Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 04.12.2012, 23:28   #1
P@trick1980
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Ausrufezeichen

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hallo liebe Helfer, zunächst schonmal ein großes Dankeschön, dass es so etwas hier gibt, das weiß ich sehr zu schätzen, denn ich habe absolut keine Ahnung von Computern. Ich bin durch Google auf dieses Forum gestoßen und habe gesehen, dass es einige andere ebenso wie mich erwischt hat. Ich wollte mir bei kinox.to eine Serie ansehen und habe die aufpoppenden Seiten weggedrückt. Bevor das Video startete wurde der Bildschirm kurz schwarz und dann erschien eine Seite der GVU mit dem Hinweis, mein Computer sei nun gesperrt. Ich müsse nun 100€ binnen der nächsten 48 Stunden per Paysafecard bezahlen, andernfalls würde ein Strafverfahren eingeleitet. Ich habe dann mein Laptop nur geschlossen und somit auf Standby gebracht. Dann habe ich Euer Forum entdeckt und nun schreibe ich über mein Handy. Da ich wirklich ein "Idiot" in Computerangelegenheiten bin, wäre ich für Eure Hilfe sehr dankbar! Wenn es möglich ist, erklärt mir bitte jeden Schritt, den ich zu tun habe ganz genau. Danke schonmal im vorraus. Viele Grüße P@trick.

Alt 04.12.2012, 23:30   #2
markusg
/// Malware-holic
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hi,
wann lernen es endlich mal alle...
kinox.to und ähnliche seiten bieten illegalen Inhalt an, das tut dort keiner, um was gutes zu tun, die leute wollen Geld verdienen.
Finger weg von solchen Schrottseiten.

Starte neu, drücke f8 wähle abgesicherter Modus mit Netzwerk
Melde dich in deinem Konto an
wenn du dort arbeiten kannst:
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 05.12.2012, 11:32   #3
P@trick1980
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hallo markusg, vielen Dank schonmal für Deine schnelle Rückmeldung. Ja, das wird mir eine Lehre sein, ich werde kinox.to und andere Streaming-Seiten zukünftig meiden.
Hier die Inhalte von OTL.txt und Extra.txt:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12/5/2012 12:09:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mein Notebook\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5.48 Gb Total Physical Memory | 4.89 Gb Available Physical Memory | 89.17% Memory free
10.96 Gb Paging File | 10.38 Gb Available in Paging File | 94.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230.00 Gb Total Space | 166.44 Gb Free Space | 72.36% Space Free | Partition Type: NTFS
Drive D: | 342.90 Gb Total Space | 244.03 Gb Free Space | 71.17% Space Free | Partition Type: NTFS
Drive E: | 7.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: MEINNOTEBOOK-PC | User Name: Mein Notebook | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/12/05 12:04:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mein Notebook\Desktop\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011/05/26 21:09:58 | 000,204,288 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/09 20:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/11/04 03:36:01 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/28 14:36:53 | 001,506,824 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2011/10/28 14:36:11 | 000,457,536 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2011/10/28 02:41:08 | 002,191,808 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/10 13:21:10 | 001,556,816 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2011/04/01 11:16:02 | 000,409,608 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2011/03/01 13:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 02:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/06/01 07:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/15 00:07:54 | 000,106,488 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/01 00:13:51 | 000,059,256 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2012/02/01 00:11:50 | 000,111,992 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2012/02/01 00:11:50 | 000,053,112 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2012/02/01 00:11:50 | 000,050,552 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2012/02/01 00:11:49 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2012/01/11 20:43:00 | 000,031,448 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GdNetMon64.sys -- (GdNetMon)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/06 07:16:24 | 000,289,704 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/05/26 22:58:22 | 009,263,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/26 20:28:50 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/23 16:24:22 | 002,750,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/05/17 07:55:28 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/14 08:16:08 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/05 11:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/03/05 11:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/18 06:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/11/12 23:23:38 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/28 07:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/10/21 08:12:46 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = hxxp://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.iminent.com/?appId=16b1fd38-0844-4392-8418-403fbf746a52&ref=homepage
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = hxxp://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://search.iminent.com/?appId=16b1fd38-0844-4392-8418-403fbf746a52&lcid=1031&ref=homepage"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Mein Notebook\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/04 23:23:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/04 03:36:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/04 03:35:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/04 03:36:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/04 03:35:54 | 000,000,000 | ---D | M]
 
[2012/01/13 16:36:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mein Notebook\AppData\Roaming\mozilla\Extensions
[2012/10/25 18:54:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mein Notebook\AppData\Roaming\mozilla\Firefox\Profiles\nzhac2db.default\extensions
[2012/03/19 21:42:23 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Mein Notebook\AppData\Roaming\mozilla\Firefox\Profiles\nzhac2db.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/11/21 19:13:52 | 000,002,270 | ---- | M] () -- C:\Users\Mein Notebook\AppData\Roaming\mozilla\firefox\profiles\nzhac2db.default\searchplugins\SearchTheWeb.xml
[2012/11/04 03:35:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/11/04 03:35:53 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2012/11/04 03:35:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2012/11/04 03:35:53 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files (x86)\mozilla firefox\extensions\webbooster@iminent.com
[2012/11/04 03:36:02 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/07/24 14:39:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/22 01:53:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/24 14:39:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/07/24 14:39:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/12/23 13:02:16 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
[2012/07/24 14:39:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/07/24 14:39:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Samsung BHO Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [iTunesHelper] C:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Mein Notebook\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\Mein Notebook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Mein Notebook\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0647B7A5-DDCA-4567-A417-FC8EDB3FE287}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/12/05 12:04:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mein Notebook\Desktop\OTL.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012/12/05 12:04:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mein Notebook\Desktop\OTL.exe
[2012/12/05 12:02:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/12/05 12:02:38 | 1589,374,975 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/05 00:19:07 | 095,023,320 | ---- | M] () -- C:\ProgramData\0tbpw.pad
[2012/12/05 00:15:37 | 000,001,170 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000UA.job
[2012/12/04 23:19:57 | 000,001,077 | ---- | M] () -- C:\Users\Mein Notebook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012/12/04 20:22:12 | 000,900,963 | ---- | M] () -- C:\windows\SysWow64\sig.bin
[2012/12/04 20:22:12 | 000,047,230 | ---- | M] () -- C:\windows\SysWow64\nmp.map
[2012/12/03 18:35:46 | 000,001,148 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000Core.job
[2012/11/27 01:07:55 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/27 01:07:55 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/21 19:17:32 | 000,644,310 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012/11/21 19:17:32 | 000,607,634 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/21 19:17:32 | 000,126,580 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012/11/21 19:17:32 | 000,103,754 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/21 19:17:31 | 001,473,514 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/21 19:11:44 | 000,276,240 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012/12/04 23:19:57 | 000,001,077 | ---- | C] () -- C:\Users\Mein Notebook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012/12/04 23:19:56 | 095,023,320 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012/05/15 12:09:57 | 000,000,601 | ---- | C] () -- C:\windows\eReg.dat
[2012/01/13 16:32:04 | 001,500,444 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/13 01:27:08 | 000,900,963 | ---- | C] () -- C:\windows\SysWow64\sig.bin
[2011/07/21 19:58:30 | 000,258,864 | ---- | C] () -- C:\windows\SUPDRun.exe
[2011/07/21 19:57:58 | 000,003,155 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/07/21 06:23:46 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2011/07/21 05:51:40 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/07/21 05:38:29 | 000,000,918 | ---- | C] () -- C:\windows\HotFixList.ini
[2011/07/21 05:03:11 | 000,142,128 | ---- | C] () -- C:\windows\wiainst64.exe
[2011/03/21 11:56:22 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/03/19 21:42:22 | 000,000,000 | ---D | M] -- C:\Users\Mein Notebook\AppData\Roaming\Iminent
[2012/01/24 05:36:30 | 000,000,000 | ---D | M] -- C:\Users\Mein Notebook\AppData\Roaming\SoftGrid Client
[2012/01/13 16:32:50 | 000,000,000 | ---D | M] -- C:\Users\Mein Notebook\AppData\Roaming\TP
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012/01/06 16:52:15 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012/07/07 16:56:31 | 000,000,000 | ---D | M] -- C:\CD Configuration
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012/06/01 19:02:00 | 000,000,000 | ---D | M] -- C:\Europoker
[2012/01/15 15:33:39 | 000,000,000 | ---D | M] -- C:\filme2
[2012/07/07 16:57:19 | 000,000,000 | ---D | M] -- C:\iTunes.Resources
[2012/07/07 16:57:22 | 000,000,000 | ---D | M] -- C:\iTunesHelper.Resources
[2012/07/07 16:57:22 | 000,000,000 | ---D | M] -- C:\Mozilla Plugins
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/07/07 16:56:31 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/11/04 13:57:12 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012/12/05 00:19:06 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011/11/28 09:31:23 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012/12/02 01:48:57 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011/11/28 09:33:00 | 000,000,000 | R--D | M] -- C:\Users
[2012/12/05 12:02:38 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009/07/14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009/07/14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009/07/14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009/07/14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010/11/21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,026,044 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012/04/11 22:50:33 | 000,001,148 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000Core.job
[2012/04/11 22:50:36 | 000,001,170 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2545573064-1671415295-1629012448-1000UA.job
 
