Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Fund mit Desinfec't

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.01.2013, 22:03   #1
TobseBeck
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Hallo zusammen,

bei einem Scan mit Desinfec't hat es bei mir ein paar Funde gegeben:
/media/VistaOS/Program Files/RAR Password Recovery Magic/RarRecover.exe
Trojan.Dropper-26189
/media/VistaOS/Windows/winsxs/x86_microsoft-windows-activexproxy_31bf3856ad364e35_6.1.7600.16385_none_11e489934b9dec07/actxprxy.dll
Win.Trojan.Agent-114869
/media/VistaOS/Program Files/ASUS/NB Probe/SPM/spmgr.exe
Win.Trojan.Zbot-3220
/media/VistaOS/Users/Tobias/AppData/Local/Temp/7zOB74D.tmp/kg.exe
Trojan.Generic.4197071

Könnt ihr mir bitte weiterhelfen?
Anbei die Logs

Danke schonmal für die Mühe!
Gruß
Tobias
Angehängte Dateien
Dateityp: txt OTL_Teil1.Txt (61,2 KB, 172x aufgerufen)
Dateityp: txt OTL_Teil2.Txt (54,3 KB, 180x aufgerufen)
Dateityp: txt Extras.Txt (83,9 KB, 197x aufgerufen)
Dateityp: log gmer.log (18,7 KB, 182x aufgerufen)

Alt 23.01.2013, 17:36   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 24.01.2013, 00:17   #3
TobseBeck
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Hallo cosinus,

erstmal danke dass du mir meiner annimmst!
(und sorry dass ich die anderen Logs falsch gepostet hab)

Die Logs vom Desinfec't hab ich leider nicht gesichert.
Von Avira was ich auf dem Rechner habe wollte ich die Funde exportieren avira blinkt dann ein bisschen rum und das war's. Oder legt Avira die in einem Ordner standardmäßig ab?
Falls nicht kann ich zumindest kurz beschreiben was gefunden wurde:
Hab nen USB-Stick mit Fotos zurückbekommen und beim Einlegen hat a.) Avira (zum Glück) den Autostart blockiert und b.) 'W32/Sality.AT' darauf gemeldet, worauf ich den Stick formatiert hab. (wurde also nichts ausgeführt).
Sind 5 Funde im Ereignis-Log mit diesem Virus.
Sonst habe ich nichts

Gruß
Tobias
__________________

Alt 24.01.2013, 10:04   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Zitat:
Sind 5 Funde im Ereignis-Log mit diesem Virus.
Funktioniert das wirklich nicht mit Avira?

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.01.2013, 11:49   #5
TobseBeck
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Funktioniert wirklich nicht...
Nachdem du mir im vorigen Post den Link dazu gegeben hast, wollte ich den Log streng nach Anleitung durchführen. Ergebnis war, dass nach Export (egal wie: durch Klick auf Button, Rechtsklick-Menü oder F3) das Avira-Fenster ein paar Mal geblinkt hat und das war dann auch die einzige Reaktion dies es von sich gegeben hat.

Gruß
Tobias


Alt 24.01.2013, 11:50   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
--> Fund mit Desinfec't

Alt 24.01.2013, 20:38   #7
TobseBeck
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Hallo cosinus,

also CleanUp-Button und Neustart kam nicht...
Hier das Log:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.24.10

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Tobias :: TOBIAS-PC [administrator]

24.01.2013 20:20:38
mbar-log-2013-01-24 (20-20-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 27942
Time elapsed: 15 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Gruß
Tobias

Alt 24.01.2013, 22:45   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.01.2013, 23:52   #9
TobseBeck
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



aswMBR.txt:
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-24 23:21:27
-----------------------------
23:21:27.100    OS Version: Windows 6.1.7601 Service Pack 1
23:21:27.100    Number of processors: 2 586 0x1706
23:21:27.103    ComputerName: TOBIAS-PC  UserName: Tobias
23:21:30.582    Initialize success
23:23:37.775    AVAST engine defs: 13012401
23:23:49.238    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:23:49.241    Disk 0 Vendor: ST925032 0303 Size: 238475MB BusType: 3
23:23:49.243    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
23:23:49.247    Disk 1 Vendor: ST925032 0303 Size: 238475MB BusType: 3
23:23:49.276    Disk 0 MBR read successfully
23:23:49.279    Disk 0 MBR scan
23:23:49.285    Disk 0 unknown MBR code
23:23:49.297    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    12001 MB offset 63
23:23:49.310    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       206471 MB offset 24579450
23:23:49.317    Disk 0 Partition - 00     05     Extended             20001 MB offset 447434750
23:23:49.367    Disk 0 Partition 3 00     83        Linux             15905 MB offset 447434752
23:23:49.374    Disk 0 Partition - 00     05     Extended              4096 MB offset 480008192
23:23:49.425    Disk 0 scanning sectors +488396800
23:23:49.550    Disk 0 scanning C:\Windows\system32\drivers
23:24:07.354    Service scanning
23:24:39.868    Modules scanning
23:24:50.508    Disk 0 trace - called modules:
23:24:50.526    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys 
23:24:50.532    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f23618]
23:24:50.539    3 CLASSPNP.SYS[8bbab59e] -> nt!IofCallDriver -> [0x86130900]
23:24:50.546    5 ACPI.sys[8b4c23d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86145028]
23:24:51.545    AVAST engine scan C:\Windows
23:24:55.819    AVAST engine scan C:\Windows\system32
23:28:30.251    AVAST engine scan C:\Windows\system32\drivers
23:28:50.527    AVAST engine scan C:\Users\Tobias
23:35:55.883    AVAST engine scan C:\ProgramData
23:41:23.619    Scan finished successfully
23:45:44.646    Disk 0 MBR has been saved successfully to "C:\Users\Tobias\Desktop\MBR.dat"
23:45:44.653    The log file has been saved successfully to "C:\Users\Tobias\Desktop\aswMBR.txt"
         
