F4C04-26BA-4A71-A15F-D7308F7D8EB3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2A49EFE8-18F2-4F1F-A01E-15AE96866F29} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2AA94679-A748-4719-BFC8-C00D3681AAEE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2AFF66EE-9846-4F42-9F77-FB5391076259} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2BFEB19E-E901-4853-8AAF-DDDDFCDF1C52} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2CC963D9-B523-4912-8A43-E4591ADCE798} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2D74C362-5ACD-48DB-A421-B3E8E530E79E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2DA01606-2453-43EE-AF7B-B190A8A6F618} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2DA33C3F-7F2A-4CF2-88E8-15E8B9384157} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2DD17CB5-C6C0-410D-8ABC-D0271CEAE309} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{2EF191AF-956A-4460-B85C-ADB9564FDCF0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{307F73BF-5FCC-4421-AEAA-3CF397C7BB25} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{321AF4F2-A8EB-4749-96F7-11C5244A7981} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{32247754-9125-4035-AAC1-3F82A7265A6A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{32A3A194-2F85-4448-937E-C4DE79DA88DE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{32AD08A4-1424-451C-A134-6CDB9112570E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{32C5E477-08F1-4015-9B63-9FBC4EFC299E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3409203D-4CF9-40BD-A572-631FFA5BA31D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{34F0787D-8161-4DD9-B92E-B554DB5F8ECA} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3535EEDA-59CE-41E8-8F08-DDD71D72B816} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3607A560-8177-4C35-B1CC-276150FC46EC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{36A825F9-BD86-4DD7-A133-C17ECDE5D06C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{37C9C951-4758-4BE1-ACE7-C686F9F1059C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3866CE82-F81F-4E28-9F15-6B7954277127} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3887DABE-E1F1-42AD-8DD9-F35CAF952D78} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3A6A09D0-553A-4773-9A5F-8B780015A1F1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3A844EE1-B192-4C20-BE24-1B49F9BEFC5D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3AD7CF2F-05BE-4BCE-A51C-8F7BBBA011E1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3B249755-244F-40A6-A86A-A620AEF17DC1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3B291736-C10E-4CF3-8431-EC9CA3433ACA} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3E338FE6-F0A9-4B0E-8B5F-058E03533663} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{3F01B3EB-0D70-439D-A041-B28765635352} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{40E679DD-0958-42E3-B80F-B21DF8F9BF81} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{41697115-E45C-4220-BBCB-BBCD76196D41} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{423439E7-517A-40A8-AC24-C3FB3F9869CC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{426A7F3E-DB08-4345-A23C-14D2A7D3594E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{43C8F43F-D5E9-4E53-BB09-6E55C77CF4A5} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4615837F-A68D-4D29-B1C1-D3B4EC3F35D1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{463E2598-6D2D-4108-BEC1-F4D0B41D6351} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{46E25C70-7F24-41E7-BA21-2F88BA1B8683} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{48EC3397-5A69-4E7F-8DAF-783B56BBB439} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4990CA43-AACF-47A3-8835-DA2B2F62FF03} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4AB7DA76-3928-4A5E-A512-403F496F973D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4BAF324E-1E26-4D86-BF84-CC5EF6FC62BD} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4BDE08CF-241C-44FD-B9E7-D7CA2AEC1FF5} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4BDE715D-2969-4ABD-B363-1FB6D6B07B76} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4C1ECBD0-9871-4B4E-94AC-AD8F1C90AB87} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4C2BC90B-A3A9-4CC5-8999-B2DC356AFDD7} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4CD0A613-50D1-4EDB-B3EB-9A0765F32D87} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4D70A307-C0E6-47D7-BCC8-718AFB5F4B43} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4EA16C17-F0C8-4089-817D-961689E57D20} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{4FEECC1A-FE29-4EFB-B214-36F2C05F1178} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{5122AC03-0B53-4BAB-AABB-C641EA9F8B8E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{512EDF26-FB4E-4558-B2C0-173906347282} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{53A40BED-05E2-4286-842F-4592E7348B73} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{53C7B58D-8A04-4128-91B4-88E1A71CAF97} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{5436400A-21B5-4366-8671-FCA320D37268} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{54F9454B-9311-498E-8B84-F79C85C9ED9A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{551874EE-FF50-4C13-8753-9F781ACADFBA} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{55842BDD-08C4-429A-8549-37456B6702F1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{5695AF62-7844-41C0-8E9B-E3279EB5E0C9} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{56BE0536-482A-4F58-9BC5-83E3349039F9} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{56E8D6BC-FDAA-4A0D-8478-01AECC70EE0F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{57060A3A-75EA-458D-A763-68D60AF012C6} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{5711492F-9A48-4CD6-94C5-EC6100970183} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{575F012E-201B-4688-AB41-EF9DCD46E31F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{584A55BE-67AB-4625-8484-F39380764983} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{59279CBA-9BB3-4B6F-992A-AC86B7A1DFF4} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{5977B574-72DC-4663-885C-251B577F99B0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{5D4D6125-2A0A-4AF3-804A-E13EA8A9F9A1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{5EE76605-C01D-467E-AB87-15998B259B19} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{607B53C9-F06D-4A16-B7E2-454B9F60CF91} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{60A37A1F-1AA5-42E9-9045-39D78DB484F9} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{618678FA-C81F-4CFD-92D9-A3E70C48A163} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{618687C0-DB31-40C9-B399-90DA07E93CE0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6190125E-3725-4A4D-B0CB-05D7F1E78FAB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{63648025-3AFA-40C2-82BE-89187E03266D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6426C918-0F5A-41C3-8808-7779D5CD7473} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{657C38C8-DB0E-4A60-911F-3966DFAEB320} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{670C9A0F-FC4A-48BE-A4BD-0194C8E02875} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6724BBEA-36CD-4AE9-A20C-29E6C2A7DD00} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{686121BC-237F-4F03-AA67-AECFBE9BA978} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6AADE5FA-CAEE-4ED5-A6FE-01FD576F4DB7} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6AC8F197-69EC-4DDF-BE2D-A158EE8D9BCD} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6D7D94C2-11BA-4CBC-B5CA-CDF7E2F28E98} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6D846D9A-C651-452A-8A7D-BEE731E4BF0F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6DB769E7-C4FA-4233-8C46-62B495474AC8} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{6E6DAFB2-D979-4311-A55B-568B51576EB0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{70B301AE-9968-48AB-9F17-FA27753419F4} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{70C73096-EBAA-4E69-A95C-08C6A76E7A01} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{71E3393A-CFCA-4BF5-AD76-5243E1205F23} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{71E8DE5A-9415-470C-98AB-A195375083CA} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{71FD2C80-6B9F-4D35-8D5B-6C925392C043} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{722B6A9B-388F-4AD9-898B-1277BB6471CB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{72497FAC-59A0-4FE7-957E-397E4226050F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7304FB7E-9CC6-4818-89BF-66126472F71C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{737E1B9E-4035-4C47-BA80-F90FA37C4655} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{738A4585-BE7B-4D99-A35E-43A9A5D3E39D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{75D995DA-2A87-4E5A-B25E-AC024A72A83F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{75E4FF6B-C070-44A8-9E09-C30FA6A5BD44} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{76525841-C5A7-4F51-BDC9-D487974F9BB2} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{76A8229A-4DCA-411E-8DA1-9663D3D23F62} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{779C6040-8858-4904-82DE-8018B6FDDEEE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{789831AD-2E7E-4011-B1C9-F4F1D822227E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{78D78769-329E-48F2-B0D9-E7BF262E66F0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{79311EDA-7497-47E2-A818-E4F3D5D31CA3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7A76EF00-C828-4E1D-8729-802F400648BD} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7AE188E9-51CF-42B7-9818-F74C9CAA2CCE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7B9BDD5E-E5F3-4AF3-988E-CE69519CBBBB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7CCB67F8-5DF5-4FCA-81DC-C519A3F13A0E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7D212740-E938-476C-B8E8-CFFB89C11C34} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7D224E65-AE09-4071-88AD-46DAEC95B9D6} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7D3B98E9-7305-49E6-8DD4-1BB0E4AA68D3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{7F3F0DAD-CC21-443F-A3E8-63441D4579C6} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{815D216D-01E9-473D-94DC-903F5B500C45} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{817C8E41-223F-49E4-AD01-FC7338617E6B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{82F48155-C3DF-45C2-93FB-7E5F5FD10FF8} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{84265258-5A75-4BB3-9663-C5C253CCFA74} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{8429557C-1DCD-44FC-811F-28AFA73A719E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{852B1FED-71B7-465E-A6BE-FBC00542C45E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{8568D3E2-C011-4115-BBDC-8DEA4BC5F21B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{85A09B19-31D9-40E1-9603-B48D9488C847} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{85B7532D-6709-48E5-8060-90A3330F6BF7} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{86EBDFF4-E1EF-4D98-91F0-D1F69EDBC609} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{86FDBB45-014F-4149-931C-1C924C00380A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{876D9F2A-104D-4FFF-BC15-ED534BA2094E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{882CEFA0-B686-4708-B921-D7FA03AF9D56} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{8AA0B19C-4E85-4AAC-B667-08D6DCA05DDD} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{8B9DD0B5-2977-408A-8E1B-ADE181522C96} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{8CDFAE52-13B8-4008-930A-4E3875178CDB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{8DD952D3-9A5E-4ABC-A2E9-00ED83BAFD05} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{8E20E204-4774-4334-B353-E79E91E20310} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{8F46F36D-EDC2-45AE-9560-F8ED344D0E20} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{908F5E51-3622-45AF-ADD1-DBE7C6619BDC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{91266856-0F88-4D01-9964-8FD651B09F03} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{925F8353-4B34-4153-8767-9BDF8EC1A234} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{92A03062-ED76-451F-AF51-FD681C9D0E24} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{92DC0174-6ACA-43BC-8058-EC0ED334F916} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{93184535-E8CD-4CC1-8A1F-714342353E13} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{93390142-CF69-44AB-9D9D-2F4BB5F5CA3B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{936491B8-E0BE-4295-B764-BED1A77FDF84} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{939B6304-CA72-4990-98B0-7A9645A2DD7A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{946CF525-D896-43E6-886A-8C0FD37FDAC6} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{94D9E0E9-B3E4-4E3E-B692-8A259EE86B7E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{97089B0D-75B2-44B6-8694-376C228F0A48} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9720BB45-895F-49E2-9B64-0202AE069885} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{977F261C-747F-4F80-B376-9962D5880B58} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{98C4D12E-A889-4F0F-8365-E3F8C02C33B5} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{99C627C8-3CF3-4FEB-A3CE-DEB84C5B592C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9AE1B3DD-D0A6-4CDE-89CD-5137EFA018B7} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9B79BA7D-0B73-4321-92DA-1289F31BBF1B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9BEFF3BF-918E-49AE-AE1F-E364B60BB0FB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9C1D2621-5146-468C-B651-9A5DF9334BB5} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9C8E9FED-7E71-4B74-AD4C-61C7D006D30E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9D02CDD0-802B-4095-BB97-B7F34D7511DF} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9D0FD1F5-8E45-4760-817B-1A729B6F5AD8} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9DFD3CFF-9DD8-459E-9486-194FB087C652} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9EA63DA7-EC3F-44D5-BC2E-4D5B54DA142A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{9FBD04FB-65C9-4684-81A9-0ECC7022F64C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{A2DD4233-A756-46D0-8AD5-C03E78257C70} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{A2DDF727-1043-4541-A1D0-9DE9C56A6A71} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{A3691690-3356-48B9-AA9F-838874111EF7} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{A53376E6-9146-4E5C-B497-7B7C90F69697} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{A5732854-47D7-4D70-BD64-5C888AEF7C8A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{A5BEA27C-10E8-4F25-836F-A7D19ECBD5C8} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{A6BC0035-DFFB-40E4-904A-8DA738A387B6} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{AA98DF1C-B0DA-4172-9AB5-FEBC09FC59BE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{AB28B660-383B-4465-8066-39BC5EC42E4D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{AB32F1F7-B2CD-4EF1-95C5-D4E2B5359409} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{AC2562B0-3E3D-4307-B73B-7D5FAAD796C6} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{AC4E5EAF-73B2-48CC-8D7D-D91B9637EC7D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{AD1FE52D-EECA-4252-9AA2-5C8910EFDDFE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{AF0E9A9A-D990-4D7B-B3F1-662B93D380E1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{AF8E5113-5FF9-42DA-96E9-3FB46A863CAB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B00FE639-D9DF-427D-8DF2-B6710A084ADF} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B01C0A29-36F5-4E39-A51E-886916725BE9} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B18AE784-A3D3-4A11-8442-ACB0D52FDF8B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B1C99E8A-C7E6-458C-BCBA-40C1C597E356} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B20B5EDF-32C5-4FE3-9400-10BAA3559B5F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B21B2B7F-FF05-4F18-B4E5-2A651BBEAC8C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B29E8C05-B2B5-4E4F-862C-2F06C73E83EE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B2B0519F-456D-4024-AD07-4A91F0B6EB2A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B34CD601-AC17-4E4E-AA93-EEC885312C7F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B45C1E58-0A88-4D5D-9B14-834226A10499} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B46C0F95-2220-4639-9984-27DAEB46A8AF} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B4E1B127-8EE1-45D0-A6C6-5674D5A10D5C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B531CB9B-9DB3-413C-A969-DF30252E4884} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B5AD3C6D-3536-4BB6-9CA0-DFDEB93C179A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B60A0ED4-9E9C-47A6-B23B-4DA84B9AA7C3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B83F40B2-3C39-45A4-AD57-66EBAD683C52} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B8BC8A91-4A8B-443C-94D7-D02361DBA8CA} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{B9E080B2-241C-4165-B867-36BFF1FAACB3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BA06F1B6-68E4-41F4-B1E3-5665CA66D3AB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BB0AB05F-1197-4304-8749-065B38DE8692} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BB1DC1AE-F245-44E4-95E6-CEB0445039F8} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BBAA41EF-F837-4C56-9C41-03007763B400} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BBE79C3A-FFC0-45CF-A669-FD497B0C2ADC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BBF2513E-4B25-4387-BAA7-9AED83F2F55D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BCA1D5FE-4BF4-4427-B816-A85EBBBFFDE0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BDAD6F7C-87EE-44F0-ACE2-34B035944ED2} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BE183E6D-0EF5-4A8F-86F1-F35F1850D957} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BECEBB3D-6D3A-4024-B5E4-AC2A5045E712} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{BFFDBA8D-E2E6-4688-8FC8-9FA8B7C92940} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C1A6527E-6E83-420F-9EE1-683E308E9D5A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C2578175-7E99-408E-9AC5-FFBE2524941B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C2DF2E3D-932C-4532-8C23-CB612EA31F0E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C32E1EA0-0BB2-4B72-B108-8A97CFFA7BF2} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C54BF904-83B3-42D0-AA24-FF9A3FFE6A8D} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C57D79CE-985A-4022-A198-3AA56BF7F52F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C6254648-922E-4375-99D1-9287A5657A47} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C6DFFC40-4FCE-43D8-8644-6B83BBE6D2D5} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C7D8083A-B898-4CA9-B81C-3DBF30F9601B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C80A6B5B-2797-4588-9054-73CF5525A908} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C871F65A-E1AC-457F-B3FE-3A94B02E8769} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{C9DA200C-0E6A-48DB-8705-0DDCC31874F1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{CA7979DD-BDA5-4A75-A392-4A48E9B5101B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{CA97ABDD-74B4-4389-9CF4-F1D38114DEE1} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{CB392BC1-CC89-4DEA-AC5B-69C76599B104} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{CB74B61A-453F-424E-90FB-4B416F79A104} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{CBA67DC0-B1EF-479A-B8B9-E9BC1CF3AAFC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{CC9D3624-B1C3-4E2E-8224-F0AC6809314B} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{CE3D0C1F-83E7-4805-8734-46D0D58D4EA8} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D0534CF5-B4E8-4679-AF81-7E20F30BA5F3} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D0A116AF-9191-498F-86D8-D171875BF536} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D0D7ABD9-15FE-42B0-8913-6D4341263B54} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D0FA220F-7333-469C-9940-B4535F6B1BE0} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D1BE770A-0DD6-47BC-AC7C-F9DD8B4080F7} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D2EACF91-82E4-44D2-86B9-9C4365D4FEF4} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D458CE3B-CD09-4036-B041-AFDB38BCD5FD} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D4C7CDE2-1E79-4DF4-BCDA-850C48068890} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D5C11416-11E0-49A9-B0E3-9BDB23D7F784} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D5C68886-4425-40B6-B0CF-DB9EE20AFE55} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D66F65D6-03B8-4741-A0FB-C54461D7B034} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D6FFE9D3-0EFB-427D-8D7F-037C223FAAD4} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{D74467B5-8175-47D6-90E1-962270DADDEC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{DC987CC9-8849-40ED-B2BE-EFCF149D3E84} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{DCF59BEE-2AF4-4274-957E-347AA08B8D53} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E01DF550-1E2D-4D2D-871A-7C0E4C35331A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E119978F-5CBF-420A-81D2-53502AC8213E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E13E4A5E-26B8-4989-B488-BC8A2151A3CE} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E1B4E658-904C-43B1-AED1-9318C243D3FC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E1CCCA40-BFD5-4D50-9292-E9888918F32F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E2D747B3-75BB-4416-AF66-A73699FA382E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E342EE3C-1D29-4BDA-B5F8-08E7A8528A64} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E4319436-BF4B-4AFD-A01A-2592856F82AD} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E44FB717-DECA-4457-B4B4-AD79FEBA9EFB} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E7CDFD4C-705A-4F5C-BF48-A5ACA1849EE2} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E8FF7DB6-1D5E-48E1-8099-19EF4F2A4133} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E9841175-B53B-422B-A7DD-9F22DF633D1E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{E9B2FE35-9DD4-4E5F-A5D2-F74C967C5A4A} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{EA22C1D5-C88E-44A3-B48B-88048D4CD870} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{EA444A8B-989C-4F7F-A5FB-FAF1FB6C57AC} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{EA91B418-7E68-45BE-A98B-C93172291394} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{EFA4B86A-B900-4856-AFFC-DF9EA507F45F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F0024DF5-0FB5-4C41-A7B1-5F0E63247467} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F02BBB36-48CB-4724-87D6-E0B56CBD428E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F095DC9B-235F-4A53-BA1A-81736AF4E884} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F0EAD711-66C4-492C-9102-D24353014DEF} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F3AB3AD1-415A-41E6-8F39-6ABCE5128A77} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F45859BE-CC80-4324-A1E8-9B54AC31C6AD} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F636FB8C-8974-4A7D-9B64-59ED7BA6AE62} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F6D474AF-0DD8-4623-AAC5-386C16441AB2} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F7AB5FA5-4F1E-436A-B4F9-E8CA5F92A60C} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F7D53594-67B6-4199-B56E-2E942B1529F4} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F872F8CD-489D-4530-8C07-5C3457B0F6BA} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{F9DC56A8-DD8D-40C1-9576-F02C0C208831} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FA182EE3-1EAB-40BF-85BB-82A65E37AAA5} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FAAA776C-427D-411A-AD9B-F7A96E635F76} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FAE8D7AB-02F5-456F-B76B-F45DD3E6D80E} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FB88C1DF-F985-41A3-9E6F-9214207FE17F} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FB8D5215-D503-4604-85D1-F0A2A9891220} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FD49CB75-3228-419E-95C0-274D9C4CE003} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FDBC7D04-AEDF-47BC-B42E-C4597A520559} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FED06FDB-42C1-4030-A631-2AB72FFEF4A4} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FED702F4-99DD-4BAD-A908-33FB979F6878} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FFB503CA-B01F-4365-9B14-529DE1027665} (Empty Folder)
Successfully deleted: C:\Users\Sven\AppData\Local\{FFE4E8EF-79BB-4C29-A1CB-7E184666C536} (Empty Folder)
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0H01OISA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3847YJYQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SUJ5F9R (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8WF1L4IN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AGCOAW64 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPSHCZKJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RA91M6B8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WLHK7PPU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0H01OISA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3847YJYQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SUJ5F9R (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8WF1L4IN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AGCOAW64 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPSHCZKJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RA91M6B8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WLHK7PPU (Temporary Internet Files Folder) 