< MD5 for: AGP440.SYS  >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008/06/06 06:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010/11/21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll
[2010/11/21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\windows\SysNative\drivers\ws2ifsl.sys
[2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2011/11/28 09:57:41 | 000,000,148 | ---- | M] () -- C:\Users\Mein Notebook\DiskScrP.txt
[2012/12/05 12:13:21 | 001,572,864 | -HS- | M] () -- C:\Users\Mein Notebook\NTUSER.DAT
[2012/12/05 12:13:21 | 000,262,144 | -HS- | M] () -- C:\Users\Mein Notebook\ntuser.dat.LOG1
[2011/11/28 09:33:01 | 000,000,000 | -HS- | M] () -- C:\Users\Mein Notebook\ntuser.dat.LOG2
[2011/11/28 09:33:01 | 000,065,536 | -HS- | M] () -- C:\Users\Mein Notebook\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011/11/28 09:33:01 | 000,524,288 | -HS- | M] () -- C:\Users\Mein Notebook\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011/11/28 09:33:01 | 000,524,288 | -HS- | M] () -- C:\Users\Mein Notebook\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011/11/28 09:33:01 | 000,000,020 | -HS- | M] () -- C:\Users\Mein Notebook\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12/5/2012 12:09:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mein Notebook\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5.48 Gb Total Physical Memory | 4.89 Gb Available Physical Memory | 89.17% Memory free
10.96 Gb Paging File | 10.38 Gb Available in Paging File | 94.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230.00 Gb Total Space | 166.44 Gb Free Space | 72.36% Space Free | Partition Type: NTFS
Drive D: | 342.90 Gb Total Space | 244.03 Gb Free Space | 71.17% Space Free | Partition Type: NTFS
Drive E: | 7.55 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: MEINNOTEBOOK-PC | User Name: Mein Notebook | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00BF0362-6932-41E1-B9C5-3D7F351DDAEC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{0CA0B8F2-2F1A-41D8-AC57-A5E3AE219603}" = rport=138 | protocol=17 | dir=out | app=system | 
"{17749064-41BB-4F5D-B31B-15E14A574AAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1ACB1DE8-8637-41E9-BDFC-D4B86976B698}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4E79B864-BBA9-424D-90A9-DD97A966A4F9}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{54AB857E-38C4-44A8-BAC2-3A70264BFF7A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{66C25A9A-EB85-4B4D-BAC1-E7B7EDD04801}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6715B0FA-F22E-4B9B-A334-E47A0B3B1C3B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{70925FC6-7C9E-49DF-916D-4B49F27C6092}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{7722D8EF-C5B5-498F-AD28-9357BA8473C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7C49E32B-019C-40FC-B4B4-A959888ACDE9}" = rport=445 | protocol=6 | dir=out | app=system | 
"{7DCA5C6F-F754-4B1B-BEB3-63CFF53A0F99}" = lport=137 | protocol=17 | dir=in | app=system | 
"{88A077EE-8FBC-4EC3-8901-64D89BDA16F6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8C2ADAA0-18A0-4C22-AD88-5F7F9BA0809A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{8F6674C8-BC08-487A-8415-724445671158}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A255CD27-C811-4FFC-8B3A-452A7D50844F}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{AB960B61-1BD3-4529-BD44-DB999E4F5589}" = lport=139 | protocol=6 | dir=in | app=system | 
"{CE794129-3BA4-4148-A605-5F5B1C8EC197}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{DB907692-636B-42EB-89CF-E1B5D8D659BD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DE8B1C4C-7B5F-4D3F-8B42-3FFA9090AC36}" = rport=139 | protocol=6 | dir=out | app=system | 
"{F39A95C0-5969-4306-AE9D-BCC6AD55B8E5}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F765C1DE-BAE8-487F-BC01-35DD636445E6}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F9B0FBBB-A771-4443-8DC5-D1FE7F77615B}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D134F3-6408-4A7D-B352-78572F45B60A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{1D4DAFEE-F9EB-4A1C-B192-440274E11351}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{1FBE0C4B-FD9B-41E2-8E96-81C1E41669D2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{26FF7362-5E2F-455F-9B55-80F0EF8C3D09}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{292314D8-C899-4206-9C67-80E8D1FF9EE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2B7803D7-2123-42E0-8522-81C01110455D}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe | 
"{2C6C7750-7B46-41E9-A70D-496F9999EF79}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{33D218BC-2254-4513-8885-4EF0CBA07F96}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe | 
"{35C57FC7-CF30-4E47-9A61-6999DEF364F7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{3BDD62F2-EE9D-4DDB-ADD4-AE9AB20FE1A8}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc.exe | 
"{3CC195B3-DBBC-4D27-A786-9660D48EDE9B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{467840B9-9F49-4B14-BA4D-34FA74F1172D}" = dir=in | app=c:\program files (x86)\cyberlink\media+player10\media+player10.exe | 
"{4D54ADC9-4FA8-4CFC-AC08-2ED5428FE93E}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe | 
"{4EAD0DD9-0131-4E45-9959-C4D33CA14733}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4FE6FAB7-EFA2-4161-A5C6-5F3DD3882811}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{527E29EC-63A5-465A-8CB5-E2FADDAD881A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{550E8CB9-4F6C-4667-B154-3B7FAB51B1E0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{57542652-2772-4E5D-B4C3-EE5E6C22553F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5A761D7A-318B-4558-A4DF-A1BA4D3EAECB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe | 
"{5DE60AAD-259B-4A32-997B-29A78B957E08}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe | 
"{5F940867-85C3-4758-B4F4-0FFC81899572}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe | 
"{66D8C359-4891-4DDB-BEDF-593B6865C994}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6EF35B51-9918-429B-B99B-FFBE9D09AAAC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{6F62142A-791C-43C9-918C-23600E842CA3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6FE9BAD4-26D2-4616-B803-79D0037ABB13}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe | 
"{752DF0A3-F849-4572-8243-3EA33FA265B2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{76536418-9980-4136-A940-01AC3FDA8068}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe | 
"{7D066993-65B2-424D-82EC-5540F34CCA4D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{886957AB-E7C4-4685-963B-F751BE4599D6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8B0FFD1A-89BD-42BB-9C82-38188537F665}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8EA0BADE-449E-4A83-8587-E54034C781CD}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc.exe | 
"{9D66B8F3-3F3F-46B7-91C0-381360C79B3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A379E94E-687D-4508-B375-7CE07B7709DD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe | 
"{ABF86976-C48B-468A-9DAF-593E8F221F4A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B271BF84-41B6-4CB7-A51A-7FC6DF082272}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B533BEAD-760B-4082-9DA0-54BF2F0D93C5}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe | 
"{BE49407E-1D50-4018-8DB0-E749FB8D7D3D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{CFEEB222-AB26-42D7-BDE9-B0AF39B3DF21}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe | 
"{D0BDFA4A-373D-44F9-9A92-B56393EF7D8B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe | 
"{D6A849E9-92FA-4A95-AF54-EAD7AF062DA4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{D76501AE-408A-412E-8EF5-C5DBBA3E7136}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | 
"{E97A7485-4F94-468D-BE73-19168B713F06}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EEEE214E-76D3-4E56-8D4E-FF2B567F7F46}" = dir=in | app=c:\itunes.exe | 
"{F1FDBCFC-C5B5-43E7-B339-9E6AD7EB6C5C}" = protocol=6 | dir=out | app=system | 
"{F70366E1-2E26-4A93-8707-076DBCB130BF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{129EE1A8-FA82-5E76-0DE5-50D51ED1AF7E}" = ATI Catalyst Install Manager
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4C9845D5-9FAD-4C52-B389-CAEF0F216215}" = Windows Live Remote Client Resources
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{601D7B72-FEE9-FECD-7304-3FBE8465F440}" = ccc-utility64
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{811D5159-D798-491F-B9C6-9BDBF6B02D06}" = Windows Live Remote Service Resources
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Elantech" = ETDWare PS/2-X64 8.0.7.2_WHQL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0119B342-476F-4F5A-B712-144B5CFA781F}" = Windows Live Movie Maker
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0658C55D-D095-6B0B-A662-36A8202F1408}" = AMD VISION Engine Control Center
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{07E15DDE-CAD9-434D-B24D-35708E3BEA09}" = Windows Live 필수 패키지
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A303DB2-DCB9-324F-1B05-30A819E66A3B}" = CCC Help German
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1181AA5B-8EFD-4AC5-8CDE-A1F7307B3427}" = EasyFileShare
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}" = WordCaptureX Pro
"{142D8CA7-2C6F-45A7-83E3-099AAFD99133}" = Samsung Update Plus
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Samsung Control Center
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21B49B4A-BBC3-4A09-9C68-6C3CC0B1EA01}" = Windows Live Messenger
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26513CE5-7A51-478D-93BD-AC1D38103463}" = Windows Live Messenger
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F68DD28-BF5B-52AC-B584-4B8E546F069A}" = CCC Help Japanese
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{318DBE01-1E6B-4243-84B0-210391FE789A}" = Samsung AnyWeb Print
"{331ECF61-69AF-4F57-AC35-AFED610231C3}" = Multimedia POP
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34AB675C-1965-44B5-B5A7-B02EE6196AD3}" = Windows Live Messenger
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}" = PhoneShare
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{44F4024E-5214-B183-AC1A-E92486AE3CDA}" = CCC Help French
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4BD8E034-E0F4-4509-A753-467A8E854CD8}" = Iminent
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4F35DF91-F834-41F7-A287-0E377D55C486}" = Windows Live Photo Common
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{51FFAC89-B6B0-4E6E-B76F-6D4E2E83086A}" = Windows Live 메일
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}" = „Windows Live Messenger“
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6006059E-013D-4B77-BC5C-4DD5E4A6570D}" = G Data InternetSecurity 2012
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61506B53-EE02-46CE-8464-3F806947978F}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7780682A-47C9-480D-90BE-247539342595}" = Windows Live UX Platform Language Pack
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A312E06-B7B6-5B75-18AA-1262EAB41971}" = CCC Help Portuguese
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B56AC11-A09B-D148-EA51-AB4500A84F50}" = Catalyst Control Center InstallProxy
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{829CDAAD-5AF1-482F-978B-591C16A34ACC}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95D5C923-A6C2-5629-7873-938099245C53}" = CCC Help Spanish
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A8E4762-3331-4EDB-8E1F-B11179DDBC00}" = Eco Mode
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D554E62-4CC6-F0D8-ECFC-817830E8496A}" = CCC Help Chinese Standard
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B4712CB7-27D7-4F61-8805-BCF9BE1CFC4A}" = Windows Live Writer Resources
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BE73A21F-D108-2652-3F12-65C2D264C895}" = Catalyst Control Center Localization All
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8A2793D-EFF2-4069-95BF-A28192E39DEB}" = Windows Live Writer
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger
"{D57D43BF-699A-429F-AF8C-AF1867222800}" = Windows Live 사진 갤러리
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F08F7C0A-30E7-23D6-F0B3-BB1717ACA5D2}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEB42E39-CD8A-28A5-981B-1D8302CD50D7}" = CCC Help Italian
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"DivX Setup" = DivX-Setup
"EuroPoker_is1" = EuroPoker 1.0.0
"Game Console - WildGames" = WildTangent ORB Game Console
"IMBoosterARP" = Iminent
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"ProInst" = Intel PROSet Wireless
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"Samsung Universal Scan Driver" = Samsung Universal Scan Driver
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live 程式集
"WT085559" = Diner Dash 2 Restaurant Rescue
"WT085567" = Chuzzle Deluxe
"WT085580" = John Deere Drive Green
"WT085581" = Penguins!
"WT085583" = Polar Golfer
"WT085587" = Agatha Christie - Death on the Nile
"WT085597" = Build-a-lot
"WT085618" = Farm Frenzy
"WT085622" = Insaniquarium Deluxe
"WT085663" = Peggle
"WT085669" = Plants vs. Zombies
"WT089285" = Zuma Deluxe
"WT089286" = Bejeweled 2 Deluxe
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4/21/2012 5:39:03 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4/21/2012 5:39:03 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9999
 