und hier das Log von TDSSKiller:
Code:
ATTFilter
23:46:49.0616 15680  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:46:49.0975 15680  ============================================================
23:46:49.0975 15680  Current date / time: 2013/01/24 23:46:49.0975
23:46:49.0975 15680  SystemInfo:
23:46:49.0975 15680  
23:46:49.0976 15680  OS Version: 6.1.7601 ServicePack: 1.0
23:46:49.0976 15680  Product type: Workstation
23:46:49.0976 15680  ComputerName: TOBIAS-PC
23:46:49.0976 15680  UserName: Tobias
23:46:49.0976 15680  Windows directory: C:\Windows
23:46:49.0976 15680  System windows directory: C:\Windows
23:46:49.0976 15680  Processor architecture: Intel x86
23:46:49.0976 15680  Number of processors: 2
23:46:49.0976 15680  Page size: 0x1000
23:46:49.0976 15680  Boot type: Normal boot
23:46:49.0976 15680  ============================================================
23:46:53.0422 15680  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:46:53.0654 15680  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x764A9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
23:46:53.0656 15680  ============================================================
23:46:53.0656 15680  \Device\Harddisk0\DR0:
23:46:53.0656 15680  MBR partitions:
23:46:53.0656 15680  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770D7A, BlocksNum 0x19343B60
23:46:53.0712 15680  \Device\Harddisk1\DR1:
23:46:53.0712 15680  MBR partitions:
23:46:53.0712 15680  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
23:46:53.0712 15680  ============================================================
23:46:53.0782 15680  C: <-> \Device\Harddisk0\DR0\Partition1
23:46:53.0800 15680  D: <-> \Device\Harddisk1\DR1\Partition1
23:46:53.0800 15680  ============================================================
23:46:53.0800 15680  Initialize success
23:46:53.0800 15680  ============================================================
23:47:10.0590 13588  ============================================================
23:47:10.0590 13588  Scan started
23:47:10.0591 13588  Mode: Manual; SigCheck; TDLFS; 
23:47:10.0591 13588  ============================================================
23:47:11.0072 13588  ================ Scan system memory ========================
23:47:11.0073 13588  System memory - ok
23:47:11.0073 13588  ================ Scan services =============================
23:47:11.0222 13588  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:47:11.0376 13588  1394ohci - ok
23:47:11.0411 13588  [ BEB5E6A8C17C3C7485563281E0F9E77E ] 61883           C:\Windows\system32\DRIVERS\61883.sys
23:47:11.0469 13588  61883 - ok
23:47:11.0517 13588  [ 553BA53445795CBC0D4F9FA37EB855A6 ] acedrv10        C:\Windows\system32\drivers\acedrv10.sys
23:47:11.0546 13588  acedrv10 - ok
23:47:11.0561 13588  [ 8CE00B6A46962A1808B19CD1DAE5170C ] acehlp10        C:\Windows\system32\drivers\acehlp10.sys
23:47:11.0576 13588  acehlp10 - ok
23:47:11.0599 13588  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:47:11.0617 13588  ACPI - ok
23:47:11.0643 13588  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:47:11.0681 13588  AcpiPmi - ok
23:47:11.0722 13588  Adobe Licensing Console - ok
23:47:11.0836 13588  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:47:11.0849 13588  AdobeARMservice - ok
23:47:11.0949 13588  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:47:11.0964 13588  AdobeFlashPlayerUpdateSvc - ok
23:47:12.0044 13588  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:47:12.0066 13588  adp94xx - ok
23:47:12.0081 13588  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:47:12.0100 13588  adpahci - ok
23:47:12.0121 13588  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:47:12.0136 13588  adpu320 - ok
23:47:12.0212 13588  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:47:12.0427 13588  AeLookupSvc - ok
23:47:12.0510 13588  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
23:47:12.0567 13588  AFD - ok
23:47:12.0677 13588  [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
23:47:12.0776 13588  AgereSoftModem - ok
23:47:12.0808 13588  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
23:47:12.0821 13588  agp440 - ok
23:47:12.0891 13588  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
23:47:12.0904 13588  aic78xx - ok
23:47:12.0975 13588  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
23:47:13.0040 13588  ALG - ok
23:47:13.0061 13588  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:47:13.0074 13588  aliide - ok
23:47:13.0084 13588  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:47:13.0098 13588  amdagp - ok
23:47:13.0111 13588  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:47:13.0131 13588  amdide - ok
23:47:13.0189 13588  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:47:13.0247 13588  AmdK8 - ok
23:47:13.0276 13588  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:47:13.0312 13588  AmdPPM - ok
23:47:13.0351 13588  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:47:13.0365 13588  amdsata - ok
23:47:13.0388 13588  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:47:13.0405 13588  amdsbs - ok
23:47:13.0416 13588  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:47:13.0430 13588  amdxata - ok
23:47:13.0471 13588  [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
23:47:13.0536 13588  androidusb - ok
23:47:13.0636 13588  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:47:13.0648 13588  AntiVirSchedulerService - ok
23:47:13.0669 13588  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:47:13.0680 13588  AntiVirService - ok
23:47:13.0715 13588  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
23:47:13.0759 13588  AppID - ok
23:47:13.0835 13588  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:47:13.0881 13588  AppIDSvc - ok
23:47:13.0909 13588  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
23:47:13.0946 13588  Appinfo - ok
23:47:14.0025 13588  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:47:14.0039 13588  arc - ok
23:47:14.0048 13588  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:47:14.0062 13588  arcsas - ok
23:47:14.0204 13588  [ 5A055A4777CBBC8845DD598CB2EEBF69 ] ASLDRService    C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
23:47:14.0226 13588  ASLDRService ( UnsignedFile.Multi.Generic ) - warning
23:47:14.0226 13588  ASLDRService - detected UnsignedFile.Multi.Generic (1)
23:47:14.0267 13588  [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP          C:\Program Files\ATKGFNEX\ASMMAP.sys
23:47:14.0277 13588  ASMMAP - ok
23:47:14.0286 13588  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:47:14.0402 13588  AsyncMac - ok
23:47:14.0446 13588  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
23:47:14.0459 13588  atapi - ok
23:47:14.0538 13588  [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr            C:\Windows\system32\DRIVERS\athr.sys
23:47:14.0607 13588  athr - ok
23:47:14.0642 13588  [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
23:47:14.0678 13588  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
23:47:14.0678 13588  ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
23:47:14.0742 13588  [ F70D2392158CB68E775F8C4CD3D12FBB ] ATSWPDRV        C:\Windows\system32\DRIVERS\ATSwpDrv.sys
23:47:14.0756 13588  ATSWPDRV - ok
23:47:14.0822 13588  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:47:14.0871 13588  AudioEndpointBuilder - ok
23:47:14.0880 13588  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:47:14.0908 13588  Audiosrv - ok
23:47:14.0942 13588  [ C44BDD77E06053CF5AFE046F3A47C16B ] Avc             C:\Windows\system32\DRIVERS\avc.sys
23:47:14.0974 13588  Avc - ok
23:47:15.0026 13588  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:47:15.0038 13588  avgntflt - ok
23:47:15.0080 13588  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:47:15.0095 13588  avipbb - ok
23:47:15.0103 13588  [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:47:15.0115 13588  avkmgr - ok
23:47:15.0163 13588  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:47:15.0251 13588  AxInstSV - ok
23:47:15.0305 13588  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
23:47:15.0363 13588  b06bdrv - ok
23:47:15.0387 13588  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
23:47:15.0427 13588  b57nd60x - ok
23:47:15.0532 13588  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:47:15.0594 13588  BDESVC - ok
23:47:15.0647 13588  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:47:15.0693 13588  Beep - ok
23:47:15.0744 13588  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
23:47:15.0804 13588  BFE - ok
23:47:15.0927 13588  [ 8DC837789BBF0E1BEF252A8F7C101F7B ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
23:47:15.0946 13588  BingDesktopUpdate - ok
23:47:15.0972 13588  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
23:47:16.0024 13588  BITS - ok
23:47:16.0058 13588  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:47:16.0072 13588  blbdrive - ok
23:47:16.0099 13588  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:47:16.0172 13588  bowser - ok
23:47:16.0218 13588  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:47:16.0267 13588  BrFiltLo - ok
23:47:16.0289 13588  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:47:16.0331 13588  BrFiltUp - ok
23:47:16.0376 13588  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
23:47:16.0425 13588  Browser - ok
23:47:16.0446 13588  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:47:16.0483 13588  Brserid - ok
23:47:16.0534 13588  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:47:16.0552 13588  BrSerWdm - ok
23:47:16.0581 13588  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:47:16.0634 13588  BrUsbMdm - ok
23:47:16.0660 13588  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:47:16.0702 13588  BrUsbSer - ok
23:47:16.0766 13588  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
23:47:16.0846 13588  BthEnum - ok
23:47:16.0866 13588  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:47:16.0899 13588  BTHMODEM - ok
23:47:16.0943 13588  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:47:16.0973 13588  BthPan - ok
23:47:17.0037 13588  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
23:47:17.0095 13588  BTHPORT - ok
23:47:17.0171 13588  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
23:47:17.0219 13588  bthserv - ok
23:47:17.0246 13588  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
23:47:17.0282 13588  BTHUSB - ok
23:47:17.0328 13588  [ F2F7342742180D5060285499DEE50F99 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
23:47:17.0339 13588  btwaudio - ok
23:47:17.0381 13588  [ 32F59F26A30CFC508DA11DB3EA0F8B77 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
23:47:17.0392 13588  btwavdt - ok
23:47:17.0507 13588  [ 09CB316DB9D61ED9FC9A7B07A1A301F6 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
23:47:17.0526 13588  btwdins - ok
23:47:17.0553 13588  [ ECB98391C756A7B9CFBAE89D9D1235E1 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
23:47:17.0563 13588  btwl2cap - ok
23:47:17.0591 13588  [ 03658734EF7D0F3B3F4636D3E8A38964 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
23:47:17.0603 13588  btwrchid - ok
23:47:17.0672 13588  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:47:17.0742 13588  cdfs - ok
23:47:17.0787 13588  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:47:17.0822 13588  cdrom - ok
23:47:17.0855 13588  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:47:17.0906 13588  CertPropSvc - ok
23:47:17.0979 13588  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:47:18.0029 13588  circlass - ok
23:47:18.0099 13588  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
23:47:18.0117 13588  CLFS - ok
23:47:18.0219 13588  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:47:18.0264 13588  clr_optimization_v2.0.50727_32 - ok
23:47:18.0318 13588  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:47:18.0329 13588  clr_optimization_v4.0.30319_32 - ok
23:47:18.0339 13588  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:47:18.0404 13588  CmBatt - ok
23:47:18.0438 13588  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:47:18.0451 13588  cmdide - ok
23:47:18.0521 13588  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
23:47:18.0546 13588  CNG - ok
23:47:18.0595 13588  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:47:18.0608 13588  Compbatt - ok
23:47:18.0652 13588  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:47:18.0697 13588  CompositeBus - ok
23:47:18.0722 13588  COMSysApp - ok
23:47:18.0740 13588  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:47:18.0753 13588  crcdisk - ok
23:47:18.0819 13588  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:47:18.0869 13588  CryptSvc - ok
23:47:18.0947 13588  [ 0C527B30712D735D8CB61B5187C36587 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
23:47:18.0959 13588  dc3d - ok
23:47:18.0991 13588  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:47:19.0044 13588  DcomLaunch - ok
23:47:19.0107 13588  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:47:19.0166 13588  defragsvc - ok
23:47:19.0208 13588  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:47:19.0251 13588  DfsC - ok
23:47:19.0305 13588  [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
23:47:19.0318 13588  dg_ssudbus - ok
23:47:19.0357 13588  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:47:19.0405 13588  Dhcp - ok
23:47:19.0467 13588  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
23:47:19.0509 13588  discache - ok
23:47:19.0557 13588  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:47:19.0571 13588  Disk - ok
23:47:19.0592 13588  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:47:19.0647 13588  Dnscache - ok
23:47:19.0672 13588  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:47:19.0719 13588  dot3svc - ok
23:47:19.0746 13588  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
23:47:19.0811 13588  DPS - ok
23:47:19.0876 13588  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:47:19.0910 13588  drmkaud - ok
23:47:19.0958 13588  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:47:19.0998 13588  DXGKrnl - ok
23:47:20.0051 13588  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
23:47:20.0097 13588  EapHost - ok
23:47:20.0237 13588  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
23:47:20.0369 13588  ebdrv - ok
23:47:20.0414 13588  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
23:47:20.0463 13588  EFS - ok
23:47:20.0520 13588  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:47:20.0559 13588  ehRecvr - ok
23:47:20.0606 13588  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
23:47:20.0637 13588  ehSched - ok
23:47:20.0725 13588  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:47:20.0747 13588  elxstor - ok
23:47:20.0768 13588  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:47:20.0802 13588  ErrDev - ok
23:47:20.0884 13588  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
23:47:20.0933 13588  EventSystem - ok
23:47:20.0987 13588  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
23:47:21.0034 13588  exfat - ok
23:47:21.0073 13588  [ 920AE11441C78C00C6CF084993C817F8 ] Ext2fs          C:\Windows\system32\DRIVERS\ext2fs.sys
23:47:21.0090 13588  Ext2fs - ok
23:47:21.0103 13588  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:47:21.0160 13588  fastfat - ok
23:47:21.0225 13588  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
23:47:21.0292 13588  Fax - ok
23:47:21.0348 13588  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:47:21.0386 13588  fdc - ok
23:47:21.0425 13588  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
23:47:21.0473 13588  fdPHost - ok
23:47:21.0499 13588  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
23:47:21.0557 13588  FDResPub - ok
23:47:21.0575 13588  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:47:21.0588 13588  FileInfo - ok
23:47:21.0638 13588  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:47:21.0686 13588  Filetrace - ok
23:47:21.0804 13588  [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
23:47:21.0873 13588  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
23:47:21.0873 13588  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
23:47:21.0897 13588  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:47:21.0911 13588  flpydisk - ok
23:47:21.0992 13588  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:47:22.0008 13588  FltMgr - ok
23:47:22.0042 13588  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
23:47:22.0127 13588  FontCache - ok
23:47:22.0216 13588  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:47:22.0225 13588  FontCache3.0.0.0 - ok
23:47:22.0243 13588  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:47:22.0257 13588  FsDepends - ok
23:47:22.0286 13588  [ 17829180DEEBF703EC7F445AC3ABEA99 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
23:47:22.0297 13588  fssfltr - ok
23:47:22.0380 13588  [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:47:22.0402 13588  fsssvc - ok
23:47:22.0432 13588  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:47:22.0447 13588  Fs_Rec - ok
23:47:22.0486 13588  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:47:22.0505 13588  fvevol - ok
23:47:22.0553 13588  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:47:22.0567 13588  gagp30kx - ok
23:47:22.0642 13588  [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio           C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
23:47:22.0652 13588  ghaio - ok
23:47:22.0680 13588  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:47:22.0789 13588  gpsvc - ok
23:47:22.0934 13588  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:47:22.0945 13588  gupdate - ok
23:47:22.0956 13588  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:47:22.0966 13588  gupdatem - ok
23:47:22.0981 13588  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:47:23.0035 13588  hcw85cir - ok
23:47:23.0085 13588  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:47:23.0125 13588  HdAudAddService - ok
23:47:23.0162 13588  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:47:23.0196 13588  HDAudBus - ok
23:47:23.0247 13588  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:47:23.0287 13588  HidBatt - ok
23:47:23.0315 13588  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:47:23.0394 13588  HidBth - ok
23:47:23.0445 13588  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:47:23.0461 13588  HidIr - ok
23:47:23.0520 13588  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
23:47:23.0569 13588  hidserv - ok
23:47:23.0614 13588  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:47:23.0651 13588  HidUsb - ok
23:47:23.0678 13588  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:47:23.0720 13588  hkmsvc - ok
23:47:23.0777 13588  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:47:23.0845 13588  HomeGroupListener - ok
23:47:23.0869 13588  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:47:23.0920 13588  HomeGroupProvider - ok
23:47:23.0972 13588  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:47:23.0986 13588  HpSAMD - ok
23:47:24.0024 13588  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:47:24.0058 13588  HTTP - ok