Registry: 1 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.02.2016 at  0:50:05,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

mbam:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Error, 26.02.2016 00:00, SYSTEM, SVEN-SCHLÄPPI, Protection, IsLicensed, 13, 
Protection, 26.02.2016 00:00, SYSTEM, SVEN-SCHLÄPPI, Protection, Malware Protection, Stopping, 
Protection, 26.02.2016 00:00, SYSTEM, SVEN-SCHLÄPPI, Protection, Malware Protection, Stopped, 
Error, 26.02.2016 00:43, SYSTEM, SVEN-SCHLÄPPI, Protection, IsLicensed, 13, 
Protection, 26.02.2016 00:43, SYSTEM, SVEN-SCHLÄPPI, Protection, Malware Protection, Stopping, 
Protection, 26.02.2016 00:43, SYSTEM, SVEN-SCHLÄPPI, Protection, Malware Protection, Stopped, 
Update, 26.02.2016 00:52, SYSTEM, SVEN-SCHLÄPPI, Manual, Remediation Database, 2015.10.14.1, 2016.2.22.2, 
Update, 26.02.2016 00:52, SYSTEM, SVEN-SCHLÄPPI, Manual, Rootkit Database, 2015.10.6.1, 2016.2.17.1, 
Update, 26.02.2016 00:52, SYSTEM, SVEN-SCHLÄPPI, Manual, IP Database, 2015.10.14.1, 2016.2.21.1, 
Update, 26.02.2016 00:52, SYSTEM, SVEN-SCHLÄPPI, Manual, Domain Database, 2015.10.14.14, 2016.2.25.8, 
Update, 26.02.2016 00:52, SYSTEM, SVEN-SCHLÄPPI, Manual, Malware Database, 2015.10.14.7, 2016.2.25.6, 
Scan, 26.02.2016 01:21, SYSTEM, SVEN-SCHLÄPPI, Manual, Start: 26.02.2016 00:53, Dauer: 28 Min. 7 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, 
Error, 26.02.2016 01:23, SYSTEM, SVEN-SCHLÄPPI, Protection, IsLicensed, 13, 
Protection, 26.02.2016 01:23, SYSTEM, SVEN-SCHLÄPPI, Protection, Malware Protection, Stopping, 
Protection, 26.02.2016 01:23, SYSTEM, SVEN-SCHLÄPPI, Protection, Malware Protection, Stopped, 

(end)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 26.02.2016
Suchlaufzeit: 00:53
Protokolldatei: mbam26.02.16 suchlauf.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.25.06
Rootkit-Datenbank: v2016.02.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Sven

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366461
Abgelaufene Zeit: 28 Min., 7 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:24-02-2016
durchgeführt von Sven (Administrator) auf SVEN-SCHLÄPPI (26-02-2016 01:54:55)
Gestartet von C:\Users\Sven\Desktop
Geladene Profile: Sven (Verfügbare Profile: Sven)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(cyberlink) C:\Program Files\CyberLink\Shared files\brs.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Simplo) C:\Program Files\simplo\EasyMnt\EasyMnt.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192000 2009-08-19] (Wistron)
HKLM\...\Run: [LMgrVolOSD] => C:\Program Files\Launch Manager\OSD.exe [343552 2009-07-07] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [413696 2009-08-05] (Wistron Corp.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-09-01] (cyberlink)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [3342336 2009-11-06] (Sentelic Corporation)
HKLM\...\Run: [EasyMnt] => C:\Program Files\simplo\EasyMnt\EasyMnt.exe [229376 2009-09-16] (Simplo)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495728 2010-03-29] (IDT, Inc.)
HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [2629632 2011-05-19] (Brother Industries, Ltd.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
AppInit_DLLs: E => Keine Datei
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{04882447-5B50-4AEC-96CB-1A129BA01B22}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\27742ltf.default-1408619963335
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4076600597-2674156493-3598585986-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Sven\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\27742ltf.default-1408619963335\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-24]
FF Extension: QuickJava - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\27742ltf.default-1408619963335\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-02-25]
FF Extension: Adblock Plus - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\27742ltf.default-1408619963335\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]

Chrome: 
=======
CHR Profile: C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-21]
CHR Extension: (Google Docs) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google-Suche) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-21]
CHR Extension: (Avira Browserschutz) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-27]
CHR Extension: (Google Docs Offline) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Google Mail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393080 2013-02-15] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384888 2013-02-15] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-08] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 STacSV; c:\program files\idt\wdm\STacSV.exe [225382 2010-03-29] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [113152 2009-03-04] (Wistron Corp.) [Datei ist nicht signiert]
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63864 2013-02-15] (BlueStack Systems)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 KoneFltr; C:\Windows\System32\drivers\Kone.sys [13056 2008-12-11] (ROCCAT Ltd) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKsle07e5f22; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{34250174-1B5F-487A-BD55-D03925DF28D0}\MpKsle07e5f22.sys [39168 2016-02-26] (Microsoft Corporation)
S3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
S3 usbglcs1080101; C:\Windows\System32\Drivers\usbglcs1080101.sys [18432 2010-12-24] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-09-01] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Sven\AppData\Local\Temp\catchme.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-26 01:54 - 2016-02-26 01:55 - 00016770 _____ C:\Users\Sven\Desktop\FRST.txt
2016-02-26 01:54 - 2016-02-26 01:54 - 00000000 ____D C:\FRST
2016-02-26 00:58 - 2016-02-26 00:58 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-26 00:58 - 2016-02-26 00:58 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-26 00:57 - 2016-02-26 00:57 - 00000000 ____D C:\Users\Sven\Desktop\msessential
2016-02-26 00:52 - 2016-02-26 00:52 - 01722368 _____ (Farbar) C:\Users\Sven\Desktop\FRST.exe
2016-02-26 00:50 - 2016-02-26 00:50 - 00038297 _____ C:\Users\Sven\Desktop\JRT.txt
2016-02-26 00:46 - 2016-02-26 00:46 - 01609216 _____ (Malwarebytes) C:\Users\Sven\Desktop\JRT.exe
2016-02-26 00:38 - 2016-02-26 00:38 - 01511936 _____ C:\Users\Sven\Desktop\AdwCleaner_5.036.exe
2016-02-26 00:07 - 2016-02-26 00:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-25 23:51 - 2016-02-26 00:36 - 00000000 ____D C:\Users\Sven\Desktop\mbar
2016-02-25 23:49 - 2016-02-25 23:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sven\Desktop\mbar-1.09.3.1001.exe
2016-02-17 21:33 - 2016-02-26 00:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-06 18:51 - 2016-02-06 18:51 - 00100774 ____N C:\Users\Sven\Desktop\lotto 06.02.16.TIF

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-26 01:39 - 2014-09-01 17:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-26 01:29 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-26 01:29 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-26 01:23 - 2014-09-01 17:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-26 01:23 - 2009-10-26 12:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-26 01:23 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-26 01:17 - 2012-12-18 23:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-26 00:58 - 2014-02-26 11:34 - 00002154 _____ C:\Windows\epplauncher.mif
2016-02-26 00:52 - 2014-08-13 14:09 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-26 00:42 - 2015-06-01 20:56 - 00000000 ____D C:\AdwCleaner
2016-02-26 00:05 - 2014-08-13 14:08 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-26 00:02 - 2013-08-06 15:42 - 00000000 ____D C:\ProgramData\Avira
2016-02-26 00:00 - 2015-02-26 16:42 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-02-26 00:00 - 2012-04-25 17:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-24 11:00 - 2014-09-01 17:38 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-24 09:46 - 2012-09-10 13:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-18 02:27 - 2013-12-19 10:38 - 00011968 _____ C:\Users\Sven\Documents\kingnicks.xlsx
2016-02-17 21:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-17 21:43 - 2015-10-31 17:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-16 09:24 - 2009-07-14 05:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-10 13:17 - 2012-04-02 11:14 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 13:17 - 2011-06-08 15:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-25 15:10 - 2013-06-25 15:10 - 0141914 _____ () C:\Users\Sven\AppData\Local\ars.cache
2013-06-25 15:10 - 2013-06-25 15:10 - 0580869 _____ () C:\Users\Sven\AppData\Local\census.cache
2010-10-02 14:32 - 2010-10-02 14:32 - 0000036 _____ () C:\Users\Sven\AppData\Local\housecall.guid.cache
2014-09-18 17:04 - 2014-09-18 17:18 - 0000397 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\avgnt.exe
C:\Users\Sven\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-30 21:12

==================== Ende vom FRST.txt ============================

FRST ADDITION:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:24-02-2016
durchgeführt von Sven (2016-02-26 01:55:56)
Gestartet von C:\Users\Sven\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-03-14 06:34:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4076600597-2674156493-3598585986-500 - Administrator - Disabled)
Gast (S-1-5-21-4076600597-2674156493-3598585986-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4076600597-2674156493-3598585986-1002 - Limited - Enabled)
Sven (S-1-5-21-4076600597-2674156493-3598585986-1000 - Administrator - Enabled) => C:\Users\Sven

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510gm_Help (Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Application Verifier (HKLM\...\{E72400F4-A41E-4019-9143-051BE2951C00}) (Version: 4.0.917 - Microsoft Corporation)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.7.9.860 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}) (Version: 0.7.9.860 - BlueStack Systems, Inc.)
Brother MFL-Pro Suite MFC-J5910DW (HKLM\...\{830F55B6-4398-4B72-A0D8-66397B902C0E}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 3.3.0.5 - Canon Inc.)
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.4 (HKLM\...\DPP) (Version: 3.4.0.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.4.0.1 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities Original Data Security Tools (HKLM\...\Original Data Security Tools) (Version: 1.4.0.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.3.0.0 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3 Utility (HKLM\...\WFTK) (Version: 3.2.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2130 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3213 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2101 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2219 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EasyMnt (HKLM\...\{20AC083C-71C6-4A26-BE7B-9ACA990526D8}) (Version: 1.0.0.18 - simplo)
EOS USB WIA Driver (HKLM\...\EOS USB WIA Driver) (Version: 6.0.1.5 - Canon Inc.)
e-Wörterbücher (HKLM\...\{4737AD9F-13AA-4E4C-B86F-B631D557F6A7}) (Version:  - )
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Feedback Tool (HKLM\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.5.3.5 - Sentelic)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6208.0 - IDT)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
king.com (remove only) (HKLM\...\king.com) (Version:  - Midasplayer Ltd (king.com))
Launch Manager V1.5.0.5 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.0.5 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86 (HKLM\...\{44D9A2CB-0692-3180-B5E2-26F4E807D067}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{24190661-2122-40D1-9F7C-8FDEA5AE4197}) (Version: 4.6.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (HKLM\...\SDKSetup_7.0.7600.16385.40715) (Version: 7.0.7600.16385.40715 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network (Version: 130.0.550.000 - Hewlett-Packard) Hidden
nLite 1.4.9.1 (HKLM\...\nLite_is1) (Version: 1.4.9.1 - Dino Nuhagic (nuhi))
Nuance PaperPort 12 (HKLM\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0145 - REALTEK Semiconductor Corp.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.17 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4076600597-2674156493-3598585986-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Sven\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => K (Der Dateneintrag hat 10 mehr Zeichen).