Error - 4/21/2012 5:39:03 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9999
 
Error - 4/21/2012 5:39:04 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4/21/2012 5:39:04 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10998
 
Error - 4/21/2012 5:39:04 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10998
 
Error - 4/21/2012 5:39:05 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4/21/2012 5:39:05 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12012
 
Error - 4/21/2012 5:39:05 PM | Computer Name = MeinNotebook-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12012
 
Error - 4/21/2012 6:37:29 PM | Computer Name = MeinNotebook-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 12/5/2012 7:02:57 AM | Computer Name = MeinNotebook-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 12/5/2012 7:02:57 AM | Computer Name = MeinNotebook-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 12/5/2012 7:03:00 AM | Computer Name = MeinNotebook-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 12/5/2012 7:03:10 AM | Computer Name = MeinNotebook-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 12/5/2012 7:03:12 AM | Computer Name = MeinNotebook-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 12/5/2012 7:03:12 AM | Computer Name = MeinNotebook-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 12/5/2012 7:03:12 AM | Computer Name = MeinNotebook-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 12/5/2012 7:03:12 AM | Computer Name = MeinNotebook-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 12/5/2012 7:03:12 AM | Computer Name = MeinNotebook-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 12/5/2012 7:03:12 AM | Computer Name = MeinNotebook-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >
         
--- --- ---



Nochmals vielen Dank für die schnelle Hilfe, ich bin Dir wirklich sehr dankbar und warte auf weitere Anweisungen.
Liebe Grüße P@trick
__________________

Alt 06.12.2012, 15:42   #4
markusg
/// Malware-holic
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
[2012/12/05 00:19:07 | 095,023,320 | ---- | M] () -- C:\ProgramData\0tbpw.pad
[2012/12/04 23:19:57 | 000,001,077 | ---- | M] () -- C:\Users\Mein Notebook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
 :Files
:Commands
[EMPTYFLASH] 
[emptytemp]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.12.2012, 16:43   #5
P@trick1980
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hi, hier der Text, den ich kopieren sollte:

All processes killed
========== OTL ==========
C:\ProgramData\0tbpw.pad moved successfully.
C:\Users\Mein Notebook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Mein Notebook
->Flash cache emptied: 21117 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mein Notebook
->Temp folder emptied: 2575079009 bytes
->Temporary Internet Files folder emptied: 264966530 bytes
->FireFox cache emptied: 1140710034 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16876795 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 1192821209 bytes

Total Files Cleaned = 4,950.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12062012_173443

Files\Folders moved on Reboot...
C:\Users\Mein Notebook\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\windows\temp\TMP000000014DDDEFDAF3238D9D not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 06.12.2012, 20:50   #6
markusg
/// Malware-holic
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hi,
Anmerkung, bin von Morgen, bis Mittwoch, im Urlaub.
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
--> Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!

Alt 06.12.2012, 22:57   #7
P@trick1980
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hi, vielen Dank für Deine Hilfe. Heisst das, das mein Laptop dann erstmal wieder sauber ist? Das wäre ja super klasse. Ich wünsche einen schönen Urlaub und nochmal vielen Dank, würde mich gern revanchieren wenn ich könnte. Viele Grüße P@trick

Alt 13.12.2012, 14:45   #8
markusg
/// Malware-holic
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hi
poste mal bitte das TDSS killer log.
Wenn du magst, kannst du an uns, am ende spenden, dass hilft uns, das Forum aufrecht zu erhalten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.12.2012, 19:45   #9
P@trick1980
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hi markusg, ich habe Probleme das Log zu finden. Ist damit der Report am Ende des Scans gemeint? Wenn ja, dann kann ich das leider nicht kopieren. Falls das nicht gemeint war, sage mir bitte wo ich das Log finden kann. Viele Grüße Patrick

Alt 16.12.2012, 19:47   #10
markusg
/// Malware-holic
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hi
öffne mal c:
TDSS-Killer-Datum-Version.txt
deren Inhalt posten bitte.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.12.2012, 19:56   #11
P@trick1980
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Hi, in dem Moment wo Du mir geschrieben hast, konnte ich es doch finden:

20:36:55.0075 0888 TDSS rootkit removing tool 2.8.14.0 Oct 30 2012 13:37:33
20:37:02.0592 0888 ============================================================
20:37:02.0592 0888 Current date / time: 2012/12/16 20:37:02.0592
20:37:02.0592 0888 SystemInfo:
20:37:02.0592 0888
20:37:02.0592 0888 OS Version: 6.1.7601 ServicePack: 1.0
20:37:02.0592 0888 Product type: Workstation
20:37:02.0592 0888 ComputerName: MEINNOTEBOOK-PC
20:37:02.0592 0888 UserName: Mein Notebook
20:37:02.0592 0888 Windows directory: C:\windows
20:37:02.0592 0888 System windows directory: C:\windows
20:37:02.0592 0888 Running under WOW64
20:37:02.0592 0888 Processor architecture: Intel x64
20:37:02.0592 0888 Number of processors: 4
20:37:02.0592 0888 Page size: 0x1000
20:37:02.0592 0888 Boot type: Normal boot
20:37:02.0592 0888 ============================================================
20:37:03.0142 0888 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:37:03.0152 0888 ============================================================
20:37:03.0152 0888 \Device\Harddisk0\DR0:
20:37:03.0152 0888 MBR partitions:
20:37:03.0152 0888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:37:03.0152 0888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1CC00000
20:37:03.0172 0888 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1CC33000, BlocksNum 0x2ADCC800
20:37:03.0172 0888 ============================================================
20:37:03.0212 0888 C: <-> \Device\Harddisk0\DR0\Partition2
20:37:03.0252 0888 D: <-> \Device\Harddisk0\DR0\Partition3
20:37:03.0252 0888 ============================================================
20:37:03.0252 0888 Initialize success
20:37:03.0252 0888 ============================================================
20:37:17.0133 0700 ============================================================
20:37:17.0133 0700 Scan started
20:37:17.0133 0700 Mode: Manual; SigCheck; TDLFS;
20:37:17.0133 0700 ============================================================
20:37:17.0340 0700 ================ Scan system memory ========================
20:37:17.0340 0700 System memory - ok
20:37:17.0340 0700 ================ Scan services =============================
20:37:17.0480 0700 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:37:17.0620 0700 1394ohci - ok
20:37:17.0650 0700 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:37:17.0680 0700 ACPI - ok
20:37:17.0700 0700 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:37:17.0780 0700 AcpiPmi - ok
20:37:17.0820 0700 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
20:37:17.0850 0700 adp94xx - ok
20:37:17.0900 0700 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
20:37:17.0930 0700 adpahci - ok
20:37:17.0940 0700 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
20:37:17.0960 0700 adpu320 - ok
20:37:18.0000 0700 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:37:18.0130 0700 AeLookupSvc - ok
20:37:18.0190 0700 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:37:18.0240 0700 AFD - ok
20:37:18.0270 0700 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:37:18.0290 0700 agp440 - ok
20:37:18.0320 0700 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:37:18.0370 0700 ALG - ok
20:37:18.0400 0700 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:37:18.0410 0700 aliide - ok
20:37:18.0470 0700 [ 833D43CFBAC21365D36CF797377457D9 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
20:37:18.0510 0700 AMD External Events Utility - ok
20:37:18.0530 0700 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:37:18.0540 0700 amdide - ok
20:37:18.0570 0700 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
20:37:18.0600 0700 AmdK8 - ok
20:37:18.0790 0700 [ FAD670B417ADCCD9C99BC3AA3D754958 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
20:37:19.0080 0700 amdkmdag - ok
20:37:19.0120 0700 [ F0B63DEAD17F760DBC85CCD7BF978C05 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
20:37:19.0140 0700 amdkmdap - ok
20:37:19.0190 0700 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:37:19.0200 0700 AmdPPM - ok
20:37:19.0240 0700 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:37:19.0260 0700 amdsata - ok
20:37:19.0310 0700 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
20:37:19.0320 0700 amdsbs - ok
20:37:19.0351 0700 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:37:19.0367 0700 amdxata - ok
20:37:19.0398 0700 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\windows\system32\DRIVERS\amd_sata.sys
20:37:19.0424 0700 amd_sata - ok
20:37:19.0434 0700 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\windows\system32\DRIVERS\amd_xata.sys
20:37:19.0444 0700 amd_xata - ok
20:37:19.0474 0700 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:37:19.0524 0700 AppID - ok
20:37:19.0544 0700 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:37:19.0604 0700 AppIDSvc - ok
20:37:19.0634 0700 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:37:19.0694 0700 Appinfo - ok
20:37:19.0794 0700 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:37:19.0804 0700 Apple Mobile Device - ok
20:37:19.0844 0700 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
20:37:19.0864 0700 arc - ok
20:37:19.0894 0700 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
20:37:19.0914 0700 arcsas - ok
20:37:19.0944 0700 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:37:20.0004 0700 AsyncMac - ok
20:37:20.0024 0700 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:37:20.0034 0700 atapi - ok
20:37:20.0114 0700 [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr C:\windows\system32\DRIVERS\athrx.sys
20:37:20.0194 0700 athr - ok
20:37:20.0264 0700 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
20:37:20.0284 0700 AtiHDAudioService - ok
20:37:20.0324 0700 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:37:20.0384 0700 AudioEndpointBuilder - ok
20:37:20.0394 0700 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:37:20.0444 0700 AudioSrv - ok
20:37:20.0574 0700 [ C48176DA44D0298A7075D3C5CF8C3D8D ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
20:37:20.0614 0700 AVKProxy - ok
20:37:20.0674 0700 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
20:37:20.0704 0700 AVKService - ok
20:37:20.0764 0700 [ 22F1444896844B0462359825EF628507 ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
20:37:20.0824 0700 AVKWCtl - ok
20:37:20.0864 0700 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:37:20.0904 0700 AxInstSV - ok
20:37:20.0944 0700 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
20:37:20.0994 0700 b06bdrv - ok
20:37:21.0034 0700 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:37:21.0064 0700 b57nd60a - ok
20:37:21.0134 0700 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:37:21.0154 0700 BBSvc - ok
20:37:21.0184 0700 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:37:21.0224 0700 BDESVC - ok
20:37:21.0264 0700 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:37:21.0304 0700 Beep - ok
20:37:21.0354 0700 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
20:37:21.0414 0700 BFE - ok
20:37:21.0444 0700 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
20:37:21.0509 0700 BITS - ok
20:37:21.0525 0700 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:37:21.0556 0700 blbdrive - ok
20:37:21.0634 0700 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:37:21.0650 0700 Bonjour Service - ok
20:37:21.0685 0700 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:37:21.0735 0700 bowser - ok
20:37:21.0775 0700 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
20:37:21.0805 0700 BrFiltLo - ok
20:37:21.0815 0700 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
20:37:21.0835 0700 BrFiltUp - ok
20:37:21.0875 0700 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
20:37:21.0915 0700 Browser - ok
20:37:21.0925 0700 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:37:21.0985 0700 Brserid - ok
20:37:21.0985 0700 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:37:22.0005 0700 BrSerWdm - ok
20:37:22.0025 0700 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:37:22.0055 0700 BrUsbMdm - ok
20:37:22.0065 0700 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:37:22.0095 0700 BrUsbSer - ok
20:37:22.0135 0700 [ 9D95F74875491CECBF9E10A5936A570E ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
20:37:22.0155 0700 BtFilter - ok
20:37:22.0185 0700 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
20:37:22.0255 0700 BthEnum - ok
20:37:22.0275 0700 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
20:37:22.0305 0700 BTHMODEM - ok
20:37:22.0335 0700 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
20:37:22.0365 0700 BthPan - ok
20:37:22.0415 0700 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
20:37:22.0455 0700 BTHPORT - ok
20:37:22.0485 0700 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:37:22.0535 0700 bthserv - ok
20:37:22.0565 0700 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
20:37:22.0595 0700 BTHUSB - ok
20:37:22.0625 0700 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:37:22.0685 0700 cdfs - ok
20:37:22.0715 0700 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:37:22.0755 0700 cdrom - ok
20:37:22.0795 0700 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:37:22.0835 0700 CertPropSvc - ok
20:37:22.0875 0700 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
20:37:22.0905 0700 circlass - ok
20:37:22.0935 0700 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:37:22.0955 0700 CLFS - ok
20:37:23.0035 0700 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:37:23.0045 0700 clr_optimization_v2.0.50727_32 - ok
20:37:23.0095 0700 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:37:23.0115 0700 clr_optimization_v2.0.50727_64 - ok
20:37:23.0155 0700 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
20:37:23.0165 0700 clwvd - ok
20:37:23.0185 0700 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:37:23.0215 0700 CmBatt - ok
20:37:23.0235 0700 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:37:23.0255 0700 cmdide - ok
20:37:23.0285 0700 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
20:37:23.0325 0700 CNG - ok
20:37:23.0355 0700 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
20:37:23.0365 0700 Compbatt - ok
20:37:23.0395 0700 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
20:37:23.0435 0700 CompositeBus - ok
20:37:23.0455 0700 COMSysApp - ok
20:37:23.0475 0700 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
20:37:23.0495 0700 crcdisk - ok
20:37:23.0525 0700 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
20:37:23.0595 0700 CryptSvc - ok
20:37:23.0695 0700 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:37:23.0725 0700 cvhsvc - ok
20:37:23.0785 0700 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:37:23.0845 0700 DcomLaunch - ok
20:37:23.0885 0700 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:37:23.0945 0700 defragsvc - ok
20:37:23.0975 0700 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:37:24.0025 0700 DfsC - ok
20:37:24.0075 0700 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:37:24.0125 0700 Dhcp - ok
20:37:24.0155 0700 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:37:24.0205 0700 discache - ok
20:37:24.0265 0700 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
20:37:24.0285 0700 Disk - ok
20:37:24.0305 0700 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:37:24.0345 0700 Dnscache - ok
20:37:24.0365 0700 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:37:24.0415 0700 dot3svc - ok
20:37:24.0425 0700 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:37:24.0475 0700 DPS - ok
20:37:24.0505 0700 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:37:24.0525 0700 drmkaud - ok
20:37:24.0565 0700 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:37:24.0595 0700 DXGKrnl - ok
20:37:24.0625 0700 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:37:24.0675 0700 EapHost - ok
20:37:24.0755 0700 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
20:37:24.0845 0700 ebdrv - ok
20:37:24.0895 0700 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:37:24.0915 0700 EFS - ok
20:37:24.0995 0700 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:37:25.0055 0700 ehRecvr - ok