23:47:24.0080 13588  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:47:24.0093 13588  hwpolicy - ok
23:47:24.0168 13588  [ F02EA43AE8F936124DEBF5B87F12C795 ] hxctlflt        C:\Windows\system32\Drivers\hxctlflt.sys
23:47:24.0223 13588  hxctlflt - ok
23:47:24.0262 13588  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:47:24.0276 13588  i8042prt - ok
23:47:24.0328 13588  [ 80C633722DA72E97F3F5B3B11325696D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:47:24.0343 13588  iaStor - ok
23:47:24.0377 13588  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:47:24.0397 13588  iaStorV - ok
23:47:24.0441 13588  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:47:24.0480 13588  idsvc - ok
23:47:24.0508 13588  [ 45D7414BDDA6A6E4C887598EE47FDB16 ] IfsMount        C:\Windows\system32\DRIVERS\ifsmount.sys
23:47:24.0521 13588  IfsMount - ok
23:47:24.0574 13588  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:47:24.0587 13588  iirsp - ok
23:47:24.0631 13588  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:47:24.0699 13588  IKEEXT - ok
23:47:24.0834 13588  [ 58072F5FD95ECE78F9FA7BDA1210A9E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:47:24.0908 13588  IntcAzAudAddService - ok
23:47:24.0924 13588  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:47:24.0937 13588  intelide - ok
23:47:24.0960 13588  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:47:24.0974 13588  intelppm - ok
23:47:25.0025 13588  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:47:25.0078 13588  IPBusEnum - ok
23:47:25.0100 13588  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:47:25.0147 13588  IpFilterDriver - ok
23:47:25.0219 13588  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:47:25.0297 13588  iphlpsvc - ok
23:47:25.0321 13588  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:47:25.0359 13588  IPMIDRV - ok
23:47:25.0384 13588  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:47:25.0439 13588  IPNAT - ok
23:47:25.0507 13588  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:47:25.0541 13588  IRENUM - ok
23:47:25.0581 13588  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:47:25.0595 13588  isapnp - ok
23:47:25.0610 13588  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:47:25.0628 13588  iScsiPrt - ok
23:47:25.0698 13588  [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
23:47:25.0748 13588  itecir - ok
23:47:25.0789 13588  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:47:25.0802 13588  kbdclass - ok
23:47:25.0839 13588  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:47:25.0885 13588  kbdhid - ok
23:47:25.0952 13588  [ 27BD4AC228EF6C0D490617C32E86A672 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
23:47:25.0962 13588  kbfiltr - ok
23:47:25.0988 13588  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
23:47:26.0002 13588  KeyIso - ok
23:47:26.0023 13588  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:47:26.0037 13588  KSecDD - ok
23:47:26.0053 13588  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:47:26.0068 13588  KSecPkg - ok
23:47:26.0134 13588  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:47:26.0219 13588  KtmRm - ok
23:47:26.0257 13588  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:47:26.0300 13588  LanmanServer - ok
23:47:26.0344 13588  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:47:26.0392 13588  LanmanWorkstation - ok
23:47:26.0499 13588  [ FCBDCC6F1801E32244235608E1277752 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:47:26.0520 13588  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:47:26.0520 13588  LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:47:26.0607 13588  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:47:26.0651 13588  lltdio - ok
23:47:26.0698 13588  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:47:26.0745 13588  lltdsvc - ok
23:47:26.0763 13588  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:47:26.0815 13588  lmhosts - ok
23:47:26.0848 13588  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:47:26.0862 13588  LSI_FC - ok
23:47:26.0872 13588  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:47:26.0887 13588  LSI_SAS - ok
23:47:26.0898 13588  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:47:26.0912 13588  LSI_SAS2 - ok
23:47:26.0923 13588  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:47:26.0938 13588  LSI_SCSI - ok
23:47:26.0989 13588  [ 23B55D27A0AFB7FE9CBCB20B617CC168 ] Ltn_stk7070P    C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys
23:47:27.0050 13588  Ltn_stk7070P - ok
23:47:27.0064 13588  [ 1FA7503D019291C027FEDAE509BC5500 ] Ltn_stkrc       C:\Windows\system32\DRIVERS\Ltn_stkrc.sys
23:47:27.0102 13588  Ltn_stkrc - ok
23:47:27.0155 13588  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
23:47:27.0204 13588  luafv - ok
23:47:27.0234 13588  [ 8039F480C192DD99FED4EBC71FFBF795 ] lullaby         C:\Windows\system32\DRIVERS\lullaby.sys
23:47:27.0244 13588  lullaby - ok
23:47:27.0279 13588  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:47:27.0290 13588  MBAMProtector - ok
23:47:27.0325 13588  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:47:27.0342 13588  MBAMScheduler - ok
23:47:27.0369 13588  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:47:27.0393 13588  MBAMService - ok
23:47:27.0436 13588  [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
23:47:27.0469 13588  mcdbus ( UnsignedFile.Multi.Generic ) - warning
23:47:27.0469 13588  mcdbus - detected UnsignedFile.Multi.Generic (1)
23:47:27.0503 13588  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:47:27.0519 13588  Mcx2Svc - ok
23:47:27.0579 13588  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:47:27.0592 13588  megasas - ok
23:47:27.0616 13588  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:47:27.0633 13588  MegaSR - ok
23:47:27.0729 13588  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:47:27.0740 13588  Microsoft Office Groove Audit Service - ok
23:47:27.0793 13588  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
23:47:27.0862 13588  MMCSS - ok
23:47:27.0887 13588  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
23:47:27.0946 13588  Modem - ok
23:47:28.0014 13588  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:47:28.0050 13588  monitor - ok
23:47:28.0096 13588  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:47:28.0109 13588  mouclass - ok
23:47:28.0129 13588  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:47:28.0158 13588  mouhid - ok
23:47:28.0207 13588  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:47:28.0221 13588  mountmgr - ok
23:47:28.0245 13588  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:47:28.0260 13588  mpio - ok
23:47:28.0272 13588  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:47:28.0331 13588  mpsdrv - ok
23:47:28.0435 13588  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:47:28.0521 13588  MpsSvc - ok
23:47:28.0559 13588  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:47:28.0644 13588  MRxDAV - ok
23:47:28.0714 13588  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:47:28.0781 13588  mrxsmb - ok
23:47:28.0846 13588  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:47:28.0879 13588  mrxsmb10 - ok
23:47:28.0910 13588  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:47:28.0956 13588  mrxsmb20 - ok
23:47:28.0985 13588  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
23:47:28.0998 13588  msahci - ok
23:47:29.0012 13588  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:47:29.0027 13588  msdsm - ok
23:47:29.0039 13588  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
23:47:29.0086 13588  MSDTC - ok
23:47:29.0149 13588  [ 114B67C324D64C8195FD3BF93B4DF02A ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
23:47:29.0183 13588  MSDV - ok
23:47:29.0227 13588  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:47:29.0278 13588  Msfs - ok
23:47:29.0301 13588  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:47:29.0350 13588  mshidkmdf - ok
23:47:29.0372 13588  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:47:29.0385 13588  msisadrv - ok
23:47:29.0448 13588  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:47:29.0476 13588  MSiSCSI - ok
23:47:29.0481 13588  msiserver - ok
23:47:29.0509 13588  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:47:29.0553 13588  MSKSSRV - ok
23:47:29.0573 13588  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:47:29.0616 13588  MSPCLOCK - ok
23:47:29.0642 13588  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:47:29.0689 13588  MSPQM - ok
23:47:29.0720 13588  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:47:29.0737 13588  MsRPC - ok
23:47:29.0761 13588  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:47:29.0774 13588  mssmbios - ok
23:47:29.0783 13588  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:47:29.0810 13588  MSTEE - ok
23:47:29.0815 13588  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:47:29.0844 13588  MTConfig - ok
23:47:29.0897 13588  [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor        C:\Windows\system32\DRIVERS\ATKACPI.sys
23:47:29.0951 13588  MTsensor - ok
23:47:29.0965 13588  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:47:29.0979 13588  Mup - ok
23:47:30.0015 13588  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
23:47:30.0074 13588  napagent - ok
23:47:30.0114 13588  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:47:30.0152 13588  NativeWifiP - ok
23:47:30.0198 13588  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:47:30.0237 13588  NDIS - ok
23:47:30.0245 13588  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:47:30.0286 13588  NdisCap - ok
23:47:30.0315 13588  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:47:30.0340 13588  NdisTapi - ok
23:47:30.0371 13588  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:47:30.0417 13588  Ndisuio - ok
23:47:30.0456 13588  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:47:30.0517 13588  NdisWan - ok
23:47:30.0545 13588  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:47:30.0595 13588  NDProxy - ok
23:47:30.0641 13588  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:47:30.0685 13588  NetBIOS - ok
23:47:30.0721 13588  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:47:30.0765 13588  NetBT - ok
23:47:30.0795 13588  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
23:47:30.0809 13588  Netlogon - ok
23:47:30.0885 13588  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
23:47:30.0944 13588  Netman - ok
23:47:30.0980 13588  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
23:47:31.0011 13588  netprofm - ok
23:47:31.0031 13588  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:47:31.0042 13588  NetTcpPortSharing - ok
23:47:31.0201 13588  [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32        C:\Windows\system32\DRIVERS\NETw5s32.sys
23:47:31.0393 13588  NETw5s32 - ok
23:47:31.0540 13588  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
23:47:31.0668 13588  netw5v32 - ok
23:47:31.0731 13588  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:47:31.0744 13588  nfrd960 - ok
23:47:31.0801 13588  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:47:31.0841 13588  NlaSvc - ok
23:47:31.0862 13588  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:47:31.0913 13588  Npfs - ok
23:47:31.0957 13588  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
23:47:32.0001 13588  nsi - ok
23:47:32.0030 13588  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:47:32.0076 13588  nsiproxy - ok
23:47:32.0136 13588  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:47:32.0186 13588  Ntfs - ok
23:47:32.0241 13588  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
23:47:32.0286 13588  Null - ok
23:47:32.0368 13588  [ D2F4C4B22969236382CA853B8DAA2D4E ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
23:47:32.0380 13588  NVHDA - ok
23:47:32.0596 13588  [ 5CE5B23855262ACABAECCE156F48DD88 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:47:32.0938 13588  nvlddmkm - ok
23:47:32.0979 13588  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:47:32.0994 13588  nvraid - ok
23:47:33.0042 13588  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:47:33.0058 13588  nvstor - ok
23:47:33.0088 13588  [ 6DF4CC671CD9704840C5522627F3ED43 ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:47:33.0103 13588  nvsvc - ok
23:47:33.0132 13588  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:47:33.0147 13588  nv_agp - ok
23:47:33.0250 13588  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:47:33.0268 13588  odserv - ok
23:47:33.0288 13588  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:47:33.0326 13588  ohci1394 - ok
23:47:33.0358 13588  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:47:33.0372 13588  ose - ok
23:47:33.0429 13588  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:47:33.0534 13588  p2pimsvc - ok
23:47:33.0607 13588  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:47:33.0676 13588  p2psvc - ok
23:47:33.0725 13588  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:47:33.0758 13588  Parport - ok
23:47:33.0798 13588  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:47:33.0812 13588  partmgr - ok
23:47:33.0827 13588  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
23:47:33.0860 13588  Parvdm - ok
23:47:33.0891 13588  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:47:33.0933 13588  PcaSvc - ok
23:47:33.0963 13588  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
23:47:33.0979 13588  pci - ok
23:47:34.0011 13588  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
23:47:34.0024 13588  pciide - ok
23:47:34.0054 13588  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:47:34.0070 13588  pcmcia - ok
23:47:34.0081 13588  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
23:47:34.0094 13588  pcw - ok
23:47:34.0130 13588  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:47:34.0190 13588  PEAUTH - ok
23:47:34.0258 13588  [ E27087ED87311DC130E55A63E890615D ] PL-40R          C:\Windows\system32\Drivers\pl40rwdm.sys
23:47:34.0286 13588  PL-40R ( UnsignedFile.Multi.Generic ) - warning
23:47:34.0286 13588  PL-40R - detected UnsignedFile.Multi.Generic (1)
23:47:34.0355 13588  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
23:47:34.0449 13588  pla - ok
23:47:34.0531 13588  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:47:34.0590 13588  PlugPlay - ok
23:47:34.0637 13588  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:47:34.0677 13588  PNRPAutoReg - ok
23:47:34.0728 13588  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:47:34.0744 13588  PNRPsvc - ok
23:47:34.0805 13588  [ 0648C9DB881557749039CFEE5E97E1A3 ] Point32         C:\Windows\system32\DRIVERS\point32.sys
23:47:34.0817 13588  Point32 - ok
23:47:34.0851 13588  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:47:34.0906 13588  PolicyAgent - ok
23:47:34.0945 13588  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
23:47:34.0989 13588  Power - ok
23:47:35.0063 13588  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:47:35.0106 13588  PptpMiniport - ok
23:47:35.0128 13588  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:47:35.0159 13588  Processor - ok
23:47:35.0207 13588  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
23:47:35.0255 13588  ProfSvc - ok
23:47:35.0271 13588  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:47:35.0284 13588  ProtectedStorage - ok
23:47:35.0312 13588  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:47:35.0356 13588  Psched - ok
23:47:35.0428 13588  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:47:35.0481 13588  ql2300 - ok
23:47:35.0542 13588  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:47:35.0556 13588  ql40xx - ok
23:47:35.0606 13588  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
23:47:35.0659 13588  QWAVE - ok
23:47:35.0687 13588  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:47:35.0729 13588  QWAVEdrv - ok
23:47:35.0757 13588  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:47:35.0807 13588  RasAcd - ok
23:47:35.0872 13588  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:47:35.0898 13588  RasAgileVpn - ok
23:47:35.0911 13588  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
23:47:35.0941 13588  RasAuto - ok
23:47:35.0958 13588  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:47:36.0001 13588  Rasl2tp - ok
23:47:36.0040 13588  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
23:47:36.0093 13588  RasMan - ok
23:47:36.0114 13588  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:47:36.0160 13588  RasPppoe - ok
23:47:36.0184 13588  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:47:36.0233 13588  RasSstp - ok
23:47:36.0256 13588  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:47:36.0309 13588  rdbss - ok
23:47:36.0343 13588  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:47:36.0410 13588  rdpbus - ok
23:47:36.0448 13588  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:47:36.0492 13588  RDPCDD - ok
23:47:36.0528 13588  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:47:36.0569 13588  RDPENCDD - ok
23:47:36.0592 13588  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:47:36.0638 13588  RDPREFMP - ok
23:47:36.0729 13588  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:47:36.0773 13588  RdpVideoMiniport - ok
23:47:36.0802 13588  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:47:36.0854 13588  RDPWD - ok
23:47:36.0898 13588  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:47:36.0914 13588  rdyboost - ok
23:47:36.0977 13588  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:47:37.0028 13588  RemoteAccess - ok
23:47:37.0080 13588  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:47:37.0110 13588  RemoteRegistry - ok
23:47:37.0137 13588  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:47:37.0155 13588  RFCOMM - ok
23:47:37.0211 13588  [ A5B12A4B3B774432DB9B9FA221190E59 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
23:47:37.0262 13588  rimmptsk - ok
23:47:37.0346 13588  [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
23:47:37.0389 13588  rimsptsk - ok
23:47:37.0407 13588  [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
23:47:37.0448 13588  rismxdp - ok
23:47:37.0495 13588  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:47:37.0547 13588  RpcEptMapper - ok
23:47:37.0596 13588  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
23:47:37.0627 13588  RpcLocator - ok
23:47:37.0657 13588  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
23:47:37.0687 13588  RpcSs - ok
23:47:37.0770 13588  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:47:37.0812 13588  rspndr - ok
23:47:37.0864 13588  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
23:47:37.0885 13588  RTL8167 - ok
23:47:37.0908 13588  [ 13E97CF38286B8A1D7605D3175DB28EE ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
23:47:37.0927 13588  RTL8169 - ok
23:47:37.0947 13588  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
23:47:37.0961 13588  SamSs - ok
23:47:38.0002 13588  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:47:38.0016 13588  sbp2port - ok