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {129F5768-CA82-4370-9D07-066BEF28CD0A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2EBEF24E-1EA3-45CE-B03E-010569D4AD5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {321CECF9-E451-4498-B19F-AE39BC5D1DE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4718652A-497D-4E80-B114-E0DED3B052F6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {90A31E5D-78E6-4E57-A28F-504AA0F78E4C} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {A2F06BD0-4CA2-42C8-A890-F65DF40C2AEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {AD34D0FC-2536-426D-A998-4BA2BAF530F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {D95204FF-8EE8-4650-AD11-76AB96C1EB88} - System32\Tasks\{150D567C-4B63-410D-954D-BB8AFA33C509} => pcalua.exe -a "C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe" -d "C:\Program Files\ESET\ESET Online Scanner"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-03-13 19:20 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2009-11-09 20:48 - 2009-11-06 10:40 - 00053248 _____ () C:\Program Files\FSP\KbdHook.dll
2009-11-09 20:48 - 2009-11-06 10:40 - 00073728 _____ () C:\Program Files\FSP\FspLib.dll
2009-06-03 20:59 - 2009-06-03 20:59 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-06-03 20:59 - 2009-06-03 20:59 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2014-08-26 14:40 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: Kone => "C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{61585FD5-3641-474E-9003-F993E87F7DD8}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{08EAF2F8-3D82-4CCE-8E44-8BA88FC98E59}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{7132737A-D357-4F4A-9A51-3812B8949E54}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EB7B454A-DE28-4911-BC62-AD9D4C7B9101}] => (Allow) svchost.exe
FirewallRules: [{4051E022-5178-4F0E-A092-2E8C3D09C3A7}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{74106E51-47E4-49A1-9051-487A63E089B7}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{393AD8D8-2BA2-4D73-B276-6DE2CABFF417}] => (Allow) LPort=2869
FirewallRules: [{BE7349D6-98EB-4337-B71C-EC4FA9B1E288}] => (Allow) LPort=1900
FirewallRules: [{18026AC0-9112-4691-9ADC-EF3B8CD6BFF8}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{CDC0C9D9-3800-43B2-848D-CFBC2B982BFF}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BBFEAE0E-0414-4E8F-B840-A36A42C643B8}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{718C8831-1C3B-44AE-B705-09FE2F203515}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{CB4528B5-D5D3-4652-89A8-43433BBA6885}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FBACFDC2-D09D-4AE3-953B-265E68994593}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{526AB820-17DB-493F-A601-56004505574E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C5FD4900-1F07-4896-A352-6374CE376858}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3837C8A2-C152-45EE-8732-734E1527C20C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{66CDC3DE-D514-4DF5-BC2F-0E2BAB8BACAA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3BC2B179-98F1-4FD4-A4D8-EE4971B19D5B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{96BC5B2E-DE65-4CD6-9334-CB282C5C48F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{58FBAA39-C325-4B2E-9ACD-FC27EB8906CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BF19A589-D871-4308-80D3-26482DCBB18C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

09-11-2015 15:50:17 Windows-Sicherung
16-11-2015 08:04:46 Windows-Sicherung
22-11-2015 19:00:42 Windows-Sicherung
29-11-2015 19:00:44 Windows-Sicherung
07-12-2015 10:09:24 Windows-Sicherung
14-12-2015 11:25:53 Windows-Sicherung
21-12-2015 08:17:58 Windows-Sicherung
11-01-2016 09:14:58 Windows-Sicherung
19-01-2016 12:01:34 Windows-Sicherung
27-01-2016 08:14:03 Windows-Sicherung
06-02-2016 10:27:37 Windows-Sicherung
09-02-2016 14:39:37 Windows-Sicherung
24-02-2016 11:10:23 Windows-Sicherung
26-02-2016 00:47:22 JRT Pre-Junkware Removal
26-02-2016 01:26:34 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/26/2016 01:23:31 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/26/2016 12:43:48 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2016 11:54:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.15.133 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8a4

Startzeit: 01d1701e0c8e8c3f

Endzeit: 60000

Anwendungspfad: C:\Program Files\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 8690b65b-dc12-11e5-ba7d-001f162ff93e

Error: (02/24/2016 11:16:24 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"

Error: (02/24/2016 09:46:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDFSSvc.exe, Version: 2.4.40.217, Zeitstempel: 0x535a5114
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x874
Startzeit der fehlerhaften Anwendung: 0xSDFSSvc.exe0
Pfad der fehlerhaften Anwendung: SDFSSvc.exe1
Pfad des fehlerhaften Moduls: SDFSSvc.exe2
Berichtskennung: SDFSSvc.exe3

Error: (02/17/2016 09:45:17 PM) (Source: Windows Backup) (EventID: 4100) (User: )
Description: Die Sicherung wurde nicht erfolgreich abgeschlossen, da eine Schattenkopie nicht erstellt werden konnte. Löschen Sie auf dem zu sichernden Laufwerk nicht benötigte Dateien, um Speicherplatz freizugeben, und wiederholen Sie den Vorgang.

Error: (02/17/2016 09:41:13 PM) (Source: MsiInstaller) (EventID: 1023) (User: Sven-Schläppi)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F0A4E5B00}" konnte nicht installiert werden. Fehlercode 1625. Weitere Informationen sind in der Protokolldatei C:\Users\Sven\AppData\Local\Temp\MSI8be38.LOG enthalten.

Error: (02/09/2016 02:47:59 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"

Error: (02/06/2016 10:43:18 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"

Error: (01/28/2016 12:17:57 PM) (Source: SDFSSvc.exe) (EventID: 0) (User: )
Description: Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen


Systemfehler:
=============
Error: (02/26/2016 01:23:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (02/26/2016 12:48:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/26/2016 12:43:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (02/26/2016 12:42:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/26/2016 12:42:40 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/26/2016 12:42:40 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/26/2016 12:42:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/26/2016 12:42:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/26/2016 12:42:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/26/2016 12:42:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Matrix Storage Event Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 3036.87 MB
Verfügbarer physikalischer RAM: 1699.16 MB
Summe virtueller Speicher: 3051.18 MB
Verfügbarer virtueller Speicher: 1635.89 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:276.99 GB) (Free:115.41 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:298.09 GB) (Free:0.01 GB) NTFS
Drive e: (Recover) (Fixed) (Total:20 GB) (Free:11.93 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 84F4BAF6)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: E4CF20AF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=277 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende vom Addition.txt ============================

Larusso · 26.02.2016, 07:45

So kann ich jetzt keine Malware sehen, welche dafür verantwortlich sein kann.

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Forcie0815 · 29.02.2016, 09:02

Code:

ATTFilter

08:59:39.0727 0x02f4  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
08:59:44.0450 0x02f4  ============================================================
08:59:44.0450 0x02f4  Current date / time: 2016/02/29 08:59:44.0450
08:59:44.0450 0x02f4  SystemInfo:
08:59:44.0450 0x02f4  
08:59:44.0450 0x02f4  OS Version: 6.1.7601 ServicePack: 1.0
08:59:44.0450 0x02f4  Product type: Workstation
08:59:44.0450 0x02f4  ComputerName: SVEN-SCHLÄPPI
08:59:44.0450 0x02f4  UserName: Sven
08:59:44.0450 0x02f4  Windows directory: C:\Windows
08:59:44.0450 0x02f4  System windows directory: C:\Windows
08:59:44.0450 0x02f4  Processor architecture: Intel x86
08:59:44.0450 0x02f4  Number of processors: 2
08:59:44.0450 0x02f4  Page size: 0x1000
08:59:44.0450 0x02f4  Boot type: Normal boot
08:59:44.0450 0x02f4  ============================================================
08:59:46.0037 0x02f4  KLMD registered as C:\Windows\system32\drivers\66318817.sys
08:59:49.0838 0x02f4  System UUID: {6EBF671E-582C-90AB-C46C-0E092DEB2756}
08:59:52.0158 0x02f4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:59:52.0162 0x02f4  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:59:52.0168 0x02f4  ============================================================
08:59:52.0168 0x02f4  \Device\Harddisk0\DR0:
08:59:52.0168 0x02f4  MBR partitions:
08:59:52.0168 0x02f4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
08:59:52.0168 0x02f4  \Device\Harddisk1\DR1:
08:59:52.0168 0x02f4  MBR partitions:
08:59:52.0168 0x02f4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:59:52.0168 0x02f4  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x229FA800
08:59:52.0168 0x02f4  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x22A2D000, BlocksNum 0x2800000
08:59:52.0169 0x02f4  ============================================================
08:59:52.0201 0x02f4  C: <-> \Device\Harddisk1\DR1\Partition2
08:59:52.0574 0x02f4  D: <-> \Device\Harddisk0\DR0\Partition1
08:59:52.0711 0x02f4  E: <-> \Device\Harddisk1\DR1\Partition3
08:59:52.0711 0x02f4  ============================================================
08:59:52.0711 0x02f4  Initialize success
08:59:52.0711 0x02f4  ============================================================
09:00:40.0351 0x13dc  ============================================================
09:00:40.0351 0x13dc  Scan started
09:00:40.0351 0x13dc  Mode: Manual; SigCheck; TDLFS; 
09:00:40.0351 0x13dc  ============================================================
09:00:40.0351 0x13dc  KSN ping started
09:00:53.0993 0x13dc  KSN ping finished: true
09:00:54.0789 0x13dc  ================ Scan system memory ========================
09:00:54.0789 0x13dc  System memory - ok
09:00:54.0789 0x13dc  ================ Scan services =============================
09:00:55.0001 0x13dc  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:00:55.0149 0x13dc  1394ohci - ok
09:00:55.0215 0x13dc  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:00:55.0255 0x13dc  ACPI - ok
09:00:55.0293 0x13dc  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:00:55.0377 0x13dc  AcpiPmi - ok
09:00:55.0547 0x13dc  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:00:55.0577 0x13dc  AdobeARMservice - ok
09:00:55.0639 0x13dc  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:00:55.0679 0x13dc  AdobeFlashPlayerUpdateSvc - ok
09:00:55.0731 0x13dc  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:00:55.0781 0x13dc  adp94xx - ok
09:00:55.0823 0x13dc  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:00:55.0873 0x13dc  adpahci - ok
09:00:55.0899 0x13dc  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:00:55.0928 0x13dc  adpu320 - ok
09:00:55.0965 0x13dc  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:00:56.0025 0x13dc  AeLookupSvc - ok
09:00:56.0087 0x13dc  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
09:00:56.0169 0x13dc  AFD - ok
09:00:56.0213 0x13dc  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
09:00:56.0237 0x13dc  agp440 - ok
09:00:56.0301 0x13dc  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
09:00:56.0347 0x13dc  aic78xx - ok
09:00:56.0367 0x13dc  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
09:00:56.0418 0x13dc  ALG - ok
09:00:56.0499 0x13dc  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:00:56.0519 0x13dc  aliide - ok
09:00:56.0547 0x13dc  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:00:56.0570 0x13dc  amdagp - ok
09:00:56.0590 0x13dc  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:00:56.0601 0x13dc  amdide - ok
09:00:56.0631 0x13dc  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:00:56.0671 0x13dc  AmdK8 - ok
09:00:56.0706 0x13dc  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:00:56.0753 0x13dc  AmdPPM - ok
09:00:56.0814 0x13dc  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:00:56.0838 0x13dc  amdsata - ok
09:00:56.0865 0x13dc  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:00:56.0885 0x13dc  amdsbs - ok
09:00:56.0915 0x13dc  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:00:56.0935 0x13dc  amdxata - ok
09:00:56.0997 0x13dc  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
09:00:57.0039 0x13dc  AppID - ok
09:00:57.0099 0x13dc  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:00:57.0149 0x13dc  AppIDSvc - ok
09:00:57.0229 0x13dc  [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] Appinfo         C:\Windows\System32\appinfo.dll
09:00:57.0289 0x13dc  Appinfo - ok
09:00:57.0336 0x13dc  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:00:57.0357 0x13dc  arc - ok
09:00:57.0397 0x13dc  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:00:57.0419 0x13dc  arcsas - ok
09:00:57.0534 0x13dc  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:00:57.0567 0x13dc  aspnet_state - ok
09:00:57.0596 0x13dc  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:00:57.0721 0x13dc  AsyncMac - ok
09:00:57.0765 0x13dc  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:00:57.0783 0x13dc  atapi - ok
09:00:57.0845 0x13dc  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:00:57.0905 0x13dc  AudioEndpointBuilder - ok
09:00:57.0935 0x13dc  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:00:57.0975 0x13dc  Audiosrv - ok
09:00:58.0027 0x13dc  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:00:58.0107 0x13dc  AxInstSV - ok
09:00:58.0146 0x13dc  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
09:00:58.0209 0x13dc  b06bdrv - ok
09:00:58.0259 0x13dc  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
09:00:58.0311 0x13dc  b57nd60x - ok
09:00:58.0357 0x13dc  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
09:00:58.0403 0x13dc  BDESVC - ok
09:00:58.0423 0x13dc  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:00:58.0483 0x13dc  Beep - ok
09:00:58.0545 0x13dc  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
09:00:58.0623 0x13dc  BFE - ok
09:00:58.0697 0x13dc  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
09:00:58.0869 0x13dc  BITS - ok
09:00:58.0909 0x13dc  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:00:58.0929 0x13dc  blbdrive - ok
09:00:58.0979 0x13dc  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:00:59.0019 0x13dc  bowser - ok
09:00:59.0049 0x13dc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:00:59.0079 0x13dc  BrFiltLo - ok
09:00:59.0099 0x13dc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:00:59.0127 0x13dc  BrFiltUp - ok
09:00:59.0151 0x13dc  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
09:00:59.0201 0x13dc  BridgeMP - ok
09:00:59.0243 0x13dc  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
09:00:59.0303 0x13dc  Browser - ok
09:00:59.0355 0x13dc  [ 7FDC0A90C231874253C0F4AC4343E288, 140E7C91895C1C4F34EC37D53FCFF3DC8525F3A16A9096A3AA9CF4B211289888 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
09:00:59.0439 0x13dc  BrSerIb - ok
09:00:59.0477 0x13dc  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:00:59.0547 0x13dc  Brserid - ok
09:00:59.0567 0x13dc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:00:59.0607 0x13dc  BrSerWdm - ok
09:00:59.0637 0x13dc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:00:59.0657 0x13dc  BrUsbMdm - ok
09:00:59.0677 0x13dc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:00:59.0717 0x13dc  BrUsbSer - ok
09:00:59.0768 0x13dc  [ F5390255C73F8CB4995BDC687555FD19, 7C2E7E166B8693C74701B03216E695FCE27D896A0F6A981E54AEFFBE1DA3753D ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
09:00:59.0826 0x13dc  BrUsbSIb - ok
09:00:59.0881 0x13dc  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files\Browny02\BrYNSvc.exe
09:01:00.0084 0x13dc  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:01:02.0698 0x13dc  Detect skipped due to KSN trusted
09:01:02.0698 0x13dc  BrYNSvc - ok
09:01:02.0817 0x13dc  [ 173BBAE8027339608CBD5C5369BCDDDD, B4D66648F8993B41DC09FF3208FD57783A1AEFC499FD3543596951EDE0154936 ] BstHdAndroidSvc C:\Program Files\BlueStacks\HD-Service.exe
09:01:02.0867 0x13dc  BstHdAndroidSvc - ok
09:01:02.0939 0x13dc  [ 9DD09756BDD8032459698428BD0A1763, 0D938607BAFAA062D6B0F43655DC0AF4C4530A5BA37E35D45DD6CB78EC6F6165 ] BstHdDrv        C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys
09:01:02.0994 0x13dc  BstHdDrv - ok
09:01:03.0051 0x13dc  [ D9BD54860A00FE88B660D26E66EB075A, DFE3D11F82726A70F93BC282D05088990E15CD79585BE694D1C28A98111B499A ] BstHdLogRotatorSvc C:\Program Files\BlueStacks\HD-LogRotatorService.exe
09:01:03.0131 0x13dc  BstHdLogRotatorSvc - ok
09:01:03.0169 0x13dc  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:01:03.0193 0x13dc  BTHMODEM - ok
09:01:03.0240 0x13dc  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
09:01:03.0285 0x13dc  bthserv - ok
09:01:03.0477 0x13dc  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
09:01:03.0589 0x13dc  c2cautoupdatesvc - ok
09:01:03.0719 0x13dc  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc       C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
09:01:03.0846 0x13dc  c2cpnrsvc - ok
09:01:03.0943 0x13dc  catchme - ok
09:01:03.0983 0x13dc  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:01:04.0043 0x13dc  cdfs - ok
09:01:04.0075 0x13dc  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:01:04.0115 0x13dc  cdrom - ok
09:01:04.0155 0x13dc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:01:04.0185 0x13dc  CertPropSvc - ok
09:01:04.0227 0x13dc  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:01:04.0280 0x13dc  circlass - ok
09:01:04.0349 0x13dc  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
09:01:04.0379 0x13dc  CLFS - ok
09:01:04.0451 0x13dc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:01:04.0481 0x13dc  clr_optimization_v2.0.50727_32 - ok
09:01:04.0543 0x13dc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:01:04.0583 0x13dc  clr_optimization_v4.0.30319_32 - ok
09:01:04.0620 0x13dc  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:01:04.0645 0x13dc  CmBatt - ok
09:01:04.0676 0x13dc  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:01:04.0710 0x13dc  cmdide - ok
09:01:04.0767 0x13dc  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
09:01:04.0827 0x13dc  CNG - ok
09:01:04.0846 0x13dc  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:01:04.0869 0x13dc  Compbatt - ok
09:01:04.0914 0x13dc  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:01:04.0931 0x13dc  CompositeBus - ok
09:01:04.0951 0x13dc  COMSysApp - ok
09:01:04.0985 0x13dc  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:01:05.0003 0x13dc  crcdisk - ok
09:01:05.0055 0x13dc  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:01:05.0105 0x13dc  CryptSvc - ok
09:01:05.0177 0x13dc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:01:05.0247 0x13dc  DcomLaunch - ok
09:01:05.0299 0x13dc  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
09:01:05.0369 0x13dc  defragsvc - ok
09:01:05.0431 0x13dc  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:01:05.0481 0x13dc  DfsC - ok
09:01:05.0543 0x13dc  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:01:05.0613 0x13dc  Dhcp - ok
09:01:05.0735 0x13dc  [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:01:05.0960 0x13dc  DiagTrack - ok
09:01:05.0999 0x13dc  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
09:01:06.0055 0x13dc  discache - ok
09:01:06.0087 0x13dc  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:01:06.0117 0x13dc  Disk - ok
09:01:06.0168 0x13dc  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:01:06.0301 0x13dc  Dnscache - ok
09:01:06.0370 0x13dc  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:01:06.0491 0x13dc  dot3svc - ok
09:01:06.0575 0x13dc  [ B5E479EB83707DD698F66953E922042C, 82891A4699F180A20EB25A0EC49A7E008B007A374BAA3279483AC1C95D125FE8 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
09:01:06.0637 0x13dc  Dot4 - ok
09:01:06.0677 0x13dc  [ CAEFD09B6A6249C53A67D55A9A9FCABF, A76C951EA8A830E5BA22D8D393A946BBAEEDB76478539F647E58199B383F786B ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:01:06.0697 0x13dc  Dot4Print - ok
09:01:06.0737 0x13dc  [ CF491FF38D62143203C065260567E2F7, 4315FD8FC88CF627EBE469A2DF0F280B17C95D3004FC7A93D6F8E47F0D91A037 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
09:01:06.0777 0x13dc  dot4usb - ok
09:01:06.0827 0x13dc  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
09:01:06.0887 0x13dc  DPS - ok
09:01:06.0939 0x13dc  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:01:06.0969 0x13dc  drmkaud - ok
09:01:07.0059 0x13dc  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:01:07.0150 0x13dc  DXGKrnl - ok
09:01:07.0191 0x13dc  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
09:01:07.0251 0x13dc  EapHost - ok
09:01:07.0393 0x13dc  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
09:01:07.0607 0x13dc  ebdrv - ok
09:01:07.0676 0x13dc  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] EFS             C:\Windows\System32\lsass.exe
09:01:07.0821 0x13dc  EFS - ok
09:01:08.0072 0x13dc  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:01:08.0570 0x13dc  ehRecvr - ok
09:01:08.0613 0x13dc  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
09:01:08.0819 0x13dc  ehSched - ok
09:01:08.0899 0x13dc  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:01:09.0005 0x13dc  elxstor - ok
09:01:09.0069 0x13dc  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:01:09.0145 0x13dc  ErrDev - ok
09:01:09.0274 0x13dc  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
09:01:09.0441 0x13dc  EventSystem - ok
09:01:09.0489 0x13dc  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:01:09.0603 0x13dc  exfat - ok
09:01:09.0643 0x13dc  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:01:09.0786 0x13dc  fastfat - ok
09:01:09.0848 0x13dc  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
09:01:09.0944 0x13dc  Fax - ok
09:01:09.0969 0x13dc  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:01:09.0999 0x13dc  fdc - ok
09:01:10.0034 0x13dc  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
09:01:10.0150 0x13dc  fdPHost - ok
09:01:10.0167 0x13dc  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:01:10.0211 0x13dc  FDResPub - ok
09:01:10.0262 0x13dc  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:01:10.0286 0x13dc  FileInfo - ok
09:01:10.0314 0x13dc  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:01:10.0391 0x13dc  Filetrace - ok
09:01:10.0413 0x13dc  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:01:10.0433 0x13dc  flpydisk - ok
09:01:10.0463 0x13dc  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:01:10.0503 0x13dc  FltMgr - ok
09:01:10.0585 0x13dc  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
09:01:10.0684 0x13dc  FontCache - ok
09:01:10.0797 0x13dc  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:01:10.0837 0x13dc  FontCache3.0.0.0 - ok
09:01:10.0875 0x13dc  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:01:10.0938 0x13dc  FsDepends - ok
09:01:11.0004 0x13dc  [ 1D300E884E4C539239AAF36BC8D0947A, A1CE20E046EC1B0783D6963C6ADCA5BC436A0F0DC794D2490B276F830A0CFF58 ] fspad_wlh32     C:\Windows\system32\DRIVERS\fspad_wlh32.sys
09:01:11.0086 0x13dc  fspad_wlh32 - ok
09:01:11.0139 0x13dc  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:01:11.0169 0x13dc  Fs_Rec - ok
09:01:11.0230 0x13dc  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:01:11.0288 0x13dc  fvevol - ok
09:01:11.0307 0x13dc  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:01:11.0335 0x13dc  gagp30kx - ok
09:01:11.0401 0x13dc  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:01:11.0624 0x13dc  gpsvc - ok
09:01:11.0725 0x13dc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:01:11.0745 0x13dc  gupdate - ok
09:01:11.0773 0x13dc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:01:11.0801 0x13dc  gupdatem - ok
09:01:11.0831 0x13dc  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:01:11.0885 0x13dc  hcw85cir - ok
09:01:11.0957 0x13dc  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:01:12.0016 0x13dc  HdAudAddService - ok
09:01:12.0047 0x13dc  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:01:12.0089 0x13dc  HDAudBus - ok
09:01:12.0109 0x13dc  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:01:12.0157 0x13dc  HidBatt - ok
09:01:12.0187 0x13dc  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:01:12.0221 0x13dc  HidBth - ok
09:01:12.0266 0x13dc  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:01:12.0324 0x13dc  HidIr - ok
09:01:12.0380 0x13dc  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
09:01:12.0466 0x13dc  hidserv - ok
09:01:12.0528 0x13dc  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:01:12.0628 0x13dc  HidUsb - ok
09:01:12.0694 0x13dc  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:01:12.0778 0x13dc  hkmsvc - ok
09:01:13.0097 0x13dc  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:01:13.0165 0x13dc  HomeGroupListener - ok
09:01:13.0237 0x13dc  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:01:13.0267 0x13dc  HomeGroupProvider - ok
09:01:13.0308 0x13dc  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:01:13.0319 0x13dc  HpSAMD - ok
09:01:13.0571 0x13dc  [ 7F437A78C5B0105B67B830D00AD719F8, F84EA4269F1B5DF14D0C027CC0940E047EACB420A9F33CB6C618122187E4AE65 ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
09:01:13.0656 0x13dc  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
09:01:16.0291 0x13dc  Detect skipped due to KSN trusted
09:01:16.0291 0x13dc  HPSLPSVC - ok
09:01:16.0415 0x13dc  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:01:16.0517 0x13dc  HTTP - ok
09:01:16.0589 0x13dc  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:01:16.0609 0x13dc  hwpolicy - ok
09:01:16.0661 0x13dc  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:01:16.0734 0x13dc  i8042prt - ok
09:01:16.0801 0x13dc  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:01:16.0846 0x13dc  IAANTMON - ok
09:01:16.0894 0x13dc  [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:01:16.0921 0x13dc  iaStor - ok
09:01:16.0968 0x13dc  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:01:17.0018 0x13dc  iaStorV - ok
09:01:17.0112 0x13dc  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:01:17.0259 0x13dc  idsvc - ok
09:01:17.0311 0x13dc  IEEtwCollectorService - ok
09:01:17.0340 0x13dc  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:01:17.0388 0x13dc  iirsp - ok
09:01:17.0467 0x13dc  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:01:17.0534 0x13dc  IKEEXT - ok
09:01:17.0623 0x13dc  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:01:17.0643 0x13dc  intelide - ok
09:01:17.0677 0x13dc  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:01:17.0717 0x13dc  intelppm - ok
09:01:17.0789 0x13dc  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:01:17.0839 0x13dc  IPBusEnum - ok
09:01:17.0891 0x13dc  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:01:18.0065 0x13dc  IpFilterDriver - ok
09:01:18.0126 0x13dc  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:01:18.0276 0x13dc  iphlpsvc - ok
09:01:18.0370 0x13dc  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:01:18.0512 0x13dc  IPMIDRV - ok
09:01:18.0572 0x13dc  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:01:18.0632 0x13dc  IPNAT - ok
09:01:18.0658 0x13dc  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:01:18.0684 0x13dc  IRENUM - ok
09:01:18.0756 0x13dc  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:01:18.0776 0x13dc  isapnp - ok
09:01:18.0828 0x13dc  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:01:18.0858 0x13dc  iScsiPrt - ok
09:01:18.0920 0x13dc  [ 65DA9FA42C0972FE5B9B7D6047F06F4C, 602A0A2EA95726FE6988867EB624D911D67D1FA9415AFC96559DE5E031A48FC5 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
09:01:19.0082 0x13dc  JMCR - ok
09:01:19.0118 0x13dc  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:01:19.0134 0x13dc  kbdclass - ok
09:01:19.0183 0x13dc  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:01:19.0225 0x13dc  kbdhid - ok