20:37:25.0075 0700 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:37:25.0105 0700 ehSched - ok
20:37:25.0165 0700 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
20:37:25.0195 0700 elxstor - ok
20:37:25.0205 0700 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:37:25.0225 0700 ErrDev - ok
20:37:25.0295 0700 [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD C:\windows\system32\DRIVERS\ETD.sys
20:37:25.0305 0700 ETD - ok
20:37:25.0355 0700 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:37:25.0425 0700 EventSystem - ok
20:37:25.0445 0700 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:37:25.0495 0700 exfat - ok
20:37:25.0515 0700 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:37:25.0575 0700 fastfat - ok
20:37:25.0595 0700 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:37:25.0645 0700 Fax - ok
20:37:25.0675 0700 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
20:37:25.0715 0700 fdc - ok
20:37:25.0755 0700 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:37:25.0805 0700 fdPHost - ok
20:37:25.0825 0700 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:37:25.0875 0700 FDResPub - ok
20:37:25.0895 0700 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:37:25.0915 0700 FileInfo - ok
20:37:25.0935 0700 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:37:25.0985 0700 Filetrace - ok
20:37:26.0005 0700 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
20:37:26.0025 0700 flpydisk - ok
20:37:26.0045 0700 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:37:26.0065 0700 FltMgr - ok
20:37:26.0115 0700 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
20:37:26.0175 0700 FontCache - ok
20:37:26.0225 0700 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:37:26.0245 0700 FontCache3.0.0.0 - ok
20:37:26.0255 0700 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:37:26.0275 0700 FsDepends - ok
20:37:26.0305 0700 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:37:26.0325 0700 Fs_Rec - ok
20:37:26.0345 0700 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:37:26.0365 0700 fvevol - ok
20:37:26.0385 0700 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
20:37:26.0405 0700 gagp30kx - ok
20:37:26.0475 0700 [ 521A469CAF61F00E1DE081CC2099C1D6 ] GameConsoleService C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
20:37:26.0495 0700 GameConsoleService - ok
20:37:26.0565 0700 [ D201C1F6B0F5E4F202CBCB75D6352E63 ] GDBehave C:\windows\system32\drivers\GDBehave.sys
20:37:26.0585 0700 GDBehave - ok
20:37:26.0685 0700 [ 2922B4D0AA4095797E66D87F08CA4D72 ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
20:37:26.0735 0700 GDFwSvc - ok
20:37:26.0785 0700 [ E1558301938B6CF92F7677224D3FB6F7 ] GDMnIcpt C:\windows\system32\drivers\MiniIcpt.sys
20:37:26.0805 0700 GDMnIcpt - ok
20:37:26.0855 0700 [ F8DBC999A18C49F9BD444BA02C467000 ] GdNetMon C:\windows\system32\drivers\GdNetMon64.sys
20:37:26.0865 0700 GdNetMon - ok
20:37:26.0905 0700 [ 5F1E5EAE8F08B6E2FABE8345E0BDFE48 ] GDPkIcpt C:\windows\system32\drivers\PktIcpt.sys
20:37:26.0925 0700 GDPkIcpt - ok
20:37:26.0995 0700 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
20:37:27.0015 0700 GDScan - ok
20:37:27.0035 0700 [ 4ECBCAD43B7FED6F135BF108BB71434D ] gdwfpcd C:\windows\system32\drivers\gdwfpcd64.sys
20:37:27.0055 0700 gdwfpcd - ok
20:37:27.0075 0700 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:37:27.0095 0700 GEARAspiWDM - ok
20:37:27.0135 0700 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:37:27.0185 0700 gpsvc - ok
20:37:27.0235 0700 [ 187DEBE9127FA90219672A7129700B33 ] GRD C:\windows\system32\drivers\GRD.sys
20:37:27.0245 0700 GRD - ok
20:37:27.0285 0700 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:37:27.0325 0700 hcw85cir - ok
20:37:27.0355 0700 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:37:27.0395 0700 HdAudAddService - ok
20:37:27.0415 0700 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
20:37:27.0445 0700 HDAudBus - ok
20:37:27.0465 0700 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
20:37:27.0505 0700 HidBatt - ok
20:37:27.0525 0700 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
20:37:27.0555 0700 HidBth - ok
20:37:27.0585 0700 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
20:37:27.0615 0700 HidIr - ok
20:37:27.0635 0700 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
20:37:27.0705 0700 hidserv - ok
20:37:27.0745 0700 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:37:27.0765 0700 HidUsb - ok
20:37:27.0795 0700 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:37:27.0855 0700 hkmsvc - ok
20:37:27.0875 0700 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:37:27.0925 0700 HomeGroupListener - ok
20:37:27.0945 0700 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:37:27.0975 0700 HomeGroupProvider - ok
20:37:27.0995 0700 [ 3CD18F0B3681FB267E67763CC3152D4E ] HookCentre C:\windows\system32\drivers\HookCentre.sys
20:37:28.0025 0700 HookCentre - ok
20:37:28.0055 0700 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:37:28.0075 0700 HpSAMD - ok
20:37:28.0115 0700 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:37:28.0175 0700 HTTP - ok
20:37:28.0195 0700 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:37:28.0215 0700 hwpolicy - ok
20:37:28.0245 0700 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
20:37:28.0265 0700 i8042prt - ok
20:37:28.0305 0700 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:37:28.0335 0700 iaStorV - ok
20:37:28.0395 0700 [ 4F8413B0D925164C679FCE772D8AA1EE ] IB Updater C:\Program Files\IB Updater\ExtensionUpdaterService.exe
20:37:28.0415 0700 IB Updater - ok
20:37:28.0465 0700 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:37:28.0505 0700 idsvc - ok
20:37:28.0645 0700 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
20:37:28.0845 0700 igfx - ok
20:37:28.0885 0700 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
20:37:28.0905 0700 iirsp - ok
20:37:28.0945 0700 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:37:29.0015 0700 IKEEXT - ok
20:37:29.0105 0700 [ 65F70696BE5ABC11634FCF96AF7D7896 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:37:29.0175 0700 IntcAzAudAddService - ok
20:37:29.0195 0700 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:37:29.0215 0700 intelide - ok
20:37:29.0255 0700 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
20:37:29.0285 0700 intelppm - ok
20:37:29.0305 0700 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:37:29.0365 0700 IPBusEnum - ok
20:37:29.0375 0700 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:37:29.0435 0700 IpFilterDriver - ok
20:37:29.0465 0700 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:37:29.0525 0700 iphlpsvc - ok
20:37:29.0545 0700 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:37:29.0565 0700 IPMIDRV - ok
20:37:29.0585 0700 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:37:29.0645 0700 IPNAT - ok
20:37:29.0705 0700 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:37:29.0735 0700 iPod Service - ok
20:37:29.0755 0700 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:37:29.0785 0700 IRENUM - ok
20:37:29.0795 0700 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:37:29.0815 0700 isapnp - ok
20:37:29.0845 0700 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:37:29.0865 0700 iScsiPrt - ok
20:37:29.0885 0700 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
20:37:29.0895 0700 kbdclass - ok
20:37:29.0925 0700 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:37:29.0955 0700 kbdhid - ok
20:37:29.0985 0700 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:37:30.0005 0700 KeyIso - ok
20:37:30.0025 0700 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:37:30.0045 0700 KSecDD - ok
20:37:30.0065 0700 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:37:30.0085 0700 KSecPkg - ok
20:37:30.0105 0700 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:37:30.0155 0700 ksthunk - ok
20:37:30.0175 0700 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:37:30.0245 0700 KtmRm - ok
20:37:30.0275 0700 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
20:37:30.0325 0700 LanmanServer - ok
20:37:30.0365 0700 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:37:30.0425 0700 LanmanWorkstation - ok
20:37:30.0455 0700 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:37:30.0505 0700 lltdio - ok
20:37:30.0535 0700 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:37:30.0595 0700 lltdsvc - ok
20:37:30.0625 0700 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:37:30.0675 0700 lmhosts - ok
20:37:30.0705 0700 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
20:37:30.0725 0700 LSI_FC - ok
20:37:30.0765 0700 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
20:37:30.0775 0700 LSI_SAS - ok
20:37:30.0785 0700 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
20:37:30.0805 0700 LSI_SAS2 - ok
20:37:30.0825 0700 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
20:37:30.0845 0700 LSI_SCSI - ok
20:37:30.0855 0700 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:37:30.0915 0700 luafv - ok
20:37:30.0975 0700 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
20:37:30.0995 0700 McComponentHostService - ok
20:37:31.0035 0700 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:37:31.0065 0700 Mcx2Svc - ok
20:37:31.0085 0700 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
20:37:31.0105 0700 megasas - ok
20:37:31.0125 0700 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
20:37:31.0145 0700 MegaSR - ok
20:37:31.0185 0700 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:37:31.0225 0700 MMCSS - ok
20:37:31.0245 0700 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:37:31.0296 0700 Modem - ok
20:37:31.0316 0700 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:37:31.0346 0700 monitor - ok
20:37:31.0366 0700 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:37:31.0386 0700 mouclass - ok
20:37:31.0426 0700 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:37:31.0446 0700 mouhid - ok
20:37:31.0466 0700 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:37:31.0476 0700 mountmgr - ok
20:37:31.0526 0700 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:37:31.0566 0700 MozillaMaintenance - ok
20:37:31.0586 0700 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:37:31.0606 0700 mpio - ok
20:37:31.0626 0700 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:37:31.0666 0700 mpsdrv - ok
20:37:31.0706 0700 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
20:37:31.0766 0700 MpsSvc - ok
20:37:31.0786 0700 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:37:31.0826 0700 MRxDAV - ok
20:37:31.0846 0700 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:37:31.0896 0700 mrxsmb - ok
20:37:31.0926 0700 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:37:31.0956 0700 mrxsmb10 - ok
20:37:31.0976 0700 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:37:31.0996 0700 mrxsmb20 - ok
20:37:32.0016 0700 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:37:32.0036 0700 msahci - ok
20:37:32.0056 0700 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:37:32.0076 0700 msdsm - ok
20:37:32.0086 0700 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:37:32.0126 0700 MSDTC - ok
20:37:32.0146 0700 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:37:32.0196 0700 Msfs - ok
20:37:32.0216 0700 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:37:32.0266 0700 mshidkmdf - ok
20:37:32.0286 0700 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:37:32.0306 0700 msisadrv - ok
20:37:32.0336 0700 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:37:32.0386 0700 MSiSCSI - ok
20:37:32.0396 0700 msiserver - ok
20:37:32.0416 0700 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:37:32.0476 0700 MSKSSRV - ok
20:37:32.0486 0700 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:37:32.0536 0700 MSPCLOCK - ok
20:37:32.0556 0700 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:37:32.0606 0700 MSPQM - ok
20:37:32.0626 0700 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:37:32.0646 0700 MsRPC - ok
20:37:32.0686 0700 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
20:37:32.0696 0700 mssmbios - ok