23:47:38.0064 13588  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:47:38.0126 13588  SCardSvr - ok
23:47:38.0159 13588  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:47:38.0203 13588  scfilter - ok
23:47:38.0243 13588  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
23:47:38.0310 13588  Schedule - ok
23:47:38.0341 13588  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:47:38.0366 13588  SCPolicySvc - ok
23:47:38.0390 13588  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\drivers\sdbus.sys
23:47:38.0427 13588  sdbus - ok
23:47:38.0467 13588  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:47:38.0489 13588  SDRSVC - ok
23:47:38.0585 13588  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:47:38.0637 13588  secdrv - ok
23:47:38.0686 13588  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
23:47:38.0737 13588  seclogon - ok
23:47:38.0762 13588  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
23:47:38.0814 13588  SENS - ok
23:47:38.0839 13588  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:47:38.0901 13588  SensrSvc - ok
23:47:38.0945 13588  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:47:38.0974 13588  Serenum - ok
23:47:39.0001 13588  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:47:39.0016 13588  Serial - ok
23:47:39.0059 13588  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:47:39.0090 13588  sermouse - ok
23:47:39.0131 13588  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:47:39.0176 13588  SessionEnv - ok
23:47:39.0212 13588  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
23:47:39.0227 13588  sffdisk - ok
23:47:39.0237 13588  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:47:39.0278 13588  sffp_mmc - ok
23:47:39.0282 13588  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
23:47:39.0311 13588  sffp_sd - ok
23:47:39.0358 13588  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:47:39.0394 13588  sfloppy - ok
23:47:39.0445 13588  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:47:39.0500 13588  SharedAccess - ok
23:47:39.0525 13588  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:47:39.0578 13588  ShellHWDetection - ok
23:47:39.0627 13588  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:47:39.0641 13588  sisagp - ok
23:47:39.0696 13588  [ 6F0C643C7F49F2091B01D014EAE72E1A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSGB6.sys
23:47:39.0733 13588  SiSGbeLH - ok
23:47:39.0752 13588  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:47:39.0765 13588  SiSRaid2 - ok
23:47:39.0776 13588  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:47:39.0790 13588  SiSRaid4 - ok
23:47:39.0874 13588  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
23:47:39.0888 13588  SkypeUpdate - ok
23:47:39.0914 13588  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:47:39.0963 13588  Smb - ok
23:47:40.0040 13588  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:47:40.0057 13588  SNMPTRAP - ok
23:47:40.0195 13588  [ A70F178299812DCE4CC0E802D403BE9B ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
23:47:40.0317 13588  SNP2UVC - ok
23:47:40.0361 13588  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:47:40.0375 13588  spldr - ok
23:47:40.0401 13588  [ 739DB668DBD812285ECC553E64A5E212 ] spmgr           C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
23:47:40.0411 13588  spmgr - ok
23:47:40.0440 13588  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
23:47:40.0490 13588  Spooler - ok
23:47:40.0584 13588  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
23:47:40.0683 13588  sppsvc - ok
23:47:40.0710 13588  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:47:40.0753 13588  sppuinotify - ok
23:47:40.0799 13588  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:47:40.0867 13588  srv - ok
23:47:40.0882 13588  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:47:40.0925 13588  srv2 - ok
23:47:40.0957 13588  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:47:40.0990 13588  srvnet - ok
23:47:41.0034 13588  [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
23:47:41.0090 13588  ssadbus - ok
23:47:41.0107 13588  [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
23:47:41.0137 13588  ssadmdfl - ok
23:47:41.0174 13588  [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
23:47:41.0207 13588  ssadmdm - ok
23:47:41.0247 13588  [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
23:47:41.0259 13588  sscdbus - ok
23:47:41.0313 13588  [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
23:47:41.0323 13588  sscdmdfl - ok
23:47:41.0367 13588  [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
23:47:41.0379 13588  sscdmdm - ok
23:47:41.0438 13588  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:47:41.0492 13588  SSDPSRV - ok
23:47:41.0556 13588  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
23:47:41.0568 13588  ssmdrv - ok
23:47:41.0579 13588  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:47:41.0630 13588  SstpSvc - ok
23:47:41.0710 13588  [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
23:47:41.0723 13588  ssudmdm - ok
23:47:41.0783 13588  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:47:41.0797 13588  stexstor - ok
23:47:41.0835 13588  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
23:47:41.0874 13588  StillCam - ok
23:47:41.0927 13588  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
23:47:41.0974 13588  StiSvc - ok
23:47:41.0998 13588  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:47:42.0011 13588  swenum - ok
23:47:42.0072 13588  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
23:47:42.0123 13588  swprv - ok
23:47:42.0201 13588  [ BE78198C69135EF1FA157E08FD5C90FF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
23:47:42.0215 13588  SynTP - ok
23:47:42.0262 13588  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
23:47:42.0337 13588  SysMain - ok
23:47:42.0379 13588  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:47:42.0420 13588  TabletInputService - ok
23:47:42.0580 13588  [ 1FF41723B6CF6EF0D2456691B75131BB ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
23:47:42.0750 13588  TabletServicePen - ok
23:47:42.0788 13588  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:47:42.0841 13588  TapiSrv - ok
23:47:42.0885 13588  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
23:47:42.0930 13588  TBS - ok
23:47:42.0988 13588  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:47:43.0065 13588  Tcpip - ok
23:47:43.0121 13588  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:47:43.0151 13588  TCPIP6 - ok
23:47:43.0219 13588  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:47:43.0252 13588  tcpipreg - ok
23:47:43.0283 13588  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:47:43.0338 13588  TDPIPE - ok
23:47:43.0363 13588  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:47:43.0400 13588  TDTCP - ok
23:47:43.0431 13588  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:47:43.0476 13588  tdx - ok
23:47:43.0497 13588  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:47:43.0510 13588  TermDD - ok
23:47:43.0549 13588  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
23:47:43.0607 13588  TermService - ok
23:47:43.0678 13588  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
23:47:43.0714 13588  Themes - ok
23:47:43.0738 13588  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
23:47:43.0766 13588  THREADORDER - ok
23:47:43.0782 13588  [ A59F3BBE6BD3C20F8FFB0B62CFF54CC6 ] tifsfilter      C:\Windows\system32\DRIVERS\tifsfilt.sys
23:47:43.0793 13588  tifsfilter - ok
23:47:43.0838 13588  [ C17EA46C3326A951DC3B8E883D661E0C ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
23:47:43.0854 13588  TouchServicePen - ok
23:47:43.0906 13588  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
23:47:43.0948 13588  TrkWks - ok
23:47:44.0012 13588  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:47:44.0056 13588  TrustedInstaller - ok
23:47:44.0082 13588  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:47:44.0130 13588  tssecsrv - ok
23:47:44.0198 13588  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:47:44.0256 13588  TsUsbFlt - ok
23:47:44.0297 13588  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:47:44.0341 13588  tunnel - ok
23:47:44.0393 13588  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:47:44.0407 13588  uagp35 - ok
23:47:44.0424 13588  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:47:44.0452 13588  udfs - ok
23:47:44.0504 13588  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:47:44.0534 13588  UI0Detect - ok
23:47:44.0568 13588  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:47:44.0581 13588  uliagpkx - ok
23:47:44.0619 13588  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
23:47:44.0650 13588  umbus - ok
23:47:44.0674 13588  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:47:44.0711 13588  UmPass - ok
23:47:44.0745 13588  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
23:47:44.0794 13588  upnphost - ok
23:47:44.0845 13588  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:47:44.0861 13588  usbaudio - ok
23:47:44.0886 13588  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:47:44.0929 13588  usbccgp - ok
23:47:44.0984 13588  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
23:47:45.0024 13588  usbcir - ok
23:47:45.0062 13588  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:47:45.0092 13588  usbehci - ok
23:47:45.0131 13588  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:47:45.0170 13588  usbhub - ok
23:47:45.0197 13588  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:47:45.0211 13588  usbohci - ok
23:47:45.0230 13588  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:47:45.0260 13588  usbprint - ok
23:47:45.0284 13588  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:47:45.0309 13588  USBSTOR - ok
23:47:45.0333 13588  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:47:45.0347 13588  usbuhci - ok
23:47:45.0382 13588  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:47:45.0400 13588  usbvideo - ok
23:47:45.0443 13588  [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
23:47:45.0498 13588  usb_rndisx - ok
23:47:45.0557 13588  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
23:47:45.0604 13588  UxSms - ok
23:47:45.0631 13588  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
23:47:45.0644 13588  VaultSvc - ok
23:47:45.0668 13588  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:47:45.0682 13588  vdrvroot - ok
23:47:45.0719 13588  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
23:47:45.0768 13588  vds - ok
23:47:45.0816 13588  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:47:45.0846 13588  vga - ok
23:47:45.0866 13588  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:47:45.0918 13588  VgaSave - ok
23:47:45.0958 13588  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:47:45.0974 13588  vhdmp - ok
23:47:46.0001 13588  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:47:46.0014 13588  viaagp - ok
23:47:46.0030 13588  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
23:47:46.0046 13588  ViaC7 - ok
23:47:46.0056 13588  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
23:47:46.0068 13588  viaide - ok
23:47:46.0104 13588  [ 7140E9EA599C2E5FFCA0E783AF9EDE2E ] vidsflt61       C:\Windows\system32\DRIVERS\vsflt61.sys
23:47:46.0116 13588  vidsflt61 - ok
23:47:46.0132 13588  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:47:46.0146 13588  volmgr - ok
23:47:46.0163 13588  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:47:46.0182 13588  volmgrx - ok
23:47:46.0196 13588  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:47:46.0214 13588  volsnap - ok
23:47:46.0247 13588  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:47:46.0262 13588  vsmraid - ok
23:47:46.0307 13588  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
23:47:46.0396 13588  VSS - ok
23:47:46.0417 13588  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:47:46.0455 13588  vwifibus - ok
23:47:46.0483 13588  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:47:46.0525 13588  vwififlt - ok
23:47:46.0602 13588  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
23:47:46.0663 13588  W32Time - ok
23:47:46.0703 13588  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
23:47:46.0713 13588  wacommousefilter - ok
23:47:46.0730 13588  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:47:46.0765 13588  WacomPen - ok
23:47:46.0803 13588  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
23:47:46.0813 13588  wacomvhid - ok
23:47:46.0833 13588  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:47:46.0859 13588  WANARP - ok
23:47:46.0863 13588  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:47:46.0889 13588  Wanarpv6 - ok
23:47:46.0960 13588  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:47:47.0020 13588  WatAdminSvc - ok
23:47:47.0053 13588  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
23:47:47.0143 13588  wbengine - ok
23:47:47.0201 13588  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:47:47.0251 13588  WbioSrvc - ok
23:47:47.0301 13588  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:47:47.0345 13588  wcncsvc - ok
23:47:47.0367 13588  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:47:47.0396 13588  WcsPlugInService - ok
23:47:47.0459 13588  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:47:47.0472 13588  Wd - ok
23:47:47.0533 13588  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:47:47.0558 13588  Wdf01000 - ok
23:47:47.0574 13588  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:47:47.0644 13588  WdiServiceHost - ok
23:47:47.0649 13588  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:47:47.0667 13588  WdiSystemHost - ok
23:47:47.0690 13588  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
23:47:47.0712 13588  WebClient - ok
23:47:47.0729 13588  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:47:47.0761 13588  Wecsvc - ok
23:47:47.0774 13588  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:47:47.0803 13588  wercplsupport - ok
23:47:47.0842 13588  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:47:47.0892 13588  WerSvc - ok
23:47:47.0929 13588  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:47:47.0974 13588  WfpLwf - ok
23:47:48.0024 13588  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:47:48.0091 13588  WIMMount - ok
23:47:48.0202 13588  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
23:47:48.0228 13588  WinDefend - ok
23:47:48.0297 13588  [ 9AE9E94531E5EF4BDDB8FEBCE3C244B7 ] WinDriver6      C:\Windows\system32\drivers\windrvr6.sys
23:47:48.0348 13588  WinDriver6 - ok
23:47:48.0351 13588  WinHttpAutoProxySvc - ok
23:47:48.0468 13588  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:47:48.0538 13588  Winmgmt - ok
23:47:48.0594 13588  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
23:47:48.0674 13588  WinRM - ok
23:47:48.0744 13588  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:47:48.0781 13588  WinUsb - ok
23:47:48.0843 13588  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:47:48.0897 13588  Wlansvc - ok
23:47:48.0992 13588  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:47:49.0053 13588  wlidsvc - ok
23:47:49.0075 13588  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:47:49.0107 13588  WmiAcpi - ok
23:47:49.0161 13588  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:47:49.0207 13588  wmiApSrv - ok
23:47:49.0277 13588  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
23:47:49.0326 13588  WMPNetworkSvc - ok
23:47:49.0381 13588  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:47:49.0430 13588  WPCSvc - ok
23:47:49.0451 13588  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:47:49.0484 13588  WPDBusEnum - ok
23:47:49.0567 13588  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:47:49.0594 13588  ws2ifsl - ok
23:47:49.0609 13588  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:47:49.0642 13588  wscsvc - ok
23:47:49.0646 13588  WSearch - ok
23:47:49.0723 13588  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
23:47:49.0783 13588  wuauserv - ok
23:47:49.0835 13588  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:47:49.0897 13588  WudfPf - ok
23:47:49.0933 13588  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:47:49.0948 13588  WUDFRd - ok
23:47:49.0994 13588  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:47:50.0029 13588  wudfsvc - ok
23:47:50.0075 13588  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:47:50.0119 13588  WwanSvc - ok
23:47:50.0178 13588  [ 4D840C6AF3C020ED3A35EFBA9025CF4A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl
23:47:50.0189 13588  {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
23:47:50.0219 13588  ================ Scan global ===============================
23:47:50.0247 13588  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:47:50.0306 13588  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
23:47:50.0361 13588  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
23:47:50.0427 13588  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:47:50.0478 13588  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:47:50.0483 13588  [Global] - ok
23:47:50.0484 13588  ================ Scan MBR ==================================
23:47:50.0498 13588  [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0
23:47:50.0720 13588  \Device\Harddisk0\DR0 - ok
23:47:51.0039 13588  [ 9F146DFED5154ABC3EEF99064B90BF1F ] \Device\Harddisk1\DR1
23:47:51.0147 13588  \Device\Harddisk1\DR1 - ok
23:47:51.0149 13588  ================ Scan VBR ==================================
23:47:51.0152 13588  [ D651F33E6D28BACE625A64A80A1E44A7 ] \Device\Harddisk0\DR0\Partition1
23:47:51.0153 13588  \Device\Harddisk0\DR0\Partition1 - ok
23:47:51.0157 13588  [ C82F13F8FD1172C10CD2F15D40EE5FC9 ] \Device\Harddisk1\DR1\Partition1
23:47:51.0159 13588  \Device\Harddisk1\DR1\Partition1 - ok
23:47:51.0159 13588  ============================================================
23:47:51.0159 13588  Scan finished
23:47:51.0159 13588  ============================================================
23:47:51.0169 15916  Detected object count: 6
23:47:51.0169 15916  Actual detected object count: 6
23:48:33.0559 15916  ASLDRService ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0559 15916  ASLDRService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:48:33.0560 15916  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0560 15916  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:48:33.0561 15916  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0561 15916  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:48:33.0563 15916  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0563 15916  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:48:33.0565 15916  mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0565 15916  mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:48:33.0567 15916  PL-40R ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0567 15916  PL-40R ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 25.01.2013, 12:11   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