09:01:19.0250 0x13dc  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] KeyIso          C:\Windows\system32\lsass.exe
09:01:19.0281 0x13dc  KeyIso - ok
09:01:19.0317 0x13dc  [ 4476FE98AAF505ACDCD3EE6360AABEC1, 1573C5B9F1B12FEEE6D771AFF8969FB9D06878B1E0BECCD4AF13DA9F194FB256 ] KMWDFILTERx86   C:\Windows\system32\DRIVERS\KMWDFILTER.sys
09:01:19.0401 0x13dc  KMWDFILTERx86 - ok
09:01:19.0444 0x13dc  [ 5EFBDEF257E891773B22F2544B856C54, BA23313AF76AAEB7842D10FDA890C9E85F2AE7AB26B13A3FAE524D8833A639AE ] KoneFltr        C:\Windows\system32\drivers\Kone.sys
09:01:19.0523 0x13dc  KoneFltr - detected UnsignedFile.Multi.Generic ( 1 )
09:01:22.0214 0x13dc  Detect skipped due to KSN trusted
09:01:22.0214 0x13dc  KoneFltr - ok
09:01:22.0274 0x13dc  [ A1F4064171DB9F314BDABA0B43014CA4, DFAB60F6C8D00DC4AC55D32D797095E82C00F71E33F6EE989B03EE0A1D340FEF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:01:22.0294 0x13dc  KSecDD - ok
09:01:22.0314 0x13dc  [ 8A8BA57DF21630B36B2FAA229AC5B1D1, D6B407D23453E8547B9F64BC8B484A593347E8252A25B9637BA8F8C067B1E057 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:01:22.0347 0x13dc  KSecPkg - ok
09:01:22.0386 0x13dc  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:01:22.0446 0x13dc  KtmRm - ok
09:01:22.0498 0x13dc  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:01:22.0568 0x13dc  LanmanServer - ok
09:01:22.0650 0x13dc  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:01:22.0698 0x13dc  LanmanWorkstation - ok
09:01:22.0735 0x13dc  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:01:22.0789 0x13dc  lltdio - ok
09:01:22.0822 0x13dc  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:01:22.0882 0x13dc  lltdsvc - ok
09:01:22.0909 0x13dc  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:01:22.0954 0x13dc  lmhosts - ok
09:01:23.0026 0x13dc  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:01:23.0056 0x13dc  LSI_FC - ok
09:01:23.0108 0x13dc  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:01:23.0128 0x13dc  LSI_SAS - ok
09:01:23.0148 0x13dc  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:01:23.0174 0x13dc  LSI_SAS2 - ok
09:01:23.0202 0x13dc  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:01:23.0230 0x13dc  LSI_SCSI - ok
09:01:23.0260 0x13dc  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:01:23.0320 0x13dc  luafv - ok
09:01:23.0335 0x13dc  massfilter - ok
09:01:23.0412 0x13dc  [ 40C7F4B63337414F967AC53E0520B06B, 1E42F17F17B8BF748EFB15112EDA2DBD76761A011673B654020084AEC02089F1 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:01:23.0432 0x13dc  MBAMProtector - ok
09:01:23.0604 0x13dc  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
09:01:23.0697 0x13dc  MBAMService - ok
09:01:23.0741 0x13dc  [ 63254775FE0F974F5316B4EC3F163038, 05C83C2A8C29075C25E506AA4554906096320DF5517EE550724A1DE35A7A5206 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:01:23.0758 0x13dc  MBAMWebAccessControl - ok
09:01:23.0814 0x13dc  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:01:23.0840 0x13dc  Mcx2Svc - ok
09:01:23.0884 0x13dc  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:01:23.0902 0x13dc  megasas - ok
09:01:23.0935 0x13dc  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:01:23.0964 0x13dc  MegaSR - ok
09:01:24.0004 0x13dc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
09:01:24.0086 0x13dc  MMCSS - ok
09:01:24.0118 0x13dc  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
09:01:24.0188 0x13dc  Modem - ok
09:01:24.0216 0x13dc  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:01:24.0230 0x13dc  monitor - ok
09:01:24.0282 0x13dc  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:01:24.0292 0x13dc  mouclass - ok
09:01:24.0322 0x13dc  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:01:24.0364 0x13dc  mouhid - ok
09:01:24.0414 0x13dc  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:01:24.0434 0x13dc  mountmgr - ok
09:01:24.0506 0x13dc  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:01:24.0624 0x13dc  MozillaMaintenance - ok
09:01:24.0708 0x13dc  [ F112DA773EC3E9D3CDE9221ED300E033, 693C416B281DA3489C096812D0E4E0413C05798D36AF534624C3B29551CE68A4 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:01:24.0738 0x13dc  MpFilter - ok
09:01:24.0790 0x13dc  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:01:24.0820 0x13dc  mpio - ok
09:01:24.0972 0x13dc  [ BB7BB66A8DAF16950F83AE7BF498AF8F, A96FC3BE055C52B98E7ECDF68D69081620F829B04B5496C73D87F271E40EA638 ] MpKslc42fb5f1   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{34250174-1B5F-487A-BD55-D03925DF28D0}\MpKslc42fb5f1.sys
09:01:24.0992 0x13dc  MpKslc42fb5f1 - ok
09:01:25.0033 0x13dc  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:01:25.0074 0x13dc  mpsdrv - ok
09:01:25.0146 0x13dc  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:01:25.0241 0x13dc  MpsSvc - ok
09:01:25.0278 0x13dc  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:01:25.0318 0x13dc  MRxDAV - ok
09:01:25.0380 0x13dc  [ 01C5B803F6E1FDF8F16F0763DA9B997D, 721B5C6E8E71453D6494971C14CFD93F1A180098D4EE35572EAACEF6FC6B0442 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:01:25.0431 0x13dc  mrxsmb - ok
09:01:25.0469 0x13dc  [ C48A8284F018BEAAFC7A027A570D9C84, DD29ACC08E9F57ED426D11F8A3E2F0EA53F373200D249225627124F65D1EC1BD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:01:25.0542 0x13dc  mrxsmb10 - ok
09:01:25.0572 0x13dc  [ C1CC047CE391BB88350379153BC1C8FA, 2DC83A61F871A87CFC6E56BF5F164271E7E72694B33E58D842F5759A3DE8F4C7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:01:25.0632 0x13dc  mrxsmb20 - ok
09:01:25.0694 0x13dc  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:01:25.0714 0x13dc  msahci - ok
09:01:25.0744 0x13dc  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:01:25.0773 0x13dc  msdsm - ok
09:01:25.0806 0x13dc  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
09:01:25.0856 0x13dc  MSDTC - ok
09:01:25.0918 0x13dc  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:01:25.0998 0x13dc  Msfs - ok
09:01:26.0034 0x13dc  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:01:26.0108 0x13dc  mshidkmdf - ok
09:01:26.0176 0x13dc  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:01:26.0220 0x13dc  msisadrv - ok
09:01:26.0270 0x13dc  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:01:26.0338 0x13dc  MSiSCSI - ok
09:01:26.0353 0x13dc  msiserver - ok
09:01:26.0381 0x13dc  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:01:26.0455 0x13dc  MSKSSRV - ok
09:01:26.0550 0x13dc  [ CC09BB7FDEFC5763CCB3CF7DAE2D76CF, F8F00900EDBA2F64BF136DD0B6C83CAF07C72F24F3D49C78B7EA24757FDBC6D0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:01:26.0580 0x13dc  MsMpSvc - ok
09:01:26.0622 0x13dc  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:01:26.0672 0x13dc  MSPCLOCK - ok
09:01:26.0697 0x13dc  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:01:26.0770 0x13dc  MSPQM - ok
09:01:26.0816 0x13dc  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:01:26.0846 0x13dc  MsRPC - ok
09:01:26.0920 0x13dc  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:01:27.0006 0x13dc  mssmbios - ok
09:01:27.0042 0x13dc  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:01:27.0245 0x13dc  MSTEE - ok
09:01:27.0266 0x13dc  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:01:27.0308 0x13dc  MTConfig - ok
09:01:27.0328 0x13dc  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:01:27.0358 0x13dc  Mup - ok
09:01:27.0410 0x13dc  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
09:01:27.0470 0x13dc  napagent - ok
09:01:27.0522 0x13dc  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:01:27.0562 0x13dc  NativeWifiP - ok
09:01:27.0644 0x13dc  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:01:27.0698 0x13dc  NDIS - ok
09:01:27.0730 0x13dc  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:01:27.0785 0x13dc  NdisCap - ok
09:01:27.0813 0x13dc  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:01:27.0886 0x13dc  NdisTapi - ok
09:01:27.0958 0x13dc  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:01:28.0018 0x13dc  Ndisuio - ok
09:01:28.0070 0x13dc  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:01:28.0150 0x13dc  NdisWan - ok
09:01:28.0192 0x13dc  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:01:28.0232 0x13dc  NDProxy - ok
09:01:28.0354 0x13dc  [ 510C138564486FF926A3F773205C63D1, 50FBB8555C284ED22F71D99750899321B63E3B4C255174FE9B4F31084F9A34B1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:01:28.0374 0x13dc  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:01:30.0996 0x13dc  Detect skipped due to KSN trusted
09:01:30.0996 0x13dc  Net Driver HPZ12 - ok
09:01:31.0038 0x13dc  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:01:31.0085 0x13dc  NetBIOS - ok
09:01:31.0134 0x13dc  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:01:31.0195 0x13dc  NetBT - ok
09:01:31.0224 0x13dc  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] Netlogon        C:\Windows\system32\lsass.exe
09:01:31.0251 0x13dc  Netlogon - ok
09:01:31.0304 0x13dc  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
09:01:31.0379 0x13dc  Netman - ok
09:01:31.0422 0x13dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:01:31.0453 0x13dc  NetMsmqActivator - ok
09:01:31.0491 0x13dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:01:31.0511 0x13dc  NetPipeActivator - ok
09:01:31.0549 0x13dc  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
09:01:31.0614 0x13dc  netprofm - ok
09:01:31.0657 0x13dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:01:31.0685 0x13dc  NetTcpActivator - ok
09:01:31.0701 0x13dc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:01:31.0724 0x13dc  NetTcpPortSharing - ok
09:01:31.0754 0x13dc  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:01:31.0776 0x13dc  nfrd960 - ok
09:01:31.0847 0x13dc  [ 780FF28BCD8470C5FDDEEF69982AA295, 1ED386E87E0AA733F23D554D2BF4EF4168DB9A419B7BA0BA8FBA20F118BE21DF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:01:31.0874 0x13dc  NisDrv - ok
09:01:31.0936 0x13dc  [ 3FF257F54649D4F19E39263C5D581CD1, 1F201EEE770A452AA30C6270AAA456A77F9F3A102F473E12C22D3B8809932C1B ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
09:01:31.0984 0x13dc  NisSrv - ok
09:01:32.0031 0x13dc  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:01:32.0136 0x13dc  NlaSvc - ok
09:01:32.0187 0x13dc  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:01:32.0238 0x13dc  Npfs - ok
09:01:32.0310 0x13dc  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
09:01:32.0387 0x13dc  nsi - ok
09:01:32.0414 0x13dc  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:01:32.0460 0x13dc  nsiproxy - ok
09:01:32.0568 0x13dc  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:01:32.0894 0x13dc  Ntfs - ok
09:01:32.0971 0x13dc  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
09:01:33.0109 0x13dc  Null - ok
09:01:33.0202 0x13dc  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
09:01:33.0231 0x13dc  NVHDA - ok
09:01:33.0792 0x13dc  [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:01:34.0404 0x13dc  nvlddmkm - ok
09:01:34.0529 0x13dc  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:01:34.0554 0x13dc  nvraid - ok
09:01:34.0578 0x13dc  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:01:34.0607 0x13dc  nvstor - ok
09:01:34.0666 0x13dc  [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc           C:\Windows\system32\nvvsvc.exe
09:01:34.0734 0x13dc  nvsvc - ok
09:01:34.0767 0x13dc  nvvad_WaveExtensible - ok
09:01:34.0815 0x13dc  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:01:34.0841 0x13dc  nv_agp - ok
09:01:34.0944 0x13dc  [ 6ABC0333409E7AB86BA610BCF5BDDF7B, 9387F8B3BD8BAD117F10F0D357351991F7BDDEC458F4C787D836BF50BE3DFE14 ] NxpCap          C:\Windows\system32\DRIVERS\NxpCap.sys
09:01:35.0160 0x13dc  NxpCap - ok
09:01:35.0253 0x13dc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:01:35.0295 0x13dc  odserv - ok
09:01:35.0350 0x13dc  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:01:35.0391 0x13dc  ohci1394 - ok
09:01:35.0438 0x13dc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:01:35.0462 0x13dc  ose - ok
09:01:35.0518 0x13dc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:01:35.0588 0x13dc  p2pimsvc - ok
09:01:35.0634 0x13dc  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:01:35.0677 0x13dc  p2psvc - ok
09:01:35.0708 0x13dc  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:01:35.0748 0x13dc  Parport - ok
09:01:35.0799 0x13dc  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:01:35.0820 0x13dc  partmgr - ok
09:01:35.0855 0x13dc  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
09:01:35.0891 0x13dc  Parvdm - ok
09:01:35.0947 0x13dc  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:01:36.0003 0x13dc  PcaSvc - ok
09:01:36.0053 0x13dc  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
09:01:36.0079 0x13dc  pci - ok
09:01:36.0146 0x13dc  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:01:36.0177 0x13dc  pciide - ok
09:01:36.0226 0x13dc  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:01:36.0255 0x13dc  pcmcia - ok
09:01:36.0295 0x13dc  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:01:36.0316 0x13dc  pcw - ok
09:01:36.0436 0x13dc  [ C1C3BAF078BE5A14384A4BA2D730817D, 6E4D2F73A1CB250B3EE270CCE806A37EB2140E34EAF9F48C45CC12D2A451AA16 ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
09:01:36.0488 0x13dc  PDFProFiltSrvPP - ok
09:01:36.0588 0x13dc  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:01:36.0674 0x13dc  PEAUTH - ok
09:01:36.0827 0x13dc  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
09:01:36.0937 0x13dc  pla - ok
09:01:37.0001 0x13dc  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:01:37.0090 0x13dc  PlugPlay - ok
09:01:37.0152 0x13dc  [ 37E5E8FFBAD35605DAEEC3224EA0E465, E3A9BE275D3C8A3E143DF3A795964E9860A1F6C18BE36F8FE552E954435AC927 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:01:37.0182 0x13dc  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:01:39.0874 0x13dc  Detect skipped due to KSN trusted
09:01:39.0874 0x13dc  Pml Driver HPZ12 - ok
09:01:39.0903 0x13dc  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:01:39.0930 0x13dc  PNRPAutoReg - ok
09:01:39.0966 0x13dc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:01:39.0996 0x13dc  PNRPsvc - ok
09:01:40.0048 0x13dc  [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32         C:\Windows\system32\DRIVERS\point32.sys
09:01:40.0068 0x13dc  Point32 - ok
09:01:40.0120 0x13dc  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:01:40.0190 0x13dc  PolicyAgent - ok
09:01:40.0279 0x13dc  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
09:01:40.0312 0x13dc  Power - ok
09:01:40.0374 0x13dc  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:01:40.0453 0x13dc  PptpMiniport - ok
09:01:40.0524 0x13dc  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:01:40.0570 0x13dc  Processor - ok
09:01:40.0615 0x13dc  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:01:40.0696 0x13dc  ProfSvc - ok
09:01:40.0716 0x13dc  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:01:40.0745 0x13dc  ProtectedStorage - ok
09:01:40.0777 0x13dc  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:01:40.0818 0x13dc  Psched - ok
09:01:40.0910 0x13dc  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:01:41.0009 0x13dc  ql2300 - ok
09:01:41.0049 0x13dc  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:01:41.0087 0x13dc  ql40xx - ok
09:01:41.0132 0x13dc  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
09:01:41.0194 0x13dc  QWAVE - ok
09:01:41.0223 0x13dc  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:01:41.0263 0x13dc  QWAVEdrv - ok
09:01:41.0287 0x13dc  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:01:41.0348 0x13dc  RasAcd - ok
09:01:41.0378 0x13dc  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:01:41.0423 0x13dc  RasAgileVpn - ok
09:01:41.0457 0x13dc  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
09:01:41.0524 0x13dc  RasAuto - ok
09:01:41.0578 0x13dc  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:01:41.0616 0x13dc  Rasl2tp - ok
09:01:41.0678 0x13dc  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
09:01:41.0738 0x13dc  RasMan - ok
09:01:41.0790 0x13dc  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:01:41.0840 0x13dc  RasPppoe - ok
09:01:41.0866 0x13dc  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:01:41.0912 0x13dc  RasSstp - ok
09:01:41.0954 0x1194  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
09:01:42.0015 0x13dc  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:01:42.0076 0x13dc  rdbss - ok
09:01:42.0118 0x13dc  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:01:42.0138 0x13dc  rdpbus - ok
09:01:42.0189 0x13dc  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:01:42.0230 0x13dc  RDPCDD - ok
09:01:42.0277 0x13dc  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:01:42.0347 0x13dc  RDPENCDD - ok
09:01:42.0388 0x13dc  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:01:42.0471 0x13dc  RDPREFMP - ok
09:01:42.0585 0x13dc  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:01:42.0715 0x13dc  RdpVideoMiniport - ok
09:01:42.0787 0x13dc  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:01:42.0842 0x13dc  RDPWD - ok
09:01:42.0944 0x13dc  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:01:42.0983 0x13dc  rdyboost - ok
09:01:43.0026 0x13dc  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:01:43.0066 0x13dc  RemoteAccess - ok
09:01:43.0118 0x13dc  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:01:43.0158 0x13dc  RemoteRegistry - ok
09:01:43.0195 0x13dc  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:01:43.0269 0x13dc  RpcEptMapper - ok
09:01:43.0300 0x13dc  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
09:01:43.0346 0x13dc  RpcLocator - ok
09:01:43.0411 0x13dc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
09:01:43.0468 0x13dc  RpcSs - ok
09:01:43.0506 0x13dc  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:01:43.0572 0x13dc  rspndr - ok
09:01:43.0682 0x13dc  [ B5E9979FBB26FC059BD87A81F763D5DA, 1EE2FB1CB2F86FBE1589ACE3542E0003CC88499406A3EF37073CCA45651F493D ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
09:01:43.0885 0x13dc  rtl8192se - ok
09:01:43.0913 0x13dc  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] SamSs           C:\Windows\system32\lsass.exe
09:01:43.0934 0x13dc  SamSs - ok
09:01:43.0994 0x13dc  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:01:44.0024 0x13dc  sbp2port - ok
09:01:44.0065 0x13dc  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:01:44.0106 0x13dc  SCardSvr - ok
09:01:44.0168 0x13dc  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:01:44.0208 0x13dc  scfilter - ok
09:01:44.0290 0x13dc  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
09:01:44.0384 0x13dc  Schedule - ok
09:01:44.0437 0x13dc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:01:44.0495 0x13dc  SCPolicySvc - ok
09:01:44.0572 0x13dc  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
09:01:44.0659 0x13dc  sdbus - ok
09:01:44.0730 0x13dc  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:01:44.0784 0x13dc  SDRSVC - ok
09:01:44.0825 0x13dc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:01:44.0866 0x13dc  secdrv - ok
09:01:44.0895 0x1194  Object send P2P result: true
09:01:44.0903 0x13dc  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
09:01:45.0017 0x13dc  seclogon - ok
09:01:45.0053 0x13dc  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
09:01:45.0128 0x13dc  SENS - ok
09:01:45.0165 0x13dc  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:01:45.0250 0x13dc  SensrSvc - ok
09:01:45.0315 0x13dc  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:01:45.0345 0x13dc  Serenum - ok
09:01:45.0375 0x13dc  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:01:45.0409 0x13dc  Serial - ok
09:01:45.0441 0x13dc  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:01:45.0487 0x13dc  sermouse - ok
09:01:45.0585 0x13dc  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:01:45.0658 0x13dc  SessionEnv - ok
09:01:45.0703 0x13dc  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:01:45.0764 0x13dc  sffdisk - ok
09:01:45.0794 0x13dc  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:01:45.0829 0x13dc  sffp_mmc - ok
09:01:45.0854 0x13dc  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:01:45.0904 0x13dc  sffp_sd - ok
09:01:45.0926 0x13dc  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:01:45.0971 0x13dc  sfloppy - ok
09:01:46.0032 0x13dc  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:01:46.0092 0x13dc  SharedAccess - ok
09:01:46.0169 0x13dc  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:01:46.0256 0x13dc  ShellHWDetection - ok
09:01:46.0298 0x13dc  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:01:46.0324 0x13dc  sisagp - ok
09:01:46.0378 0x13dc  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:01:46.0454 0x13dc  SiSRaid2 - ok