20:37:32.0716 0700 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:37:32.0766 0700 MSTEE - ok
20:37:32.0786 0700 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
20:37:32.0816 0700 MTConfig - ok
20:37:32.0836 0700 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:37:32.0856 0700 Mup - ok
20:37:32.0896 0700 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:37:32.0956 0700 napagent - ok
20:37:32.0996 0700 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:37:33.0036 0700 NativeWifiP - ok
20:37:33.0066 0700 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\windows\system32\drivers\ndis.sys
20:37:33.0096 0700 NDIS - ok
20:37:33.0126 0700 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:37:33.0186 0700 NdisCap - ok
20:37:33.0206 0700 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:37:33.0246 0700 NdisTapi - ok
20:37:33.0276 0700 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:37:33.0323 0700 Ndisuio - ok
20:37:33.0343 0700 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:37:33.0403 0700 NdisWan - ok
20:37:33.0433 0700 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:37:33.0473 0700 NDProxy - ok
20:37:33.0493 0700 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:37:33.0543 0700 NetBIOS - ok
20:37:33.0563 0700 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:37:33.0623 0700 NetBT - ok
20:37:33.0643 0700 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:37:33.0663 0700 Netlogon - ok
20:37:33.0703 0700 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:37:33.0753 0700 Netman - ok
20:37:33.0773 0700 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:37:33.0833 0700 netprofm - ok
20:37:33.0853 0700 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:37:33.0873 0700 NetTcpPortSharing - ok
20:37:33.0913 0700 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
20:37:33.0933 0700 nfrd960 - ok
20:37:33.0963 0700 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
20:37:34.0023 0700 NlaSvc - ok
20:37:34.0093 0700 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:37:34.0153 0700 NOBU - ok
20:37:34.0173 0700 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:37:34.0213 0700 Npfs - ok
20:37:34.0233 0700 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:37:34.0283 0700 nsi - ok
20:37:34.0313 0700 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:37:34.0363 0700 nsiproxy - ok
20:37:34.0413 0700 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:37:34.0463 0700 Ntfs - ok
20:37:34.0483 0700 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:37:34.0533 0700 Null - ok
20:37:34.0563 0700 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:37:34.0583 0700 nvraid - ok
20:37:34.0613 0700 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:37:34.0633 0700 nvstor - ok
20:37:34.0663 0700 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:37:34.0683 0700 nv_agp - ok
20:37:34.0693 0700 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:37:34.0723 0700 ohci1394 - ok
20:37:34.0813 0700 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:37:34.0833 0700 ose - ok
20:37:35.0093 0700 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:37:35.0263 0700 osppsvc - ok
20:37:35.0373 0700 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:37:35.0424 0700 p2pimsvc - ok
20:37:35.0455 0700 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:37:35.0487 0700 p2psvc - ok
20:37:35.0522 0700 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
20:37:35.0552 0700 Parport - ok
20:37:35.0572 0700 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:37:35.0592 0700 partmgr - ok
20:37:35.0612 0700 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:37:35.0652 0700 PcaSvc - ok
20:37:35.0672 0700 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:37:35.0702 0700 pci - ok
20:37:35.0732 0700 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
20:37:35.0752 0700 pciide - ok
20:37:35.0792 0700 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
20:37:35.0822 0700 pcmcia - ok
20:37:35.0842 0700 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:37:35.0862 0700 pcw - ok
20:37:35.0892 0700 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:37:35.0982 0700 PEAUTH - ok
20:37:36.0092 0700 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:37:36.0112 0700 PerfHost - ok
20:37:36.0172 0700 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:37:36.0252 0700 pla - ok
20:37:36.0373 0700 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:37:36.0423 0700 PlugPlay - ok
20:37:36.0453 0700 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:37:36.0483 0700 PNRPAutoReg - ok
20:37:36.0493 0700 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:37:36.0513 0700 PNRPsvc - ok
20:37:36.0543 0700 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:37:36.0613 0700 PolicyAgent - ok
20:37:36.0633 0700 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:37:36.0693 0700 Power - ok
20:37:36.0743 0700 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:37:36.0783 0700 PptpMiniport - ok
20:37:36.0793 0700 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
20:37:36.0833 0700 Processor - ok
20:37:36.0873 0700 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
20:37:36.0913 0700 ProfSvc - ok
20:37:36.0933 0700 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:37:36.0943 0700 ProtectedStorage - ok
20:37:36.0973 0700 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:37:37.0023 0700 Psched - ok
20:37:37.0073 0700 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
20:37:37.0123 0700 ql2300 - ok
20:37:37.0143 0700 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
20:37:37.0163 0700 ql40xx - ok
20:37:37.0193 0700 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:37:37.0213 0700 QWAVE - ok
20:37:37.0233 0700 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:37:37.0263 0700 QWAVEdrv - ok
20:37:37.0283 0700 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:37:37.0323 0700 RasAcd - ok
20:37:37.0353 0700 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:37:37.0413 0700 RasAgileVpn - ok
20:37:37.0443 0700 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:37:37.0493 0700 RasAuto - ok
20:37:37.0513 0700 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:37:37.0563 0700 Rasl2tp - ok
20:37:37.0589 0700 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:37:37.0636 0700 RasMan - ok
20:37:37.0636 0700 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:37:37.0697 0700 RasPppoe - ok
20:37:37.0727 0700 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:37:37.0767 0700 RasSstp - ok
20:37:37.0787 0700 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:37:37.0847 0700 rdbss - ok
20:37:37.0867 0700 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
20:37:37.0897 0700 rdpbus - ok
20:37:37.0927 0700 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:37:37.0987 0700 RDPCDD - ok
20:37:38.0007 0700 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:37:38.0067 0700 RDPENCDD - ok
20:37:38.0087 0700 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:37:38.0137 0700 RDPREFMP - ok
20:37:38.0177 0700 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:37:38.0227 0700 RDPWD - ok
20:37:38.0247 0700 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:37:38.0267 0700 rdyboost - ok
20:37:38.0287 0700 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:37:38.0337 0700 RemoteAccess - ok
20:37:38.0377 0700 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:37:38.0437 0700 RemoteRegistry - ok
20:37:38.0477 0700 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
20:37:38.0517 0700 RFCOMM - ok
20:37:38.0587 0700 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:37:38.0617 0700 RichVideo ( UnsignedFile.Multi.Generic ) - warning
20:37:38.0617 0700 RichVideo - detected UnsignedFile.Multi.Generic (1)
20:37:38.0657 0700 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:37:38.0717 0700 RpcEptMapper - ok
20:37:38.0737 0700 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:37:38.0757 0700 RpcLocator - ok
20:37:38.0777 0700 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
20:37:38.0827 0700 RpcSs - ok
20:37:38.0867 0700 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:37:38.0987 0700 rspndr - ok
20:37:39.0047 0700 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
20:37:39.0067 0700 RTL8167 - ok
20:37:39.0147 0700 [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport C:\windows\SysWOW64\drivers\rtport.sys
20:37:39.0167 0700 rtport - ok
20:37:39.0197 0700 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:\windows\system32\Drivers\SABI.sys
20:37:39.0237 0700 SABI - ok
20:37:39.0257 0700 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:37:39.0277 0700 SamSs - ok
20:37:39.0317 0700 [ D641337B75B9A9D5AE10687AA1097755 ] Samsung UPD Service C:\windows\System32\SUPDSvc.exe
20:37:39.0337 0700 Samsung UPD Service - ok
20:37:39.0367 0700 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:37:39.0387 0700 sbp2port - ok
20:37:39.0407 0700 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:37:39.0477 0700 SCardSvr - ok
20:37:39.0497 0700 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:37:39.0547 0700 scfilter - ok
20:37:39.0577 0700 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:37:39.0677 0700 Schedule - ok
20:37:39.0707 0700 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:37:39.0752 0700 SCPolicySvc - ok
20:37:39.0784 0700 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
20:37:39.0830 0700 sdbus - ok
20:37:39.0870 0700 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:37:39.0920 0700 SDRSVC - ok
20:37:39.0990 0700 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:37:40.0010 0700 SeaPort - ok
20:37:40.0050 0700 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:37:40.0110 0700 secdrv - ok
20:37:40.0140 0700 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:37:40.0200 0700 seclogon - ok
20:37:40.0220 0700 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
20:37:40.0280 0700 SENS - ok
20:37:40.0320 0700 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:37:40.0350 0700 SensrSvc - ok
20:37:40.0380 0700 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
20:37:40.0400 0700 Serenum - ok
20:37:40.0430 0700 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
20:37:40.0460 0700 Serial - ok
20:37:40.0480 0700 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
20:37:40.0510 0700 sermouse - ok
20:37:40.0550 0700 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:37:40.0590 0700 SessionEnv - ok
20:37:40.0610 0700 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:37:40.0630 0700 sffdisk - ok
20:37:40.0640 0700 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:37:40.0670 0700 sffp_mmc - ok
20:37:40.0690 0700 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:37:40.0720 0700 sffp_sd - ok
20:37:40.0740 0700 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
20:37:40.0770 0700 sfloppy - ok
20:37:40.0810 0700 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
20:37:40.0840 0700 Sftfs - ok
20:37:40.0900 0700 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:37:40.0920 0700 sftlist - ok
20:37:40.0940 0700 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
20:37:40.0960 0700 Sftplay - ok
20:37:40.0990 0700 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
20:37:41.0000 0700 Sftredir - ok
20:37:41.0020 0700 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
20:37:41.0030 0700 Sftvol - ok
20:37:41.0060 0700 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:37:41.0070 0700 sftvsa - ok
20:37:41.0110 0700 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
20:37:41.0170 0700 SharedAccess - ok
20:37:41.0190 0700 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:37:41.0250 0700 ShellHWDetection - ok
20:37:41.0270 0700 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
20:37:41.0290 0700 SiSRaid2 - ok
20:37:41.0330 0700 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
20:37:41.0350 0700 SiSRaid4 - ok
20:37:41.0390 0700 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:37:41.0400 0700 SkypeUpdate - ok
20:37:41.0420 0700 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:37:41.0480 0700 Smb - ok
20:37:41.0520 0700 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:37:41.0550 0700 SNMPTRAP - ok