unauffällig


adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.01.2013, 19:11   #11
TobseBeck
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Puhhh, das hört man als Patient doch gerne
D.h. also die einzige Malware auf meinem Rechner ist wohl "Samsung Kies"!?
War da etwas sensibilisiert - v.a. nachdem ich "ZBot" nach dem Scan gelesen hab (Obwohl ich doch das Gefühl oder vllt Hoffnung hatte dass das ein false positive ist). Bei meinem Vater auf dem Laptop war das Mistvieh Anfang der Woche nämlich tatsächlich drauf - Daten gesichert, platt gemacht und dann Linux Mint drauf...
Ach genau, dazu zwei Fragen:
Bei Linux reicht es idR wenn man es bzw. die Programme aktuell hält + Firewall!?
Oder sollte doch auch ein Scanner eingesetzt werden? avast für Linux ist ja nur On Demand...
Und: Wenn ich von einem infizierten System einen Bootstick mit einem Linux-Image mache und dann von dem Stick boote, ist dann die Gefahr da dass ich mir was einfange? Das System kann ja nicht (durch Win-Malware) befallen werden, aber wie sieht es mit dem MBR aus?

Gruß
Tobias

achja, das Log:
Code:
ATTFilter
# AdwCleaner v2.108 - Datei am 25/01/2013 um 18:55:37 erstellt
# Aktualisiert am 24/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Tobias - TOBIAS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobias\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\S
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gefunden : HKU\S-1-5-21-259702913-3688751258-429655623-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v11.0 (de)

Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\wfe2godk.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v24.0.1312.52

Datei : C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1790 octets] - [25/01/2013 18:55:37]

########## EOF - C:\AdwCleaner[R1].txt - [1850 octets] ##########
         

Alt 26.01.2013, 19:31   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Zitat:
Bei Linux reicht es idR wenn man es bzw. die Programme aktuell hält + Firewall!?
Man sollte nicht dem Irrtum unterliegen, dass Linux grundsätzlich vor allem sicher ist.
Im Moment gibt es nurnicht so eine Schädlingsvielfalt wie für Windows, daher gelten allgemeine Sicherheitsmaßnahmen für JEDES Betriebssystem!
Im Moment halte ich einen Virenscanner für Linux aber für überflüssig, wenn würde wohl eh nur Windows-Schädlinge finden,...

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.01.2013, 20:41   #13
TobseBeck
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Hallo cosinus,

sorry für die spätere Anwort - bin seit Samstag nicht mehr an den Rechner gekommen...
Ich weiss das Linux nicht grundsätzlich sicher ist, daher auch die Frage ob neben Updates auch Scanner und weitere Massnahmen notwendig sind. Bugs und damit Sicherheitslücken gibt es ja grundsätzlich in jeder Software (und im embedded Bereich ist das sogar mein Job...). Aber zum Glück ist Linux halt weniger im Blickfeld der Schädlingsprogrammierer!?

Hier die Logs:

AdwCleaner[S1].txt:
Code:
ATTFilter
# AdwCleaner v2.109 - Datei am 29/01/2013 um 20:06:19 erstellt
# Aktualisiert am 26/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Tobias - TOBIAS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobias\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v11.0 (de)

Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\wfe2godk.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v24.0.1312.56

Datei : C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1919 octets] - [25/01/2013 18:55:37]
AdwCleaner[S1].txt - [1833 octets] - [29/01/2013 20:06:19]

########## EOF - C:\AdwCleaner[S1].txt - [1893 octets] ##########
         
OTL.txt:
Code:
ATTFilter
OTL logfile created on: 29.01.2013 20:16:04 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tobias\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 52,90% Memory free
6,00 Gb Paging File | 4,23 Gb Available in Paging File | 70,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 201,63 Gb Total Space | 41,27 Gb Free Space | 20,47% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 231,13 Gb Free Space | 99,25% Space Free | Partition Type: NTFS
Drive R: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive S: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive T: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive U: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive V: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive W: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive X: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive Y: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive Z: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
 
Computer Name: TOBIAS-PC | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Tobias\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Programme\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Tobias\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Sticky-Notes\stickynotes.exe ()
PRC - C:\Programme\Bamboo Dock\BambooCore.exe ()
PRC - C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TouchUser.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.)
PRC - C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Programme\P4G\BatteryLife.exe (ATK)
PRC - C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Programme\ASUS\ASUS CopyProtect\ASPG.exe (ASUS)
PRC - C:\Programme\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe (CyberLink Corp.)
PRC - C:\Programme\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Programme\ASUS\AI TouchMedia\PlayMovie\PMVService.exe (CyberLink Corp.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\P4P\P4P.exe ()
PRC - C:\Programme\ASUS\ATK Hotkey\WDC.exe ()
PRC - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe ()
PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Programme\ASUS\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe ()
PRC - C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Programme\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Programme\ChkMail\ChkMail\ChkMail.exe (ChkMail)
PRC - C:\Programme\Wireless Console 2\wcourier.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\Sticky-Notes\stickynotes.exe ()
MOD - C:\Programme\Bamboo Dock\BambooCore.exe ()
MOD - C:\Programme\Tablet\Pen\libxml2.dll ()
MOD - C:\Programme\Notepad++\NppShell_04.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Programme\IDM Computer Solutions\UltraEdit\ue32ctmn.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Programme\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Programme\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Programme\P4P\P4P.exe ()
MOD - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe ()
MOD - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Programme\ASUS\ATK Hotkey\MsgTran.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Adobe Licensing Console) -- C:\Windows\SysWOW64\adbcnsl.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (BingDesktopUpdate) -- C:\Programme\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Programme\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vidsflt61) -- C:\Windows\System32\drivers\vsflt61.sys (Acronis)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdbus) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (WinDriver6) -- C:\Windows\System32\drivers\windrvr6.sys (Jungo)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (tifsfilter) -- C:\Windows\System32\drivers\tifsfilt.sys (Acronis)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (hxctlflt) -- C:\Windows\System32\drivers\hxctlflt.sys (Guillemot Corporation)
DRV - (Ext2fs) -- C:\Windows\System32\drivers\ext2fs.sys (Stephan Schreiber)
DRV - (IfsMount) -- C:\Windows\System32\drivers\ifsmount.sys (Stephan Schreiber)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Codename Longhorn DDK provider)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\ASUS\AI TouchMedia\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (ghaio) -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (acehlp10) -- C:\Windows\System32\drivers\acehlp10.sys (Protect Software GmbH)
DRV - (acedrv10) -- C:\Windows\System32\drivers\ACEDRV10.sys (Protect Software GmbH)
DRV - (ASMMAP) -- C:\Programme\ATKGFNEX\ASMMAP.sys ()
DRV - (ATSWPDRV) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (Ltn_stk7070P) -- C:\Windows\System32\drivers\Ltn_stk7070P.sys (LITEON)
DRV - (Ltn_stkrc) -- C:\Windows\System32\drivers\Ltn_stkrc.sys (LITEON)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: firebug@software.joehewitt.com:1.9.2
FF - prefs.js..extensions.enabledAddons: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08}:6.8
FF - prefs.js..extensions.enabledAddons: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:1.11
FF - prefs.js..extensions.enabledAddons: firefox@facebook.com:1.8.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.6
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.7.3
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08}:6.4
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8312
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.06 23:16:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.13 18:15:10 | 000,000,000 | ---D | M]
 