09:01:46.0499 0x13dc  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:01:46.0540 0x13dc  SiSRaid4 - ok
09:01:46.0646 0x13dc  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:01:46.0726 0x13dc  SkypeUpdate - ok
09:01:46.0779 0x13dc  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:01:46.0955 0x13dc  Smb - ok
09:01:47.0149 0x13dc  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:01:47.0189 0x13dc  SNMPTRAP - ok
09:01:47.0229 0x13dc  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:01:47.0288 0x13dc  spldr - ok
09:01:47.0359 0x13dc  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
09:01:47.0480 0x13dc  Spooler - ok
09:01:47.0652 0x13dc  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
09:01:47.0890 0x13dc  sppsvc - ok
09:01:47.0960 0x13dc  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:01:48.0016 0x13dc  sppuinotify - ok
09:01:48.0060 0x13dc  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:01:48.0127 0x13dc  srv - ok
09:01:48.0189 0x13dc  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:01:48.0239 0x13dc  srv2 - ok
09:01:48.0305 0x13dc  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:01:48.0321 0x13dc  srvnet - ok
09:01:48.0379 0x13dc  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:01:48.0433 0x13dc  SSDPSRV - ok
09:01:48.0478 0x13dc  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:01:48.0525 0x13dc  SstpSvc - ok
09:01:48.0689 0x13dc  [ EBD47669FB312B4944EE7D057F182ADB, 97A99026D3EE46C741A55A0D4EB61654011545BF2E68D9040E9E374324747742 ] STacSV          c:\program files\idt\wdm\STacSV.exe
09:01:48.0761 0x13dc  STacSV - ok
09:01:48.0871 0x13dc  [ 5DA84663B5DC64AF9D5E944D809A6099, C5D427F019081BF93C08391845E7B22A9AFCE7D3A6E6F8EA1F36566F05F9843E ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:01:48.0921 0x13dc  Stereo Service - ok
09:01:48.0969 0x13dc  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:01:48.0995 0x13dc  stexstor - ok
09:01:49.0067 0x13dc  [ 11FD7CFDBC623372552A430064E85D58, 46E891F167BD357EA527789AA5FB93353F8975DD3BA4F370B33F6467B380107C ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
09:01:49.0133 0x13dc  STHDA - ok
09:01:49.0224 0x13dc  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:01:49.0287 0x13dc  StiSvc - ok
09:01:49.0333 0x13dc  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:01:49.0357 0x13dc  swenum - ok
09:01:49.0408 0x13dc  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
09:01:49.0505 0x13dc  swprv - ok
09:01:49.0647 0x13dc  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
09:01:49.0761 0x13dc  SysMain - ok
09:01:49.0819 0x13dc  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:01:49.0849 0x13dc  TabletInputService - ok
09:01:49.0911 0x13dc  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:01:49.0981 0x13dc  TapiSrv - ok
09:01:50.0019 0x13dc  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
09:01:50.0083 0x13dc  TBS - ok
09:01:50.0185 0x13dc  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:01:50.0265 0x13dc  Tcpip - ok
09:01:50.0349 0x13dc  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:01:50.0414 0x13dc  TCPIP6 - ok
09:01:50.0527 0x13dc  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:01:50.0557 0x13dc  tcpipreg - ok
09:01:50.0639 0x13dc  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:01:50.0699 0x13dc  TDPIPE - ok
09:01:50.0746 0x13dc  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:01:50.0761 0x13dc  TDTCP - ok
09:01:50.0791 0x13dc  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:01:50.0817 0x13dc  tdx - ok
09:01:50.0836 0x13dc  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:01:50.0858 0x13dc  TermDD - ok
09:01:50.0953 0x13dc  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
09:01:51.0035 0x13dc  TermService - ok
09:01:51.0097 0x13dc  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
09:01:51.0127 0x13dc  Themes - ok
09:01:51.0156 0x13dc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:01:51.0198 0x13dc  THREADORDER - ok
09:01:51.0230 0x13dc  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
09:01:51.0299 0x13dc  TrkWks - ok
09:01:51.0411 0x13dc  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:01:51.0461 0x13dc  TrustedInstaller - ok
09:01:51.0543 0x13dc  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:01:51.0573 0x13dc  tssecsrv - ok
09:01:51.0625 0x13dc  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:01:51.0645 0x13dc  TsUsbFlt - ok
09:01:51.0697 0x13dc  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:01:51.0767 0x13dc  tunnel - ok
09:01:51.0806 0x13dc  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:01:51.0828 0x13dc  uagp35 - ok
09:01:51.0869 0x13dc  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:01:51.0929 0x13dc  udfs - ok
09:01:51.0989 0x13dc  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:01:52.0041 0x13dc  UI0Detect - ok
09:01:52.0113 0x13dc  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:01:52.0133 0x13dc  uliagpkx - ok
09:01:52.0185 0x13dc  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
09:01:52.0205 0x13dc  umbus - ok
09:01:52.0255 0x13dc  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:01:52.0277 0x13dc  UmPass - ok
09:01:52.0339 0x13dc  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
09:01:52.0411 0x13dc  upnphost - ok
09:01:52.0450 0x13dc  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:01:52.0477 0x13dc  usbccgp - ok
09:01:52.0541 0x13dc  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:01:52.0611 0x13dc  usbcir - ok
09:01:52.0649 0x13dc  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:01:52.0673 0x13dc  usbehci - ok
09:01:52.0745 0x13dc  [ B96D1207D72E8EEAFE61DFEA3DCAA02A, 56A2AC5F96472EE34C26F732F209F7117C1506F4E143EBE1E788E32D4F12A83A ] usbglcs1080101  C:\Windows\System32\Drivers\usbglcs1080101.sys
09:01:52.0775 0x13dc  usbglcs1080101 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:02.0934 0x13dc  usbglcs1080101 ( UnsignedFile.Multi.Generic ) - warning
09:02:06.0700 0x13dc  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:02:06.0741 0x13dc  usbhub - ok
09:02:06.0780 0x13dc  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:02:06.0801 0x13dc  usbohci - ok
09:02:06.0855 0x13dc  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:02:06.0885 0x13dc  usbprint - ok
09:02:06.0947 0x13dc  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:02:06.0967 0x13dc  usbscan - ok
09:02:07.0029 0x13dc  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:02:07.0059 0x13dc  USBSTOR - ok
09:02:07.0092 0x13dc  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:02:07.0101 0x13dc  usbuhci - ok
09:02:07.0193 0x13dc  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:02:07.0228 0x13dc  usbvideo - ok
09:02:07.0275 0x13dc  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
09:02:07.0364 0x13dc  UxSms - ok
09:02:07.0394 0x13dc  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] VaultSvc        C:\Windows\system32\lsass.exe
09:02:07.0431 0x13dc  VaultSvc - ok
09:02:07.0491 0x13dc  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:02:07.0511 0x13dc  vdrvroot - ok
09:02:07.0588 0x13dc  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
09:02:07.0701 0x13dc  vds - ok
09:02:07.0749 0x13dc  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:02:07.0779 0x13dc  vga - ok
09:02:07.0823 0x13dc  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:02:07.0861 0x13dc  VgaSave - ok
09:02:07.0913 0x13dc  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:02:07.0943 0x13dc  vhdmp - ok
09:02:07.0979 0x13dc  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:02:08.0001 0x13dc  viaagp - ok
09:02:08.0034 0x13dc  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
09:02:08.0065 0x13dc  ViaC7 - ok
09:02:08.0125 0x13dc  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:02:08.0145 0x13dc  viaide - ok
09:02:08.0155 0x13dc  vmci - ok
09:02:08.0183 0x13dc  VMnetAdapter - ok
09:02:08.0215 0x13dc  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:02:08.0237 0x13dc  volmgr - ok
09:02:08.0307 0x13dc  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:02:08.0337 0x13dc  volmgrx - ok
09:02:08.0384 0x13dc  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:02:08.0414 0x13dc  volsnap - ok
09:02:08.0459 0x13dc  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:02:08.0489 0x13dc  vsmraid - ok
09:02:08.0581 0x13dc  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
09:02:08.0725 0x13dc  VSS - ok
09:02:08.0775 0x13dc  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:02:08.0795 0x13dc  vwifibus - ok
09:02:08.0846 0x13dc  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:02:08.0890 0x13dc  vwififlt - ok
09:02:08.0934 0x13dc  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:02:08.0960 0x13dc  vwifimp - ok
09:02:09.0017 0x13dc  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
09:02:09.0085 0x13dc  W32Time - ok
09:02:09.0140 0x13dc  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:02:09.0170 0x13dc  WacomPen - ok
09:02:09.0204 0x13dc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:02:09.0250 0x13dc  WANARP - ok
09:02:09.0273 0x13dc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:02:09.0316 0x13dc  Wanarpv6 - ok
09:02:09.0397 0x13dc  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
09:02:09.0521 0x13dc  wbengine - ok
09:02:09.0603 0x13dc  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:02:09.0643 0x13dc  WbioSrvc - ok
09:02:09.0705 0x13dc  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:02:09.0775 0x13dc  wcncsvc - ok
09:02:09.0814 0x13dc  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:02:09.0890 0x13dc  WcsPlugInService - ok
09:02:09.0947 0x13dc  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:02:09.0967 0x13dc  Wd - ok
09:02:10.0039 0x13dc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:02:10.0086 0x13dc  Wdf01000 - ok
09:02:10.0151 0x13dc  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:02:10.0191 0x13dc  WdiServiceHost - ok
09:02:10.0221 0x13dc  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:02:10.0250 0x13dc  WdiSystemHost - ok
09:02:10.0320 0x13dc  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
09:02:10.0413 0x13dc  WebClient - ok
09:02:10.0463 0x13dc  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:02:10.0555 0x13dc  Wecsvc - ok
09:02:10.0589 0x13dc  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:02:10.0637 0x13dc  wercplsupport - ok
09:02:10.0668 0x13dc  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
09:02:10.0731 0x13dc  WerSvc - ok
09:02:10.0765 0x13dc  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:02:10.0807 0x13dc  WfpLwf - ok
09:02:10.0845 0x13dc  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:02:10.0867 0x13dc  WIMMount - ok
09:02:10.0969 0x13dc  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:02:11.0087 0x13dc  WinDefend - ok
09:02:11.0153 0x13dc  WinHttpAutoProxySvc - ok
09:02:11.0235 0x13dc  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:02:11.0285 0x13dc  Winmgmt - ok
09:02:11.0387 0x13dc  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:02:11.0501 0x13dc  WinRM - ok
09:02:11.0597 0x13dc  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:02:11.0633 0x13dc  WinUsb - ok
09:02:11.0695 0x13dc  [ 20A97B632A76CC977FCFB98F28CAAAB3, E99B7043CA582AA487C9E4197B52C3338BCBB9F3CA4B86E0DF0797644A21A56E ] WisLMSvc        C:\Program Files\Launch Manager\WisLMSvc.exe
09:02:11.0705 0x13dc  WisLMSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:02:14.0331 0x13dc  Detect skipped due to KSN trusted
09:02:14.0331 0x13dc  WisLMSvc - ok
09:02:14.0434 0x13dc  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:02:14.0547 0x13dc  Wlansvc - ok
09:02:14.0697 0x13dc  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:02:14.0828 0x13dc  wlidsvc - ok
09:02:14.0918 0x13dc  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:02:14.0951 0x13dc  WmiAcpi - ok
09:02:15.0021 0x13dc  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:02:15.0164 0x13dc  wmiApSrv - ok
09:02:15.0308 0x13dc  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:02:15.0456 0x13dc  WMPNetworkSvc - ok
09:02:15.0520 0x13dc  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:02:15.0590 0x13dc  WPCSvc - ok
09:02:15.0652 0x13dc  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:02:15.0682 0x13dc  WPDBusEnum - ok
09:02:15.0745 0x13dc  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:02:15.0797 0x13dc  ws2ifsl - ok
09:02:15.0832 0x13dc  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
09:02:15.0872 0x13dc  wscsvc - ok
09:02:15.0897 0x13dc  WSearch - ok
09:02:16.0068 0x13dc  [ B5DCDEF119A729CB493E9070BF9A7E9D, D7706CFE8521206B38F5F1B57EA2F046E14DB4C893868862BEAFC2A83E2E9098 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:02:16.0246 0x13dc  wuauserv - ok
09:02:16.0328 0x13dc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:02:16.0351 0x13dc  WudfPf - ok
09:02:16.0395 0x13dc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:02:16.0420 0x13dc  WUDFRd - ok
09:02:16.0482 0x13dc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:02:16.0512 0x13dc  wudfsvc - ok
09:02:16.0574 0x13dc  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:02:16.0634 0x13dc  WwanSvc - ok
09:02:16.0676 0x13dc  [ 1F93FCB5BAB3A921ECBA522F63586F4A, 0340B73DBC953B50572666EC603E87F253B9CEB9B0489A441A6A2171A04595D8 ] X10Hid          C:\Windows\System32\Drivers\x10hid.sys
09:02:16.0691 0x13dc  X10Hid - ok
09:02:16.0766 0x13dc  [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets         C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
09:02:16.0766 0x13dc  x10nets - detected UnsignedFile.Multi.Generic ( 1 )
09:02:19.0436 0x13dc  Detect skipped due to KSN trusted
09:02:19.0436 0x13dc  x10nets - ok
09:02:19.0499 0x13dc  [ 378DC1B0B1F62A7488EE8D31A3C6E949, 8334CBC479797DC82551D38DFF1AEF5E41E4C6427D410C633DECC95C4FB84C0E ] XUIF            C:\Windows\System32\Drivers\x10ufx2.sys
09:02:19.0518 0x13dc  XUIF - ok
09:02:19.0572 0x13dc  [ 30B73EB97218A16CBC6DE535782A1B35, 5B034F39FA5B902BD6899717F7696871CDAFB8698B48BB0E95DAE51234715A28 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
09:02:19.0615 0x13dc  yukonw7 - ok
09:02:19.0637 0x13dc  ZTEusbmdm6k - ok
09:02:19.0665 0x13dc  ZTEusbnmea - ok
09:02:19.0687 0x13dc  ZTEusbser6k - ok
09:02:19.0835 0x13dc  [ 74EC37B9EAF9FCA015B933A526825C7A, E75D73422B4383210F912B424377D5F2DBBF0E9418A2F450636B689572B1B9F6 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files\CyberLink\PowerDVD9\000.fcl
09:02:19.0855 0x13dc  {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
09:02:19.0855 0x13dc  ================ Scan global ===============================
09:02:19.0905 0x13dc  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
09:02:19.0964 0x13dc  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
09:02:19.0997 0x13dc  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
09:02:20.0037 0x13dc  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:02:20.0089 0x13dc  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
09:02:20.0159 0x13dc  [ Global ] - ok
09:02:20.0159 0x13dc  ================ Scan MBR ==================================
09:02:20.0169 0x13dc  [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
09:02:20.0604 0x13dc  \Device\Harddisk0\DR0 - ok
09:02:20.0619 0x13dc  [ 2E0FE7FC299470E30383716B164CF901 ] \Device\Harddisk1\DR1
09:02:25.0200 0x13dc  \Device\Harddisk1\DR1 - ok
09:02:25.0200 0x13dc  ================ Scan VBR ==================================
09:02:25.0200 0x13dc  [ DCFEBF8147851FA8C5338466A52866A0 ] \Device\Harddisk0\DR0\Partition1
09:02:25.0274 0x13dc  \Device\Harddisk0\DR0\Partition1 - ok
09:02:25.0278 0x13dc  [ 6EAD5B1865953B412EEFAD7782B1B140 ] \Device\Harddisk1\DR1\Partition1
09:02:25.0280 0x13dc  \Device\Harddisk1\DR1\Partition1 - ok
09:02:25.0284 0x13dc  [ B0AF29E0C2C35CF78715E7B918825CAB ] \Device\Harddisk1\DR1\Partition2
09:02:25.0287 0x13dc  \Device\Harddisk1\DR1\Partition2 - ok
09:02:25.0291 0x13dc  [ 92EA47C648983DCE377004192E8B714C ] \Device\Harddisk1\DR1\Partition3
09:02:25.0294 0x13dc  \Device\Harddisk1\DR1\Partition3 - ok
09:02:25.0295 0x13dc  ================ Scan generic autorun ======================
09:02:25.0336 0x13dc  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
09:02:25.0370 0x13dc  IAAnotif - ok
09:02:25.0393 0x13dc  [ 8EC61912834ABC20D177EAA7C53242E3, 16196C8D38EED22F570374BE0F905291D7DA482D5B8CD0A31B1F617761E77B6D ] C:\Program Files\Launch Manager\HotkeyApp.exe
09:02:25.0579 0x13dc  HotkeyApp - detected UnsignedFile.Multi.Generic ( 1 )
09:02:28.0216 0x13dc  Detect skipped due to KSN trusted
09:02:28.0216 0x13dc  HotkeyApp - ok
09:02:28.0236 0x13dc  [ 1833BDB718BF29CAABC29CE7BE42CC85, FC407C69931F56A5AB23F8BB9A9BE4AF504826956B34465E34F807A6D2CC296E ] C:\Program Files\Launch Manager\OSD.exe
09:02:28.0397 0x13dc  LMgrVolOSD - detected UnsignedFile.Multi.Generic ( 1 )
09:02:31.0048 0x13dc  Detect skipped due to KSN trusted
09:02:31.0048 0x13dc  LMgrVolOSD - ok
09:02:31.0098 0x13dc  [ DF057E720CB3B3D055CFD8C0EB9A29DF, 840F6A1461F36B2DE2A8438FA9BEE4E5028DE541DB57B21E6EC58D86BD8E211E ] C:\Program Files\Launch Manager\Wbutton.exe
09:02:31.0128 0x13dc  Wbutton - detected UnsignedFile.Multi.Generic ( 1 )
09:02:33.0772 0x13dc  Detect skipped due to KSN trusted
09:02:33.0772 0x13dc  Wbutton - ok
09:02:33.0842 0x13dc  [ B196AD6815800558ECBBB8F5DE06FABB, 80E615B6F3544131C6FE80CC95939BEC3E0978E49B28C104286780924AD995AD ] C:\Program Files\Cyberlink\Shared Files\brs.exe
09:02:33.0862 0x13dc  BDRegion - ok
09:02:34.0050 0x13dc  [ 18203D433B7DA1AF650E32DC4F89526F, D462994CA1E9CD6712AE6C46720592C7CCB8221B9831EFE8E77AC7FAAE53BDD1 ] C:\Program Files\FSP\fspuip.exe
09:02:34.0324 0x13dc  fspuip - ok
09:02:34.0427 0x13dc  [ B8313D484061A19E9BDC7876212B4000, D88A18848C329E3B8AD67F68C4BB8C6E23C73B58CD10BDB928E792610A6D2303 ] C:\Program Files\simplo\EasyMnt\EasyMnt.exe
09:02:34.0545 0x13dc  EasyMnt - detected UnsignedFile.Multi.Generic ( 1 )
09:02:37.0283 0x13dc  EasyMnt ( UnsignedFile.Multi.Generic ) - warning
09:02:40.0029 0x13dc  [ 10DA1A38FF6E6480B2BA6B2B7163C633, D68868DA36B32DE928A6E3C85C3AF43FA05BD6A23B5E73D6F4BADCCFF238E60D ] C:\Program Files\IDT\WDM\sttray.exe
09:02:40.0079 0x13dc  SysTrayApp - ok
09:02:40.0161 0x13dc  [ 016B31B67ACDF4AEB325FAC166684E5D, 3C22DF4E55554EB16EA2CA5927285C35E2A6C3DE22ACDDCD68492EAFAD4B0A9F ] C:\Program Files\ControlCenter4\BrCcBoot.exe
09:02:40.0349 0x13dc  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:42.0998 0x13dc  Detect skipped due to KSN trusted
09:02:42.0998 0x13dc  ControlCenter4 - ok
09:02:43.0188 0x13dc  [ 84ED734D77A8F8B7E56C954D42731945, 12E51DF14DEE016B7FE53221D58B47DF27E9BB840B49CB334A99A42777570D4A ] C:\Program Files\Browny02\Brother\BrStMonW.exe
09:02:43.0360 0x13dc  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:45.0988 0x13dc  BrStsMon00 ( UnsignedFile.Multi.Generic ) - warning
09:02:48.0911 0x13dc  [ E774F875819DEE4A312A921A88F779FE, 793AE0F4C6173EAABC6A0B533735984ECFAFF7715D5BA8F0CF3F467660DFFC1B ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
09:02:49.0036 0x13dc  IntelliPoint - ok
09:02:49.0179 0x13dc  [ 54FA8528EDA1B6B34615F4EA3FCB35E6, B078821475D6FDED19579A487484D0752DC6E1AA0D1ACA71353C743B00291C61 ] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
09:02:49.0199 0x13dc  CLMLServer - ok
09:02:49.0289 0x13dc  [ 20DE1CDD37A5D3D4177B8D9FEF907D81, F6CE80984852595A677C92B8C555F9B0D398BAE36768E0D6FC7F8C7211D962D2 ] c:\Program Files\Microsoft Security Client\msseces.exe
09:02:49.0361 0x13dc  MSC - ok
09:02:49.0443 0x13dc  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
09:02:49.0491 0x13dc  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
09:02:52.0129 0x13dc  Detect skipped due to KSN trusted
09:02:52.0130 0x13dc  SpybotPostWindows10UpgradeReInstall - ok
09:02:52.0130 0x13dc  Waiting for KSN requests completion. In queue: 3
09:02:53.0133 0x13dc  Waiting for KSN requests completion. In queue: 3
09:02:54.0135 0x13dc  Waiting for KSN requests completion. In queue: 3
09:02:55.0161 0x13dc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
09:02:55.0161 0x13dc  Win FW state via NFP2: enabled ( trusted )
09:02:58.0818 0x13dc  ============================================================
09:02:58.0818 0x13dc  Scan finished
09:02:58.0818 0x13dc  ============================================================
09:02:58.0828 0x11d8  Detected object count: 3
09:02:58.0828 0x11d8  Actual detected object count: 3
09:03:20.0171 0x11d8  usbglcs1080101 ( UnsignedFile.Multi.Generic ) - skipped by user
09:03:20.0171 0x11d8  usbglcs1080101 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:03:20.0171 0x11d8  EasyMnt ( UnsignedFile.Multi.Generic ) - skipped by user
09:03:20.0171 0x11d8  EasyMnt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:03:20.0171 0x11d8  BrStsMon00 ( UnsignedFile.Multi.Generic ) - skipped by user
09:03:20.0171 0x11d8  BrStsMon00 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:03:31.0870 0x0df0  Deinitialize success