20:37:41.0570 0700 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:37:41.0580 0700 spldr - ok
20:37:41.0610 0700 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
20:37:41.0660 0700 Spooler - ok
20:37:41.0750 0700 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:37:41.0850 0700 sppsvc - ok
20:37:41.0870 0700 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:37:41.0910 0700 sppuinotify - ok
20:37:41.0952 0700 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:37:41.0998 0700 srv - ok
20:37:42.0018 0700 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:37:42.0048 0700 srv2 - ok
20:37:42.0078 0700 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:37:42.0108 0700 srvnet - ok
20:37:42.0148 0700 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:37:42.0188 0700 SSDPSRV - ok
20:37:42.0198 0700 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:37:42.0248 0700 SstpSvc - ok
20:37:42.0278 0700 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
20:37:42.0298 0700 stexstor - ok
20:37:42.0328 0700 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
20:37:42.0348 0700 StillCam - ok
20:37:42.0398 0700 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:37:42.0438 0700 stisvc - ok
20:37:42.0458 0700 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
20:37:42.0468 0700 swenum - ok
20:37:42.0498 0700 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:37:42.0558 0700 swprv - ok
20:37:42.0598 0700 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:37:42.0658 0700 SysMain - ok
20:37:42.0688 0700 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:37:42.0718 0700 TabletInputService - ok
20:37:42.0738 0700 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:37:42.0798 0700 TapiSrv - ok
20:37:42.0818 0700 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:37:42.0878 0700 TBS - ok
20:37:42.0938 0700 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:37:42.0998 0700 Tcpip - ok
20:37:43.0028 0700 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:37:43.0078 0700 TCPIP6 - ok
20:37:43.0108 0700 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:37:43.0158 0700 tcpipreg - ok
20:37:43.0178 0700 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:37:43.0228 0700 TDPIPE - ok
20:37:43.0258 0700 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:37:43.0278 0700 TDTCP - ok
20:37:43.0308 0700 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:37:43.0358 0700 tdx - ok
20:37:43.0378 0700 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
20:37:43.0388 0700 TermDD - ok
20:37:43.0418 0700 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:37:43.0478 0700 TermService - ok
20:37:43.0488 0700 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:37:43.0528 0700 Themes - ok
20:37:43.0538 0700 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:37:43.0578 0700 THREADORDER - ok
20:37:43.0598 0700 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:37:43.0648 0700 TrkWks - ok
20:37:43.0708 0700 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:37:43.0748 0700 TrustedInstaller - ok
20:37:43.0768 0700 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:37:43.0808 0700 tssecsrv - ok
20:37:43.0838 0700 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:37:43.0868 0700 TsUsbFlt - ok
20:37:43.0898 0700 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
20:37:43.0928 0700 TsUsbGD - ok
20:37:43.0958 0700 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:37:44.0008 0700 tunnel - ok
20:37:44.0018 0700 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
20:37:44.0038 0700 uagp35 - ok
20:37:44.0058 0700 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:37:44.0128 0700 udfs - ok
20:37:44.0158 0700 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:37:44.0178 0700 UI0Detect - ok
20:37:44.0218 0700 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:37:44.0238 0700 uliagpkx - ok
20:37:44.0278 0700 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:37:44.0308 0700 umbus - ok
20:37:44.0328 0700 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
20:37:44.0358 0700 UmPass - ok
20:37:44.0398 0700 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:37:44.0448 0700 upnphost - ok
20:37:44.0488 0700 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
20:37:44.0518 0700 USBAAPL64 - ok
20:37:44.0568 0700 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:37:44.0598 0700 usbccgp - ok
20:37:44.0638 0700 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:37:44.0678 0700 usbcir - ok
20:37:44.0688 0700 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:37:44.0708 0700 usbehci - ok
20:37:44.0738 0700 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:37:44.0778 0700 usbhub - ok
20:37:44.0798 0700 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
20:37:44.0828 0700 usbohci - ok
20:37:44.0868 0700 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
20:37:44.0898 0700 usbprint - ok
20:37:44.0908 0700 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:37:44.0958 0700 USBSTOR - ok
20:37:44.0978 0700 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:37:44.0998 0700 usbuhci - ok
20:37:45.0048 0700 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
20:37:45.0088 0700 usbvideo - ok
20:37:45.0128 0700 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:37:45.0178 0700 UxSms - ok
20:37:45.0198 0700 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:37:45.0208 0700 VaultSvc - ok
20:37:45.0248 0700 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:37:45.0268 0700 vdrvroot - ok
20:37:45.0298 0700 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:37:45.0358 0700 vds - ok
20:37:45.0378 0700 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:37:45.0398 0700 vga - ok
20:37:45.0418 0700 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:37:45.0478 0700 VgaSave - ok
20:37:45.0498 0700 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:37:45.0518 0700 vhdmp - ok
20:37:45.0548 0700 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:37:45.0558 0700 viaide - ok
20:37:45.0578 0700 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:37:45.0598 0700 volmgr - ok
20:37:45.0608 0700 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:37:45.0628 0700 volmgrx - ok
20:37:45.0648 0700 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
20:37:45.0668 0700 volsnap - ok
20:37:45.0708 0700 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
20:37:45.0728 0700 vsmraid - ok
20:37:45.0778 0700 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:37:45.0868 0700 VSS - ok
20:37:45.0888 0700 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:37:45.0928 0700 vwifibus - ok
20:37:45.0948 0700 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:37:45.0978 0700 vwififlt - ok
20:37:46.0008 0700 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:37:46.0068 0700 W32Time - ok
20:37:46.0098 0700 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
20:37:46.0128 0700 WacomPen - ok
20:37:46.0158 0700 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:37:46.0218 0700 WANARP - ok
20:37:46.0218 0700 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:37:46.0258 0700 Wanarpv6 - ok
20:37:46.0299 0700 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:37:46.0379 0700 wbengine - ok
20:37:46.0389 0700 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:37:46.0419 0700 WbioSrvc - ok
20:37:46.0419 0700 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:37:46.0459 0700 wcncsvc - ok
20:37:46.0469 0700 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:37:46.0511 0700 WcsPlugInService - ok
20:37:46.0542 0700 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
20:37:46.0573 0700 Wd - ok
20:37:46.0589 0700 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:37:46.0620 0700 Wdf01000 - ok
20:37:46.0635 0700 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:37:46.0737 0700 WdiServiceHost - ok
20:37:46.0737 0700 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:37:46.0757 0700 WdiSystemHost - ok
20:37:46.0787 0700 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:37:46.0817 0700 WebClient - ok
20:37:46.0847 0700 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:37:46.0907 0700 Wecsvc - ok
20:37:46.0927 0700 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:37:46.0967 0700 wercplsupport - ok
20:37:46.0997 0700 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:37:47.0057 0700 WerSvc - ok
20:37:47.0077 0700 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:37:47.0117 0700 WfpLwf - ok
20:37:47.0147 0700 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:37:47.0167 0700 WIMMount - ok
20:37:47.0187 0700 WinDefend - ok
20:37:47.0187 0700 WinHttpAutoProxySvc - ok
20:37:47.0237 0700 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:37:47.0307 0700 Winmgmt - ok
20:37:47.0377 0700 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:37:47.0457 0700 WinRM - ok
20:37:47.0507 0700 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
20:37:47.0527 0700 WinUsb - ok
20:37:47.0577 0700 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:37:47.0617 0700 Wlansvc - ok
20:37:47.0647 0700 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:37:47.0667 0700 wlcrasvc - ok
20:37:47.0747 0700 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:37:47.0807 0700 wlidsvc - ok
20:37:47.0817 0700 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:37:47.0857 0700 WmiAcpi - ok
20:37:47.0887 0700 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:37:47.0917 0700 wmiApSrv - ok
20:37:47.0947 0700 WMPNetworkSvc - ok
20:37:47.0987 0700 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:37:48.0017 0700 WPCSvc - ok
20:37:48.0027 0700 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:37:48.0057 0700 WPDBusEnum - ok
20:37:48.0077 0700 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:37:48.0127 0700 ws2ifsl - ok
20:37:48.0137 0700 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
20:37:48.0187 0700 wscsvc - ok
20:37:48.0187 0700 WSearch - ok
20:37:48.0257 0700 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
20:37:48.0347 0700 wuauserv - ok
20:37:48.0357 0700 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:37:48.0407 0700 WudfPf - ok
20:37:48.0457 0700 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:37:48.0507 0700 WUDFRd - ok
20:37:48.0537 0700 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:37:48.0577 0700 wudfsvc - ok
20:37:48.0597 0700 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:37:48.0627 0700 WwanSvc - ok
20:37:48.0677 0700 ================ Scan global ===============================
20:37:48.0707 0700 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:37:48.0737 0700 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
20:37:48.0752 0700 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
20:37:48.0783 0700 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:37:48.0815 0700 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
20:37:48.0815 0700 [Global] - ok
20:37:48.0815 0700 ================ Scan MBR ==================================
20:37:48.0830 0700 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
20:37:49.0160 0700 \Device\Harddisk0\DR0 - ok
20:37:49.0160 0700 ================ Scan VBR ==================================
20:37:49.0160 0700 [ BB38EEC56DC0B07378DC81F6AB87771B ] \Device\Harddisk0\DR0\Partition1
20:37:49.0160 0700 \Device\Harddisk0\DR0\Partition1 - ok
20:37:49.0190 0700 [ DB115299BC0FF95F9EF0BF600398E530 ] \Device\Harddisk0\DR0\Partition2
20:37:49.0200 0700 \Device\Harddisk0\DR0\Partition2 - ok
20:37:49.0210 0700 [ 20083D42CC9A2D6E627AA99342B0268C ] \Device\Harddisk0\DR0\Partition3
20:37:49.0220 0700 \Device\Harddisk0\DR0\Partition3 - ok
20:37:49.0220 0700 ============================================================
20:37:49.0220 0700 Scan finished
20:37:49.0220 0700 ============================================================
20:37:49.0230 2704 Detected object count: 1
20:37:49.0230 2704 Actual detected object count: 1
20:38:20.0386 2704 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
20:38:20.0386 2704 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:42:23.0822 5240 Deinitialize success