[2010.01.18 00:54:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Extensions
[2012.07.24 15:58:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions
[2010.07.01 21:40:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.21 19:49:22 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.29 21:26:07 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012.06.18 23:14:23 | 000,000,000 | ---D | M] (Sothink Web Video Downloader for Firefox) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2012.06.05 18:54:23 | 001,335,949 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\wfe2godk.default\extensions\firebug@software.joehewitt.com.xpi
[2012.07.24 15:58:19 | 000,319,802 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\wfe2godk.default\extensions\firefox@facebook.com.xpi
[2012.09.03 19:03:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.18 15:23:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.03 19:03:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.04.06 23:16:45 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.04.06 23:16:43 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.06 23:16:43 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.06 23:16:43 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.06 23:16:43 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.06 23:16:43 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.06 23:16:43 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin:  Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Cloud Reader = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnkloegafmkhgpjglcbldhaokjpandj\1.0.0.0_0\
CHR - Extension: YouTube = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Flash Video Downloader = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggkfikfcbnpfoicfjammigpnakpogebh\2.2.5_0\
CHR - Extension: JDownloader Integration for Google Chrome\u2122 = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm\1.2.3_0\
CHR - Extension: Google Mail = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll ()
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Facebook Toolbar) - {A823A630-78C6-4637-AF80-AEDCA5BB74C1} - C:\Programme\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-259702913-3688751258-429655623-1000\..\Toolbar\WebBrowser: (Facebook Toolbar) - {A823A630-78C6-4637-AF80-AEDCA5BB74C1} - C:\Programme\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BambooCore] C:\Programme\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [BingDesktop] C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [ChkMail] C:\Programme\ChkMail\ChkMail\ChkMail.exe (ChkMail)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe ()
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PCMAgent] C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_2008_PLUS\Trayserver.exe (MAGIX AG)
O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH)
O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [PMCRemote]  File not found
O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [SansaDispatch] C:\Users\Tobias\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [Sticky-Notes] C:\Programme\Sticky-Notes\stickynotes.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JDownloader.lnk = C:\Programme\JDownloader\JDownloaderPortable.exe (AppWork GmbH)
O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0474A72-6415-4E2E-9E62-FF3AC2718995}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE063549-4DB6-4E78-B444-441FE286580C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D11713BB-1570-490E-945D-2DE60B1CB154}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.24 23:20:44 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tobias\Desktop\tdsskiller.exe
[2013.01.24 23:18:21 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Tobias\Desktop\aswMBR.exe
[2013.01.22 20:11:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe
[2013.01.22 19:39:29 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Malwarebytes
[2013.01.22 19:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.22 19:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.22 19:38:50 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.22 19:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.22 19:38:22 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Programs
[2013.01.21 23:01:11 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.21 23:01:11 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.21 23:01:11 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.21 19:00:42 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\ShamurShamur
[2013.01.20 20:37:36 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2013.01.20 20:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\LinuxLive USB Creator
[2013.01.09 20:26:47 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Desktop\mbar
[2013.01.09 18:50:08 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.09 18:49:32 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.01.09 18:49:32 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.01.09 18:49:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 18:49:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 18:49:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 18:49:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 18:49:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 18:49:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 18:49:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 18:49:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 18:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 18:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 18:49:10 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013.01.09 18:49:10 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013.01.09 18:49:10 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013.01.09 18:49:10 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013.01.09 18:49:10 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013.01.09 18:49:10 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013.01.09 18:49:09 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013.01.09 18:49:09 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013.01.09 18:49:09 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013.01.09 18:49:09 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013.01.09 18:49:09 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013.01.09 18:49:09 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013.01.09 18:49:08 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013.01.09 18:49:08 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013.01.09 18:49:08 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013.01.09 18:49:08 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013.01.09 18:49:02 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.09 18:49:01 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.01.04 17:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC_DIMMER2012
[2013.01.04 17:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\PHOENIXstudios
[2013.01.04 17:09:51 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DMXControl
[2013.01.04 17:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\DMXControl
[2013.01.03 17:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.29 20:17:51 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.29 20:17:51 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.29 20:11:47 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.01.29 20:10:02 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013.01.29 20:09:52 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.29 20:09:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.29 20:09:41 | 2415,218,688 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.29 20:05:37 | 000,580,235 | ---- | M] () -- C:\Users\Tobias\Desktop\adwcleaner.exe
[2013.01.29 20:05:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.29 19:38:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.27 21:28:26 | 000,001,019 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.01.27 21:28:17 | 000,000,989 | ---- | M] () -- C:\Users\Tobias\Desktop\Dropbox.lnk
[2013.01.25 23:59:02 | 000,654,260 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.25 23:59:02 | 000,616,102 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.25 23:59:02 | 000,130,100 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.25 23:59:02 | 000,106,482 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.24 23:45:44 | 000,000,512 | ---- | M] () -- C:\Users\Tobias\Desktop\MBR.dat
[2013.01.24 23:20:50 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tobias\Desktop\tdsskiller.exe
[2013.01.24 23:19:31 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Tobias\Desktop\aswMBR.exe
[2013.01.24 20:03:20 | 013,462,931 | ---- | M] () -- C:\Users\Tobias\Desktop\mbar-1.01.0.1016.zip
[2013.01.22 20:15:46 | 000,000,000 | ---- | M] () -- C:\Users\Tobias\defogger_reenable
[2013.01.22 20:14:35 | 000,739,953 | ---- | M] () -- C:\Users\Tobias\Desktop\Trojaner-Board.pdf
[2013.01.22 20:12:33 | 000,365,568 | ---- | M] () -- C:\Users\Tobias\Desktop\gmer-2.0.18444.exe
[2013.01.22 20:11:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe
[2013.01.22 20:10:29 | 000,050,477 | ---- | M] () -- C:\Users\Tobias\Desktop\Defogger (1).exe
[2013.01.21 23:09:32 | 000,007,602 | ---- | M] () -- C:\Users\Tobias\AppData\Local\Resmon.ResmonCfg
[2013.01.12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.10 22:37:47 | 000,025,600 | ---- | M] () -- C:\Users\Tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.10 19:38:21 | 000,563,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.08 23:05:27 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.08 23:05:27 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.04 17:14:54 | 097,416,858 | ---- | M] (                                                            ) -- C:\Users\Tobias\Desktop\3D_EasyView_Magic2012.exe
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.29 20:05:30 | 000,580,235 | ---- | C] () -- C:\Users\Tobias\Desktop\adwcleaner.exe
[2013.01.24 23:45:44 | 000,000,512 | ---- | C] () -- C:\Users\Tobias\Desktop\MBR.dat
[2013.01.24 20:02:58 | 013,462,931 | ---- | C] () -- C:\Users\Tobias\Desktop\mbar-1.01.0.1016.zip
[2013.01.22 20:15:46 | 000,000,000 | ---- | C] () -- C:\Users\Tobias\defogger_reenable
[2013.01.22 20:14:35 | 000,739,953 | ---- | C] () -- C:\Users\Tobias\Desktop\Trojaner-Board.pdf
[2013.01.22 20:12:29 | 000,365,568 | ---- | C] () -- C:\Users\Tobias\Desktop\gmer-2.0.18444.exe
[2013.01.22 20:10:17 | 000,050,477 | ---- | C] () -- C:\Users\Tobias\Desktop\Defogger (1).exe
[2013.01.04 17:12:24 | 097,416,858 | ---- | C] (                                                            ) -- C:\Users\Tobias\Desktop\3D_EasyView_Magic2012.exe
[2012.12.27 13:22:07 | 000,000,600 | ---- | C] () -- C:\Users\Tobias\AppData\Local\PUTTY.RND
[2012.08.09 12:03:19 | 000,000,100 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012.05.21 00:09:00 | 000,001,421 | ---- | C] () -- C:\Users\Tobias\.recently-used.xbel
[2012.03.22 18:01:32 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.03.15 06:40:28 | 004,826,112 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2012.03.13 23:29:45 | 000,000,604 | -H-- | C] () -- C:\Program Files\_Z2
[2012.03.11 10:54:25 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2012.03.11 10:49:27 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg
[2012.03.11 10:49:24 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe
[2012.02.17 23:36:02 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg
[2012.02.17 23:36:00 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf
[2012.01.31 00:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 00:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 00:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 00:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 00:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.09 19:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.12.23 17:39:57 | 000,025,600 | ---- | C] () -- C:\Users\Tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.07 19:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2011.06.10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.05.29 15:50:27 | 000,000,604 | -H-- | C] () -- C:\Program Files\STLL Notifier
[2010.10.20 23:15:07 | 000,007,602 | ---- | C] () -- C:\Users\Tobias\AppData\Local\Resmon.ResmonCfg
[2010.09.20 22:49:55 | 000,002,394 | ---- | C] () -- C:\Users\Tobias\gdbtk.ini
[2010.04.27 21:44:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.08 22:49:47 | 000,001,074 | RH-- | C] () -- C:\Users\Tobias\XrxWm.ini
[2009.12.08 22:49:47 | 000,000,522 | RH-- | C] () -- C:\Users\Tobias\xw45cpdy.dyc
[2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
Extras.txt:
Code:
ATTFilter
OTL Extras logfile created on: 29.01.2013 20:16:05 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tobias\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 52,90% Memory free
6,00 Gb Paging File | 4,23 Gb Available in Paging File | 70,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 201,63 Gb Total Space | 41,27 Gb Free Space | 20,47% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 231,13 Gb Free Space | 99,25% Space Free | Partition Type: NTFS
Drive R: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive S: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive T: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive U: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive V: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive W: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive X: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive Y: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive Z: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
 