GMER läuft nicht durch, bekomme die Meldung, dass GMER nicht mehr funktioniert :-( habe es nach einem neustart nochmal probiert.. leider vergeblich :-( ... ich werde es jetzt nochmal im abgesicherten Modus probieren

auch im abgesichteren Modus bekomme ich die meldung

Was ist zu tun??

Larusso · 29.02.2016, 10:24

Das mit GMER kann schon mal vorkommen.
Malware sehe ich keine.

Versuch bitte einmal einen Clean Reboot
https://support.microsoft.com/de-at/kb/929135

Tritt das Problem hierbei auch auf ?

Forcie0815 · 01.03.2016, 00:10

Hallo Daniel :-)

ich kann auch nichts erkennen

Allerdings hat der saubere Systemstart kaum Veränderungen gebracht

Danach habe ich auf normaler Systemstart gestellt und bekomme ne fehlermeldung nvascap.dll

.. und habe den beknackten live messi wieder in der taskleiste LOL ... den schmeisse ich gleich mal wieder runter

Hatte eh einen benutzerdefinierten systemstart eingerichtet ... wusste ich gar nicht mehr LOL

Meinst du, es könnte an deinen beiden restpartitionen von VMWare liegen, wenn schon keine maleware drauf ist?

Gruss
Sven

Larusso · 01.03.2016, 08:18

Hy.

Sind deine Treiber alle aktuell ?
Die fehlende Datei gehört zu nvidia: NVIDIA Treiber Download

Zitat:

Allerdings hat der saubere Systemstart kaum Veränderungen gebracht

Ich wollte auch wissen, ob es beim sauberen Neustart zu den selben Symptomen kommt.
Dann kann ich nämlich Software ausschließen und nur noch auf Hardware Spezifische Dinge achten aber dafür bin ich eher der Falsche

Forcie0815 · 02.03.2016, 10:26

Hallo Daniel

ich muss ja zugeben, dass ich nicht alle nicht-windows-sachen deaktiviert hatte, wie z.B. intel-und cisco-treiber, da ja die medion-teile doch häufig besondere oder abgespeckte hardware benutzen ....

Ich habe mal aufgeräumt und ne Menge software runtergeschmissen, die ich nicht mehr brauche.

Den NVIDIA-Treiber habe ich auch aktualisiert. Mir war klar, dass es von NVIDIA ne DLL ist; allerdings von NVIDIA Experience; deshalb hatte ich es auch in dem benutzerdefinierten Start herausgenommen :-)

Nun sind die Zeiten zum Rauf- und Runterfahren geringer. Auch die Zeiten zum Programme starten sind erheblich geringer ;-) Allerdings bekomme ich die Eieruhr und bitte warten beim Starten.

Denkst Du, dass die Restpartionen, die aus den Virtuellen Maschinen (mit VMWare eingerichtet und wieder deinstalliert) Probleme verursachen können? Wie bekomme ich die wieder weg, ohne neu zu installieren?

Ich habe mal eine neues FRST durchlaufen lassen:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:24-02-2016
durchgeführt von Sven (Administrator) auf SVEN-SCHLÄPPI (02-03-2016 10:14:10)
Gestartet von C:\Users\Sven\Desktop
Geladene Profile: Sven (Verfügbare Profile: Sven)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\pptd40nt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Simplo) C:\Program Files\simplo\EasyMnt\EasyMnt.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(cyberlink) C:\Program Files\CyberLink\Shared files\brs.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [413696 2009-08-05] (Wistron Corp.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495728 2010-03-29] (IDT, Inc.)
HKLM\...\Run: [PPort12reminder] => "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2009-04-27] (CyberLink Corp.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [LMgrVolOSD] => C:\Program Files\Launch Manager\OSD.exe [343552 2009-07-07] (Wistron Corp.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [IndexSearch] => C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [192000 2009-08-19] (Wistron)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [3342336 2009-11-06] (Sentelic Corporation)
HKLM\...\Run: [EasyMnt] => C:\Program Files\simplo\EasyMnt\EasyMnt.exe [229376 2009-09-16] (Simplo)
HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [2629632 2011-05-19] (Brother Industries, Ltd.)
HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-09-01] (cyberlink)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
AppInit_DLLs: E => Keine Datei
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{04882447-5B50-4AEC-96CB-1A129BA01B22}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\27742ltf.default-1408619963335
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4076600597-2674156493-3598585986-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Sven\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\27742ltf.default-1408619963335\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-24]
FF Extension: QuickJava - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\27742ltf.default-1408619963335\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-02-25]
FF Extension: Adblock Plus - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\27742ltf.default-1408619963335\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]

Chrome: 
=======
CHR Profile: C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-21]
CHR Extension: (Google Docs) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google-Suche) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-21]
CHR Extension: (Avira Browserschutz) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-27]
CHR Extension: (Google Docs Offline) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Google Mail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-08] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 STacSV; c:\program files\idt\wdm\STacSV.exe [225382 2010-03-29] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [113152 2009-03-04] (Wistron Corp.) [Datei ist nicht signiert]
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 KoneFltr; C:\Windows\System32\drivers\Kone.sys [13056 2008-12-11] (ROCCAT Ltd) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [42128 2015-12-18] (NVIDIA Corporation)
S3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
S3 usbglcs1080101; C:\Windows\System32\Drivers\usbglcs1080101.sys [18432 2010-12-24] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-09-01] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Sven\AppData\Local\Temp\catchme.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S0 vmci; system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-01 11:33 - 2015-10-13 16:04 - 00608048 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2016-03-01 11:27 - 2015-10-13 20:01 - 24199344 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2016-03-01 11:27 - 2015-10-13 20:01 - 15293104 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-03-01 11:27 - 2015-10-13 20:01 - 11272048 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-01 11:27 - 2015-10-13 20:01 - 11209376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-01 11:27 - 2015-10-13 20:01 - 10707120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-01 11:27 - 2015-10-13 20:01 - 03987760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-01 11:27 - 2015-10-13 20:01 - 01060656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234192.dll
2016-03-01 11:27 - 2015-10-13 20:01 - 00911536 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234192.dll
2016-03-01 11:27 - 2015-10-13 20:01 - 00907440 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2016-03-01 11:27 - 2015-10-13 20:01 - 00869040 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2016-03-01 11:13 - 2015-12-18 07:11 - 00042128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2016-03-01 11:13 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2016-03-01 00:05 - 2016-03-01 00:05 - 00000000 ____D C:\Users\Sven\AppData\Local\{927F5B6F-2EDB-43FA-945F-3058100E5D98}
2016-02-29 09:06 - 2016-02-29 09:06 - 00380416 _____ C:\Users\Sven\Desktop\Gmer-19357.exe
2016-02-29 08:59 - 2016-02-29 09:03 - 00212960 _____ C:\TDSSKiller.3.1.0.9_29.02.2016_08.59.39_log.txt
2016-02-29 08:58 - 2016-02-29 08:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Sven\Desktop\tdsskiller.exe
2016-02-26 02:12 - 2016-02-26 02:12 - 00001223 _____ C:\mbam26.02.16 suchlauf.txt
2016-02-26 02:10 - 2016-02-26 02:10 - 00001581 _____ C:\mbam26.02.16.txt
2016-02-26 01:55 - 2016-02-26 01:56 - 00032201 _____ C:\Users\Sven\Desktop\Addition.txt
2016-02-26 01:54 - 2016-03-02 10:14 - 00016419 _____ C:\Users\Sven\Desktop\FRST.txt
2016-02-26 01:54 - 2016-03-02 10:14 - 00000000 ____D C:\FRST
2016-02-26 00:58 - 2016-02-26 00:58 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-26 00:58 - 2016-02-26 00:58 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-26 00:57 - 2016-02-26 00:57 - 00000000 ____D C:\Users\Sven\Desktop\msessential
2016-02-26 00:52 - 2016-02-26 00:52 - 01722368 _____ (Farbar) C:\Users\Sven\Desktop\FRST.exe
2016-02-26 00:50 - 2016-02-26 00:50 - 00038297 _____ C:\Users\Sven\Desktop\JRT.txt
2016-02-26 00:46 - 2016-02-26 00:46 - 01609216 _____ (Malwarebytes) C:\Users\Sven\Desktop\JRT.exe
2016-02-26 00:38 - 2016-02-26 00:38 - 01511936 _____ C:\Users\Sven\Desktop\AdwCleaner_5.036.exe
2016-02-26 00:07 - 2016-02-26 00:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-25 23:51 - 2016-02-26 00:36 - 00000000 ____D C:\Users\Sven\Desktop\mbar
2016-02-25 23:49 - 2016-02-25 23:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sven\Desktop\mbar-1.09.3.1001.exe
2016-02-17 21:33 - 2016-02-26 00:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-06 18:51 - 2016-02-06 18:51 - 00100774 ____N C:\Users\Sven\Desktop\lotto 06.02.16.TIF