Viele Grüße

Alt 16.12.2012, 20:02   #12
markusg
/// Malware-holic
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



hi
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.12.2012, 20:24   #13
P@trick1980
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Wenn ich Combofix ausführen möchte, sagt er mir dass mir ein entsprechendes Programm zur Ausführung fehlt.

Alt 16.12.2012, 20:28   #14
markusg
/// Malware-holic
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Was heißt entsprechend, bitte schreib mir die Meldung auf, sonst kann ich nur wenig damit anfangen :-)
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.12.2012, 20:35   #15
P@trick1980
 
Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Standard

Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!



Stimmt, hast Recht.

Also, da steht in einer Meldung mit einem rot eingerahmten x folgendes:

Der Datei ist kein Programm zum Ausführen dieser Aktion zugeordnet. Installieren Sie ein entsprechendes Programm, oder erstellen Sie in der Systemsteuerung unter "Standardprogramme" eine Zuordnung, wenn bereits ein Programm installiert ist.

Antwort

Themen zu Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!
48 stunden, ahnung, ansehen, bildschirm, computer, dankeschön, entdeck, entdeckt, erwischt, forum, geschlossen, gesperrt, google, großes, hinweis, laptop, schonmal, schwarz, seite, seiten, starte, strafanzeige, stunden, trick, video, wirklich, zahlungsaufforderung



Ähnliche Themen: Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!


  1. Internetseite öffnete sich "Bundespolizei 100 Euro Strafe innerhalb 48 Stunden sonst Laptop gesperrt "
    Plagegeister aller Art und deren Bekämpfung - 16.02.2015 (5)
  2. GUV Trojaner - Zahlungsaufforderung - Pc gesperrt
    Log-Analyse und Auswertung - 29.09.2012 (24)
  3. PC gesperrt, Zahlungsaufforderung Suisa Schweizerische Eidgenossenschaft, Trojaner
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (7)
  4. Windows gesperrt! Zahlungsaufforderung
    Log-Analyse und Auswertung - 02.05.2012 (5)
  5. 100€ bezahlen sonst wird der Computer gesperrt,etc
    Plagegeister aller Art und deren Bekämpfung - 16.04.2012 (15)
  6. (2x) virus- betriebssystem gesperrt mit zahlungsaufforderung...
    Mülltonne - 11.04.2012 (1)
  7. Windows gesperrt Zahlungsaufforderung von 100 Euro
    Log-Analyse und Auswertung - 01.04.2012 (1)
  8. Windows gesperrt! Zahlungsaufforderung
    Log-Analyse und Auswertung - 30.03.2012 (7)
  9. Windowssystem gesperrt - Zahlungsaufforderung!
    Log-Analyse und Auswertung - 23.03.2012 (15)
  10. Windows gesperrt, Zahlungsaufforderung 50 Euro
    Log-Analyse und Auswertung - 22.03.2012 (14)
  11. Windows ist gefährdet und ich soll bezahlen sonst wird windwos gesperrt
    Log-Analyse und Auswertung - 28.02.2012 (22)
  12. Windows gesperrt, Zahlungsaufforderung
    Log-Analyse und Auswertung - 08.02.2012 (18)
  13. Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (7)
  14. Windows gesperrt! Zahlungsaufforderung
    Log-Analyse und Auswertung - 27.12.2011 (5)
  15. Windows7 gesperrt mit Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 21.12.2011 (31)
  16. Windows gesperrt, Zahlungsaufforderung
    Log-Analyse und Auswertung - 17.12.2011 (3)
  17. Windows mit Zahlungsaufforderung gesperrt!
    Log-Analyse und Auswertung - 14.11.2011 (22)

Zum Thema Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! - Hallo liebe Helfer, zunächst schonmal ein großes Dankeschön, dass es so etwas hier gibt, das weiß ich sehr zu schätzen, denn ich habe absolut keine Ahnung von Computern. Ich bin - Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige!...
Archiv
Du betrachtest: Laptop gesperrt, Zahlungsaufforderung - sonst Strafanzeige! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.