Computer Name: TOBIAS-PC | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041D5D88-C997-4CA0-8DF8-DAA5C4A7EFB3}" = rport=138 | protocol=17 | dir=out | app=system | 
"{05EA55FD-3F57-4557-92A6-C8C37F6D26E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{075E14AF-6E7E-4A97-B14B-5861836C8CC1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{167FCF4D-98D3-45E5-A5C1-76105AC25ECD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{1A6D4705-9EFB-462F-AF85-2882A0051BFD}" = lport=138 | protocol=17 | dir=in | app=system | 
"{1AB71EC8-F5AA-4918-B145-9FE6A2967DFD}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1D585706-CF65-487C-AD38-54D6D81D3258}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | 
"{35B2C03F-DEE0-4591-910A-3B095B22286E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3A540D2B-1539-4448-B225-8DB9CD92A6BD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{41E4C983-682A-448E-A2B6-09C962FFE417}" = lport=445 | protocol=6 | dir=in | app=system | 
"{6B59A0CF-C8F1-4B8C-8BD6-468196FE533B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{73DFB28F-0308-48C6-99F1-895FCA1050B4}" = lport=139 | protocol=6 | dir=in | app=system | 
"{8ABC23E1-6EA8-4D4D-BB90-3E74C3543F36}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{97F314CD-4284-43F1-A115-2DFF0A5C5DB8}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A661846E-B9D1-4937-B7ED-5504D2896FED}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A69B0BA1-8CA3-4192-AF3B-9AFE67AC6588}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BF7801F5-3E23-4C70-82D5-0CF8E6B852DB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{DC8EAE96-26BD-42C9-A0E9-DFD0369A6E7E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{DEF86D45-19A9-4F08-93E4-9E0D9BA2463B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F456DB7E-9881-48EF-9589-33548AB24F8A}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001DC434-2B3C-46EE-A096-60DDFD431661}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\kernel\dmp\clbrowserengine.exe | 
"{027AD91A-561E-4ED4-82BB-862255AE2BBC}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs841d.tmp\symnrt.exe | 
"{03A06FC4-A9BE-420D-969D-0DD1F9156ED3}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe | 
"{041296C8-1713-4AD7-BADF-4035F197737E}" = dir=in | app=c:\program files\asus\ai touchmedia\playmovie\pmvservice.exe | 
"{06C6EB43-B0F9-42E2-B962-B478E7B92A8E}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe | 
"{0FD37392-F7EE-4911-9DE4-389CF3753760}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs53ab.tmp\symnrt.exe | 
"{14B801E3-DB30-4FE7-BB11-BACE7456A7B1}" = protocol=6 | dir=in | app=c:\program files\dsassistant\dsassistant.exe | 
"{1AD538F3-57C5-4E60-9B40-FF0C6E1814C0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{1FBD86A1-2519-460A-8449-FCC7731D916A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2157E135-909A-4251-BA7E-E0E03087B5A3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{267096AE-E838-4FE2-9BA9-8A8F7B2BAD38}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe | 
"{2B1BC6CE-3E15-4FED-915D-A4FA41F6C6E0}" = protocol=6 | dir=in | app=c:\program files\brother\bradmin light\bradmlight.exe | 
"{3297E1CB-BE30-4F70-8E12-18B73B81FCA3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3434F06C-BA03-4A6E-809D-7B92FE8491C4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{3EE263E2-3748-4750-8A33-619E65C18131}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\pcmservice.exe | 
"{464C5C8A-911E-4647-8A21-61270BEAE1EF}" = protocol=17 | dir=in | app=c:\program files\cryptload\routerclient.exe | 
"{47EC9367-D851-45CB-98C4-0D24AFB2D73D}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\powercinema.exe | 
"{4B34A982-1E1F-403A-81B2-F2762987CDDF}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{4B950325-2AAB-4799-B914-45D8770DFF6E}" = protocol=17 | dir=in | app=c:\program files\dsassistant\dsassistant.exe | 
"{53C77473-41F1-41B2-B0A8-C3706E125865}" = protocol=17 | dir=in | app=c:\program files\brother\bradmin light\bradmlight.exe | 
"{54C4CE4B-DA0F-4267-8994-6B7B247AED44}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs53ab.tmp\symnrt.exe | 
"{6B6B7E6C-F450-4F50-A7F0-63EB366DC4DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{709CFEBA-60A4-44A9-B05D-531732082254}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7DD13723-C2FD-4D6D-893B-A61AA421E4C0}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08x\faxrx.exe | 
"{8574415D-0F40-4050-A4DD-38554E15B024}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{944AEE65-B022-4A13-B7AD-B75CF3F91781}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9EE10F96-265E-4506-8B4E-5C7BEE2B3F14}" = protocol=6 | dir=in | app=c:\program files\sticky-notes\stickynotes.exe | 
"{A6F5B685-EF5A-40C7-AC33-A8E7F625F51E}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"{A984EB10-111A-4FBD-90F1-E42BCA1077F8}" = protocol=17 | dir=in | app=c:\program files\dvdvideosoft\free youtube to mp3 converter\freeyoutubetomp3converter.exe | 
"{A98FA8E4-D8EC-474D-BAF1-898D08894D2F}" = protocol=6 | dir=in | app=c:\program files\dvdvideosoft\free youtube to mp3 converter\freeyoutubetomp3converter.exe | 
"{B0498284-6002-4120-B675-B60CB0687B1C}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{B0817CA5-B8BA-4F8F-9C56-2BBD3B2421A5}" = protocol=6 | dir=in | app=c:\program files\cryptload\routerclient.exe | 
"{B18E4059-9D7E-46DA-A07E-6AD932D4F1E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B1F7DF12-1376-4FD4-9948-F4C56118467B}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08x\faxrx.exe | 
"{B84213F3-084D-42B3-9858-FED962273DB9}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"{BA4F3654-8228-480F-AB04-CDC6DBC94378}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs841d.tmp\symnrt.exe | 
"{BDFBC1D9-F45F-47B7-818D-3825F4D7D188}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{BF356723-77C8-4C9B-8C9E-997E6E42B9C4}" = dir=in | app=c:\program files\asus\ai touchmedia\playmovie\playmovie.exe | 
"{C4DB1A66-0AE9-4BBE-BAD4-77626A1A6802}" = protocol=17 | dir=in | app=c:\program files\sticky-notes\stickynotes.exe | 
"{D657F87D-0D78-47FE-B43B-75AB60B4BF12}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{DC876067-210F-4051-A80D-411EBECFB11E}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"{E8A1E66D-A3CD-46D1-9415-75928EDFBAE0}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"{EBAD3B8C-4AFC-42DA-9A6B-1BD9205A7845}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"{F36901D2-DF05-4C17-9BA6-CDB1A35E0875}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"{F819AD12-A82F-40E2-B58D-B3DC6755C750}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe | 
"{FCE89D9E-ADE0-4CE5-8FD7-1D9C3A3B440F}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\kernel\dms\clmsservice.exe | 
"TCP Query User{02E5CF71-C41C-4ECA-B5B3-10AF059033FA}C:\program files\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe | 
"TCP Query User{0B70DF58-484E-4AFE-8420-8AB871D01486}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{11E5D607-3B76-4FD7-A5CA-33D9D6200B3D}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{196BA8AF-88C2-4288-A3F9-AC9A3070DBAE}C:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{1B96BECF-A1C7-47FF-8FCD-240EA3F4F8FF}C:\program files\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\program files\eclipse\eclipse.exe | 
"TCP Query User{2A010DDD-89D0-441E-8DD1-875E3A2DA97C}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{3497DCFE-1A0E-4F57-B655-15F5FB47D4CE}C:\users\tobias\downloads\cryptload\cryptload.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\cryptload\cryptload.exe | 
"TCP Query User{38A2CE76-CAE4-4E13-88C3-22920DEADA61}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{5A59D56C-D2F9-43B1-AA1E-4988AB974680}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{6565FA87-4127-4872-949A-8E91E653495B}C:\program files\cryptload\routerclient.exe" = protocol=6 | dir=in | app=c:\program files\cryptload\routerclient.exe | 
"TCP Query User{8FAAAF21-882C-4650-B26F-8FF86F032C20}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe | 
"TCP Query User{9CBDC362-0863-479A-84BD-916D334A5B1D}C:\program files\multiwindow\multiwindow.exe" = protocol=6 | dir=in | app=c:\program files\multiwindow\multiwindow.exe | 
"TCP Query User{A8259058-A0CB-4423-9035-1D3A19D5EB86}C:\program files\sticky-notes\stickynotes.exe" = protocol=6 | dir=in | app=c:\program files\sticky-notes\stickynotes.exe | 
"TCP Query User{B59EE160-C91F-4A70-946E-06EB18347EF6}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{BA2B682D-B0D7-40D5-A623-CE91521C1623}C:\users\tobias\downloads\ps2clientloader_v131\ps2client.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\ps2clientloader_v131\ps2client.exe | 
"TCP Query User{C574EDD3-0285-41A5-BB13-66861515C45E}C:\program files\multiwindow\avtranserver.exe" = protocol=6 | dir=in | app=c:\program files\multiwindow\avtranserver.exe | 
"TCP Query User{C86812B2-37A4-45F9-8725-1F1566D07BE5}E:\search ip camera\search ip camera.exe" = protocol=6 | dir=in | app=e:\search ip camera\search ip camera.exe | 
"TCP Query User{DCE7BE67-43B3-4659-A82C-2F13DE3EA541}C:\program files\dsassistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files\dsassistant\dsassistant.exe | 
"TCP Query User{E732BEB4-139B-44D3-8F23-F09B9B2ECEFD}C:\users\tobias\downloads\dsassistant_1920\win\dsassistant.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\dsassistant_1920\win\dsassistant.exe | 
"TCP Query User{EF5AA883-BA6A-40BC-9F86-2DA7AB7CF9FC}C:\program files\cryptload\cryptload.exe" = protocol=6 | dir=in | app=c:\program files\cryptload\cryptload.exe | 
"UDP Query User{19B5DF98-1B3F-41AD-A09C-9E10BA0AC482}C:\users\tobias\downloads\ps2clientloader_v131\ps2client.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\ps2clientloader_v131\ps2client.exe | 
"UDP Query User{1A4E05F5-077E-4D32-B06D-61F7F07783EB}C:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{492804F1-3798-472F-AFE4-851385ACA356}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{79284106-BA4F-49E7-97ED-2ADC9BEE2689}C:\users\tobias\downloads\cryptload\cryptload.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\cryptload\cryptload.exe | 
"UDP Query User{7A165089-2F40-414B-853D-E09A9A50F814}C:\program files\multiwindow\avtranserver.exe" = protocol=17 | dir=in | app=c:\program files\multiwindow\avtranserver.exe | 
"UDP Query User{8C16EA2E-9841-41FF-BA8A-2F29B6632B0D}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{8DE66ECF-3078-4090-8BD4-AD97B2E3E86D}C:\program files\cryptload\cryptload.exe" = protocol=17 | dir=in | app=c:\program files\cryptload\cryptload.exe | 
"UDP Query User{998392C6-B973-49AD-AB78-DA15404B2EC7}C:\program files\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe | 
"UDP Query User{BF9C4824-C75C-4D3B-9799-FD795A4224D7}C:\users\tobias\downloads\dsassistant_1920\win\dsassistant.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\dsassistant_1920\win\dsassistant.exe | 
"UDP Query User{C43C5D0B-E5E1-4348-810E-E0902A04AA33}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{C74F4127-7557-41FB-A3E2-F1CC18135741}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{CF0692D3-2A10-4712-BFEE-F2844DE96B41}C:\program files\multiwindow\multiwindow.exe" = protocol=17 | dir=in | app=c:\program files\multiwindow\multiwindow.exe | 
"UDP Query User{CF140235-50A3-4983-B568-0B21AF5F5D12}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{D4C27B0D-FB0E-4041-BE42-5C41070D6719}C:\program files\cryptload\routerclient.exe" = protocol=17 | dir=in | app=c:\program files\cryptload\routerclient.exe | 
"UDP Query User{D5ACF0E9-1EBB-48C2-8CD1-9284A98100D0}C:\program files\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\program files\eclipse\eclipse.exe | 
"UDP Query User{E3B650EB-15C9-4F85-9709-5C9C31A5433C}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
"UDP Query User{E53BD75B-6D9E-43D4-A938-B3EC88B6BF11}E:\search ip camera\search ip camera.exe" = protocol=17 | dir=in | app=e:\search ip camera\search ip camera.exe | 
"UDP Query User{ED5ABBDF-9E63-4513-ADA6-AB36438F22C2}C:\program files\dsassistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files\dsassistant\dsassistant.exe | 
"UDP Query User{EF1B7836-1092-4A4B-BA52-B7C388FDB6AC}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe | 
"UDP Query User{FC868967-5CE8-45BA-A87A-57D35A4619F2}C:\program files\sticky-notes\stickynotes.exe" = protocol=17 | dir=in | app=c:\program files\sticky-notes\stickynotes.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID-Anmelde-Assistent
"{1224ba19-1460-4da6-8c6a-81eb54c28202}" = Nero 9
"{1296CAF3-F007-4813-A95F-AD153F978DF1}" = AVRStudio4
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{250F0996-1830-40C8-9B1D-6874D808DD95}" = ChkMail
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = AI TouchMedia
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 11
"{27D51A76-371D-48B6-B06E-4137A15B7583}" = Express Gate
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D4967F6-6CB6-4F43-B623-E8273A0A2E2B}" = SmartScore X Professional Edition
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}" = Brother MFL-Pro Suite MFC-490CW
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{580EC579-E476-469F-9EBF-F82D696FC67A}" = iClone SE
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
"{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{668B80AF-D98F-42FC-8EE1-36252B03C5C9}_is1" = MIDI4all
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DDEEB4-CBF4-4B4C-8366-07E8CC03692B}" = Acronis*True*Image*Home 2012
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing-Desktop
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{84374A47-1DF5-4013-90D4-1288819869B1}" = Microsoft-Maus- und Tastatur-Center
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3810BEE-967B-41DC-9662-F941A3F7D689}" = calibre
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AC94B85D-500D-4B98-ADE5-3E391934BB0A}" = UltraCompare v6.40
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4C89330-0416-4B4A-93C1-E577D208D805}" = Sticky-Notes
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B9DB8FA6-EDB8-40F2-8B28-53A6B991DE84}" = Anvil Studio 2011
"{BA722179-62EA-4090-923D-D324CE1A691D}}_is1" = Helium Music Manager 8.6.3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{CF45002F-2205-4116-BB51-2D015F436CAC}" = Steinberg HALion Sonic SE Content for Cubase LE AI Elements
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3873CF8-9608-402B-88AD-D73B5FFAAED8}" = capella 7
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVRStudio4
"{D9461574-5FC0-4641-BBDC-D1038B196F55}" = Brother MFL-Pro Suite MFC-490CW
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.18.0001
"{DBF4BC99-53F1-4C97-84C3-7557D103E182}" = Steinberg Groove Agent ONE Vintage Beatboxes
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DE66EFAD-B9CC-4FD4-9157-6C18E5100161}" = Dolby Control Center
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}" = AVR Jungo USB
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE55714B-B67C-4D08-97AE-0CF4AC5A3A77}" = StuffIt Expander 2010
"{EF69ACEE-F360-4E14-842C-91668C71946F}" = Facebook IE Toolbar
"{EF7800A8-575E-4776-95A5-A9D904A85D5F}" = Steinberg HALion Sonic SE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F22F31CA-C27E-402D-9297-CE365DFC1A9C}" = UltraEdit 15.20
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FBE64702-E893-4D55-BA5C-514AAF11CCC4}" = Sibelius 7 OpenType Fonts
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"2EC52F3EE2336A439A608256B0D2A7E3D1DB739C" = Windows Driver Package - CASIO COMPUTER CO.,LTD. (PL-40R) MEDIA  (10/01/2004 1.00.00.0003)
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ARIA Engine_is1" = ARIA Engine v1.0.9.8
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Audacity_is1" = Audacity 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bamboo Dock" = Bamboo Dock
"Canon RAW Codec" = Canon RAW Codec
"DarkWave Studio" = DarkWave Studio 3.8.7
"Deckadance" = Deckadance
"Denemo" = Denemo
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter Version 6.2.2.46
"DirectWave" = DirectWave
"DMXControl" = DMXControl 2.12
"DPP" = Canon Utilities Digital Photo Professional 3.6
"Drumaxx" = Drumaxx
"Duplicate Cleaner" = Duplicate Cleaner 2.1b
"DX10" = DX10
"EAGLE 5.10.0" = EAGLE 5.10.0
"EAGLE 6.1.0" = EAGLE 6.1.0
"Edison" = Edison
"eLicenser Control" = eLicenser Control
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"Ext2Ifs_for_NT6" = Ext2 IFS 1.11a for Windows Vista/2008
"FileZilla Client" = FileZilla Client 3.2.8.1
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"FL Studio 10" = FL Studio 10
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.5
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Download Manager_is1" = Free Download Manager 3.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FreePDF_XP" = FreePDF (Remove only)
"Google Chrome" = Google Chrome
"GPL Ghostscript" = GPL Ghostscript
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"Guitar Pro 5_is1" = Guitar Pro 5.0
"Hardcore" = Hardcore
"IL Autogun" = IL Autogun
"IL Download Manager" = IL Download Manager
"IL DrumSynth Live" = IL DrumSynth Live
"IL Gross Beat" = IL Gross Beat
"IL Harmless" = IL Harmless
"IL Harmor" = IL Harmor
"IL Juice Pack" = IL Juice Pack
"IL Ogun" = IL Ogun
"IL Slicex" = IL Slicex
"IL Vocodex" = IL Vocodex
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = AI TouchMedia
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 3.0
"LinuxLive USB Creator" = LinuxLive USB Creator
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D)
"MAGIX Fotobuch" = MAGIX Fotobuch 3.2
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX PC Visit D" = MAGIX PC Visit
"MAGIX Video deluxe 2008 PLUS D" = MAGIX Video deluxe 2008 PLUS 7.5.0.20 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.22.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Maximus" = Maximus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"Mobile Partner" = Mobile Partner
"Morphine" = Morphine
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Mp3tag" = Mp3tag v2.53
"MultiWindow IP Camera Player_is1" = MultiWindow IP Camera Player version 1.0.6.44
"MuseScore" = MuseScore 1.2 MuseScore score typesetter
"Neuratron PhotoScore Ultimate" = Neuratron PhotoScore Ultimate
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PC_DIMMER2012_is1" = PC_DIMMER2012
"Pen Tablet Driver" = Bamboo
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PoiZone" = PoiZone
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"PuTTY_is1" = PuTTY version 0.60
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.393
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Rosegarden" = Rosegarden
"Sakura" = Sakura
"Sawer" = Sawer
"Sibelius 7.0.0.23_is1" = Sibelius 7.0.0.23
"SimSynth" = SimSynth
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"SopCast" = SopCast 3.2.4
"SqrSoftACFDW" = SqrSoft® Advanced Crossfading (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Sytrus" = Sytrus
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"TransMac_is1" = TransMac version 8.1
"Uninstall_is1" = Uninstall 1.0.0.1
"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam
"VLC media player" = VLC media player 2.0.5
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"Wasp" = Wasp
"Winamp" = Winamp
"WinAVR-20100110" = WinAVR 20100110 (remove only)
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec
"Sansa Updater" = Sansa Updater
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.01.2013 18:16:27 | Computer Name = Tobias-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/01/24 23:16:27.992]: [00003228]: GetDeviceIpAddress:
 GetAddressByName [BRW00242B725262] Error  
 