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-02 10:08 - 2014-09-01 17:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-02 10:08 - 2010-03-14 07:34 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomeCinema
2016-03-02 10:08 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-02 10:08 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-03-02 10:07 - 2009-10-26 12:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-02 09:49 - 2010-10-02 23:29 - 00083456 ___SH C:\Users\Sven\Thumbs.db
2016-03-02 09:49 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-02 09:49 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-02 09:39 - 2014-09-01 17:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-01 12:17 - 2012-12-18 23:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-01 12:15 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-01 12:09 - 2010-03-14 09:55 - 00083744 _____ C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-01 12:08 - 2009-07-14 05:33 - 00344328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-01 12:06 - 2009-10-26 13:52 - 00000000 ____D C:\Program Files\Microsoft Works
2016-03-01 12:06 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-01 11:58 - 2013-03-14 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-01 11:58 - 2012-06-09 00:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-01 11:58 - 2012-06-09 00:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-01 11:56 - 2009-07-14 09:47 - 00647354 _____ C:\Windows\system32\perfh007.dat
2016-03-01 11:56 - 2009-07-14 09:47 - 00126664 _____ C:\Windows\system32\perfc007.dat
2016-03-01 11:17 - 2013-12-02 20:43 - 00000000 ____D C:\Users\Sven\AppData\Local\NVIDIA Corporation
2016-03-01 00:23 - 2009-10-26 13:46 - 00000000 ____D C:\Program Files\Windows Live
2016-02-29 15:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-02-29 14:46 - 2013-12-19 10:38 - 00011966 _____ C:\Users\Sven\Documents\kingnicks.xlsx
2016-02-26 02:11 - 2014-08-13 14:09 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-26 00:58 - 2014-02-26 11:34 - 00002154 _____ C:\Windows\epplauncher.mif
2016-02-26 00:42 - 2015-06-01 20:56 - 00000000 ____D C:\AdwCleaner
2016-02-26 00:05 - 2014-08-13 14:08 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-26 00:02 - 2013-08-06 15:42 - 00000000 ____D C:\ProgramData\Avira
2016-02-26 00:00 - 2012-04-25 17:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-24 11:00 - 2014-09-01 17:38 - 00002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 21:43 - 2015-10-31 17:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-16 09:24 - 2009-07-14 05:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-10 13:17 - 2012-04-02 11:14 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 13:17 - 2011-06-08 15:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-25 15:10 - 2013-06-25 15:10 - 0141914 _____ () C:\Users\Sven\AppData\Local\ars.cache
2013-06-25 15:10 - 2013-06-25 15:10 - 0580869 _____ () C:\Users\Sven\AppData\Local\census.cache
2010-10-02 14:32 - 2010-10-02 14:32 - 0000036 _____ () C:\Users\Sven\AppData\Local\housecall.guid.cache
2014-09-18 17:04 - 2014-09-18 17:18 - 0000397 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-30 21:12

==================== Ende vom FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:24-02-2016
durchgeführt von Sven (2016-03-02 10:15:21)
Gestartet von C:\Users\Sven\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-03-14 06:34:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4076600597-2674156493-3598585986-500 - Administrator - Disabled)
Gast (S-1-5-21-4076600597-2674156493-3598585986-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4076600597-2674156493-3598585986-1002 - Limited - Enabled)
Sven (S-1-5-21-4076600597-2674156493-3598585986-1000 - Administrator - Enabled) => C:\Users\Sven

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510gm_Help (Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
Application Verifier (HKLM\...\{E72400F4-A41E-4019-9143-051BE2951C00}) (Version: 4.0.917 - Microsoft Corporation)
Brother MFL-Pro Suite MFC-J5910DW (HKLM\...\{830F55B6-4398-4B72-A0D8-66397B902C0E}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 3.3.0.5 - Canon Inc.)
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.4 (HKLM\...\DPP) (Version: 3.4.0.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.4.0.1 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities Original Data Security Tools (HKLM\...\Original Data Security Tools) (Version: 1.4.0.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.3.0.0 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3 Utility (HKLM\...\WFTK) (Version: 3.2.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2130 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3213 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2101 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2219 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EasyMnt (HKLM\...\{20AC083C-71C6-4A26-BE7B-9ACA990526D8}) (Version: 1.0.0.18 - simplo)
EOS USB WIA Driver (HKLM\...\EOS USB WIA Driver) (Version: 6.0.1.5 - Canon Inc.)
e-Wörterbücher (HKLM\...\{4737AD9F-13AA-4E4C-B86F-B631D557F6A7}) (Version:  - )
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Feedback Tool (HKLM\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.5.3.5 - Sentelic)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6208.0 - IDT)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
king.com (remove only) (HKLM\...\king.com) (Version:  - Midasplayer Ltd (king.com))
Launch Manager V1.5.0.5 (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.0.5 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (HKLM\...\SDKSetup_7.0.7600.16385.40715) (Version: 7.0.7600.16385.40715 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network (Version: 130.0.550.000 - Hewlett-Packard) Hidden
nLite 1.4.9.1 (HKLM\...\nLite_is1) (Version: 1.4.9.1 - Dino Nuhagic (nuhi))
Nuance PaperPort 12 (HKLM\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
NVIDIA 3D Vision Treiber 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0145 - REALTEK Semiconductor Corp.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.17 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4076600597-2674156493-3598585986-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Sven\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => K (Der Dateneintrag hat 10 mehr Zeichen).

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {129F5768-CA82-4370-9D07-066BEF28CD0A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2EBEF24E-1EA3-45CE-B03E-010569D4AD5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {321CECF9-E451-4498-B19F-AE39BC5D1DE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4718652A-497D-4E80-B114-E0DED3B052F6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {A2F06BD0-4CA2-42C8-A890-F65DF40C2AEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {AD34D0FC-2536-426D-A998-4BA2BAF530F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {D95204FF-8EE8-4650-AD11-76AB96C1EB88} - System32\Tasks\{150D567C-4B63-410D-954D-BB8AFA33C509} => pcalua.exe -a "C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe" -d "C:\Program Files\ESET\ESET Online Scanner"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-03-13 19:20 - 2015-10-13 17:47 - 00113840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2009-11-09 20:48 - 2009-11-06 10:40 - 00053248 _____ () C:\Program Files\FSP\KbdHook.dll
2009-11-09 20:48 - 2009-11-06 10:40 - 00073728 _____ () C:\Program Files\FSP\FspLib.dll
2009-06-03 20:59 - 2009-06-03 20:59 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-06-03 20:59 - 2009-06-03 20:59 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2014-08-26 14:40 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4076600597-2674156493-3598585986-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{61585FD5-3641-474E-9003-F993E87F7DD8}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{08EAF2F8-3D82-4CCE-8E44-8BA88FC98E59}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{EB7B454A-DE28-4911-BC62-AD9D4C7B9101}] => (Allow) svchost.exe
FirewallRules: [{4051E022-5178-4F0E-A092-2E8C3D09C3A7}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{74106E51-47E4-49A1-9051-487A63E089B7}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{393AD8D8-2BA2-4D73-B276-6DE2CABFF417}] => (Allow) LPort=2869
FirewallRules: [{BE7349D6-98EB-4337-B71C-EC4FA9B1E288}] => (Allow) LPort=1900
FirewallRules: [{18026AC0-9112-4691-9ADC-EF3B8CD6BFF8}] => (Allow) %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{CDC0C9D9-3800-43B2-848D-CFBC2B982BFF}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BBFEAE0E-0414-4E8F-B840-A36A42C643B8}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{718C8831-1C3B-44AE-B705-09FE2F203515}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{CB4528B5-D5D3-4652-89A8-43433BBA6885}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FBACFDC2-D09D-4AE3-953B-265E68994593}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{526AB820-17DB-493F-A601-56004505574E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C5FD4900-1F07-4896-A352-6374CE376858}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3837C8A2-C152-45EE-8732-734E1527C20C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{66CDC3DE-D514-4DF5-BC2F-0E2BAB8BACAA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3BC2B179-98F1-4FD4-A4D8-EE4971B19D5B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{96BC5B2E-DE65-4CD6-9334-CB282C5C48F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{58FBAA39-C325-4B2E-9ACD-FC27EB8906CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BF19A589-D871-4308-80D3-26482DCBB18C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

22-11-2015 19:00:42 Windows-Sicherung
29-11-2015 19:00:44 Windows-Sicherung
07-12-2015 10:09:24 Windows-Sicherung
14-12-2015 11:25:53 Windows-Sicherung
21-12-2015 08:17:58 Windows-Sicherung
11-01-2016 09:14:58 Windows-Sicherung
19-01-2016 12:01:34 Windows-Sicherung
27-01-2016 08:14:03 Windows-Sicherung
06-02-2016 10:27:37 Windows-Sicherung
09-02-2016 14:39:37 Windows-Sicherung
24-02-2016 11:10:23 Windows-Sicherung
26-02-2016 00:47:22 JRT Pre-Junkware Removal
26-02-2016 01:26:34 Windows Update
29-02-2016 09:41:37 Windows-Sicherung
01-03-2016 00:16:52 Windows Live Essentials
01-03-2016 00:17:21 WLSetup
01-03-2016 11:14:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
01-03-2016 11:56:52 Removed Microsoft Windows Performance Toolkit
01-03-2016 12:00:15 Removed Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86
01-03-2016 12:00:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
01-03-2016 12:01:21 Removed Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
01-03-2016 12:01:39 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
01-03-2016 12:02:16 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
01-03-2016 12:02:40 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
01-03-2016 12:03:12 Microsoft Visual C++ 2005 Redistributable wird entfernt
01-03-2016 12:03:43 Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
01-03-2016 12:04:09 Microsoft Works wird entfernt
01-03-2016 12:14:38 Removed BlueStacks Notification Center

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/01/2016 11:04:39 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/01/2016 11:04:39 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/01/2016 11:04:39 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/01/2016 11:04:39 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (03/01/2016 11:04:26 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/01/2016 11:04:26 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (03/01/2016 11:04:26 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/01/2016 11:04:26 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/01/2016 11:04:26 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.

Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (03/01/2016 11:04:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (3272) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00165.log.


Systemfehler:
=============
Error: (03/02/2016 10:06:59 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.213.7242.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.8.0204.00

	Quellpfad: 4.8.0204.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (03/01/2016 12:07:29 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.213.7242.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.8.0204.00

	Quellpfad: 4.8.0204.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (03/01/2016 11:37:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.213.7242.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.8.0204.00

	Quellpfad: 4.8.0204.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (03/01/2016 11:04:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/01/2016 11:04:39 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (03/01/2016 12:24:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (03/01/2016 12:23:45 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.213.7242.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.8.0204.00

	Quellpfad: 4.8.0204.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (03/01/2016 12:04:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (02/29/2016 11:50:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (02/29/2016 09:31:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3036.87 MB
Verfügbarer physikalischer RAM: 1503.77 MB
Summe virtueller Speicher: 3051.18 MB
Verfügbarer virtueller Speicher: 1684.26 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:276.99 GB) (Free:121.12 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:298.09 GB) (Free:254.22 GB) NTFS
Drive e: (Recover) (Fixed) (Total:20 GB) (Free:11.93 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 84F4BAF6)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: E4CF20AF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=277 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende vom Addition.txt ============================

Larusso · 02.03.2016, 11:30

Hy
Das was ich hier versuche ist eine Fehler Diagnostik und mit deinem "Ne das mache ich anders " system hilfst du mir natürlich vollkommen weiter.

Partitionen von der VMware sind vdkm Dateien u d keine eigenen Partitionen. Ein bisschen Googlen, wie man das wieder entfernt kann auch ich erwarten. Entferne diese und dann sehen wir weiter.
( wobei ich bezweifle, dass das dein Problem behebt )

Forcie0815 · 02.03.2016, 14:42

Hi Daniel,

ja, Du hast natürlich Recht, es war ziemlich dämlich von mir.

Entschuldige bitte.

Ich habe inzwischen den VMWare-Kram gelöscht. Die Zeiten zum Straten und Runterfahren sind geringer geworden.

Was ist das denn alles?:

Code:

ATTFilter

2016-03-01 00:05 - 2016-03-01 00:05 - 00000000 ____D C:\Users\Sven\AppData\Local\{927F5B6F-2EDB-43FA-945F-3058100E5D98}

2016-03-02 09:49 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-02 09:49 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

CustomCLSID: HKU\S-1-5-21-4076600597-2674156493-3598585986-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Sven\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => K (Der Dateneintrag hat 10 mehr Zeichen).


Error: (03/01/2016 11:04:39 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/01/2016 11:04:39 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/01/2016 11:04:39 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Forcie0815 · 03.03.2016, 14:55

Hi Daniel :-)

Ich habe einen Neustart mit allen deaktivierten Nicht-Windows-Diensten ausgeführt.

Es hat sich leider nichts verändert; des dauert weiterhin etwa 1:45 min bis das erste Programm öffnet :-( genauer: etwa 0:50 min bis ich das benutzerkenntwort eingeben kann, dann etwa 0:55 min bis das erste angeklickte Programm öffnet...

Weiterhin finde ich das komische Laufwerk (siehe Anhang)

Gruss
Sven

Larusso · 04.03.2016, 08:26

Hy

Code:

ATTFilter

2016-03-01 00:05 - 2016-03-01 00:05 - 00000000 ____D C:\Users\Sven\AppData\Local\{927F5B6F-2EDB-43FA-945F-3058100E5D98}

Wird von Windows Live Programmen erstellt und ist leer. Also im Grunde nichts. Sah schon Rechner mit 100en solchen Ordnern.

Code:

ATTFilter

2016-03-02 09:49 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-02 09:49 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

What are the File Extensions C7483456-A289-439d-8115-601632D005A0? - Microsoft Community

Code:

ATTFilter

CustomCLSID: HKU\S-1-5-21-4076600597-2674156493-3598585986-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Sven\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => K (Der Dateneintrag hat 10 mehr Zeichen).

Gehört zu Installshield

WIndows Search Dienst funktioniert laut den Eventlogs nicht und ich wette, den hast du selber abgestellt

Das komische Laufwerk könnte ne Recovery Partition sein. Sehen wir uns das mal genauer an

Windows + R Taste drücken --> diskmgmt.msc [eingeben] --> Enter

Schick mir davon mal einen Screenshot

Forcie0815 · 04.03.2016, 14:18

Hi Daniel,

ich bin beim Ausstellen grundsätzlich unschuldig

ok, dass sind Lizenzinfos :-?

Code:

ATTFilter

2016-03-02 09:49 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-02 09:49 - 2009-07-14 05:34 - 00018704 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

danke ;-)

Mit Deiner Vermutung, es handele sich um ein recovery-LW scheinst du Recht zu haben (siehe Anhang) .. allerdings gibt es noch eins

ich dachte bisher, es handele sich um Überbleibsel von VMWare-Installationen ...

Um nochmal zu den Diensten bzw. deinem link zu windwos zurückzukommen: dort wird empfohlen, auch stufenweise die Windows-Dienste auszuschalten, um den Verursacher herausfinden zu können. Was hälst du davon?

Übrigens wird Essential Security nicht in der Taskleiste angezeigt, obwohl es läuft ;-( Ich konnte es gestern auch nicht updaten, bis ich MicrosoftFixit.maintenance.Run.exe laufen ließ ... danach wurde es angezeigt in der Taskleiste .. heute wieder nicht :-( Hast Du deine Idee, woran es liegen könnte?

Zu den aktuellen Treibern: leider gibt es bei Medion keine Updates der Treiber, auch nicht für Win10 :-( .. Da die Hardwareteile von denen ja oft besondere "Specials" sind, denke ich, dass es schwer ist, die aktuellen treiber, geschweige denn für Win 10 zu bekommen. Da das Win7 immer wieder Probs macht, würde ich gerne auf Win10 umsteigen; nur ohne Treiber wird das wohl schwierig, oder?
Gruss
Sven

Larusso · 05.03.2016, 07:55

Hy.

Wenn dir Windows 10 nicht angeboten wurde, würde ich es nicht einfach installieren.
Da es keinen GraKa Treiber zu geben scheint, läuft danach eine Standard Grafik und die ist grauenvoll.
Weiß ich,weil ein Studienkollege auch updaten wollte und ich hab dies dann erzwungen. Wir haben 2 Tage später ein Rollback gemacht.

Natürlich musst du auch die Dienste abstellen.
Dann auf ein Neues, aber diesmal so wie es in der Anleitung steht

Forcie0815 · 05.03.2016, 14:10

Hi,

doch klar wird mir das update schon lange angeboten :-)

Um den Grafiktreiber mache ich mir keine Sorgen bei NVIDIA, sondern um chipset, bios, touchpad, lan- und wlankarte und cardreader :-) Bei Medion ist mein System nicht getestet worden für win 10 :-(

gruss
sven

Larusso · 05.03.2016, 14:40

Ich glaube, es wäre einfach besser, du eröffnest im Windows Bereich ein neues Thema.
Hier geht es primär um Malware und die is nicht da

Win7: Runter- und Hochfahren dauert einige Minuten

Log-Analyse und Auswertung: Win7: Runter- und Hochfahren dauert einige Minuten