Error - 24.01.2013 18:16:58 | Computer Name = Tobias-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/01/24 23:16:58.069]: [00003228]: GetDeviceIpAddress:
 GetAddressByName [BRW00242B725262] Error  
 
Error - 24.01.2013 18:17:39 | Computer Name = Tobias-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/01/24 23:17:39.863]: [00003228]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.1.107]  
 
Error - 25.01.2013 13:39:53 | Computer Name = Tobias-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/01/25 18:39:53.782]: [00002624]: GetDeviceIpAddress:
 GetAddressByName [BRW00242B725262] Error  
 
Error - 25.01.2013 13:41:06 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.01.2013 18:51:22 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.01.2013 19:38:59 | Computer Name = Tobias-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Samsung\Kies\External\firmwareupdate\GT-I9300\DeviceController64.exe".
 Fehler in Manifest- oder Richtliniendatei "c:\program files\Samsung\Kies\External\firmwareupdate\GT-I9300\Microsoft.VC90.CRT.MANIFEST"
 in Zeile  11.  Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
 angeforderten Komponente überein.  Verweis: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition:
 Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden
 Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 27.01.2013 16:26:23 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.01.2013 14:35:18 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.01.2013 15:11:07 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 30.06.2012 08:54:11 | Computer Name = Tobias-PC | Source = MCUpdate | ID = 0
Description = 14:53:02 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
 liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
 keine Vertrauensstellung hergestellt werden..)  
 
[ System Events ]
Error - 22.01.2013 15:43:53 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rimmptsk" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1058
 
Error - 23.01.2013 18:14:38 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 23.01.2013 18:55:16 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 24.01.2013 14:55:52 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 25.01.2013 13:39:49 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 25.01.2013 13:39:51 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rimmptsk" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1058
 
Error - 25.01.2013 18:50:13 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 27.01.2013 16:25:13 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 29.01.2013 14:34:09 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 29.01.2013 15:09:52 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
 
< End of report >
         

Alt 29.01.2013, 21:17   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Hm, was hast du denn da für Laufwerk, von R bis Z? Sind das Netzlaufwerke?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.01.2013, 21:33   #15
TobseBeck
 
Fund mit Desinfec't - Standard

Fund mit Desinfec't



Jap, sind Netzlaufwerke. Der NAS ist aber selten an, daher waren die wohl beim letzten Scan nicht angehängt...

Antwort

Themen zu Fund mit Desinfec't
desinfec't, fund, funde, hallo zusammen, password, recovery, scan, schonmal, weiterhelfen, zusammen



Ähnliche Themen: Fund mit Desinfec't


  1. Desinfec't 2015 erscheint Mitte Juni
    Nachrichten - 27.05.2015 (0)
  2. Fund: Loader.jar, Fund: EXP/Java.Ternewb.Gen
    Plagegeister aller Art und deren Bekämpfung - 06.04.2015 (17)
  3. Win 8, fund.
    Plagegeister aller Art und deren Bekämpfung - 29.03.2015 (9)
  4. Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF
    Log-Analyse und Auswertung - 23.01.2015 (21)
  5. Desinfec't 2014 kommt Mitte Mai
    Nachrichten - 28.04.2014 (0)
  6. Systemdatum verstellt - "HEUR:Trojan.Script.Iframer" mit desinfec't gefunden
    Log-Analyse und Auswertung - 06.01.2014 (21)
  7. Desinfec't: Der Vierfach-Scan mit Fernhilfefunktion
    Nachrichten - 21.04.2013 (1)
  8. AVIRA-Fund: ADWARE/YONTOO.GEN2 und ESET-Fund: Win32/StartPage.OPH trojan
    Plagegeister aller Art und deren Bekämpfung - 04.04.2013 (12)
  9. Hintergrund: Desinfec’t vom Linux-Server booten
    Nachrichten - 02.08.2012 (0)
  10. Desinfec't 2012/Kaspersky findet Exploit.Java.CVE-2011-3544.** und Exploit.Java.CVE-2012-0507.**
    Plagegeister aller Art und deren Bekämpfung - 22.06.2012 (21)
  11. Desinfec't 2012/Kaspersky findet Exploit.Java.CVE-2011-3544.** und Exploit.Java.CVE-2012-0507.**
    Mülltonne - 11.06.2012 (0)
  12. Avira Fund "js/obfuscated.cf" und gleich darauf ""TR/SPY.KeyLogger.301" fund auf vista
    Plagegeister aller Art und deren Bekämpfung - 26.02.2012 (19)
  13. desinfec't findet Trojan.Generic.7110870, EXP/CVE-2010-3653.A und TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 20.01.2012 (34)
  14. Win Reparieren vs Neuinstall - TR/Kazy.19207.2 TR/FakeSysdef.A.387 - Desinfec´t
    Plagegeister aller Art und deren Bekämpfung - 15.05.2011 (3)
  15. dnschanger, fakealert, kein Fund mit G data, Fund mit antimalwarebytes
    Log-Analyse und Auswertung - 07.06.2010 (11)
  16. TR/Dropper.Gen-Fund... Was tun?
    Plagegeister aller Art und deren Bekämpfung - 15.10.2009 (1)
  17. Fund: TR/Agent.uss
    Plagegeister aller Art und deren Bekämpfung - 20.06.2009 (31)

Zum Thema Fund mit Desinfec't - Hallo zusammen, bei einem Scan mit Desinfec't hat es bei mir ein paar Funde gegeben: /media/VistaOS/Program Files/RAR Password Recovery Magic/RarRecover.exe Trojan.Dropper-26189 /media/VistaOS/Windows/winsxs/x86_microsoft-windows-activexproxy_31bf3856ad364e35_6.1.7600.16385_none_11e489934b9dec07/actxprxy.dll Win.Trojan.Agent-114869 /media/VistaOS/Program Files/ASUS/NB Probe/SPM/spmgr.exe Win.Trojan.Zbot-3220 /media/VistaOS/Users/Tobias/AppData/Local/Temp/7zOB74D.tmp/kg.exe Trojan.Generic.4197071 Könnt - Fund mit Desinfec't...
Archiv
Du betrachtest: Fund mit Desinfec't auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.