Malwarebytes Anti-Malware findet Trojan.Ransom.ANC

Bladel1998 · 08.03.2013, 19:36

Hallo,
heute habe ich mein Laptop hochgefahren und Minecraft gestartet dann habe ich gemerkt das es sehr gehakt hat und es normalerweiße immer flüssig gelaufen ist.
Dann habe ich Malwarebytes Anti-Malware mal laufen lassen und das Programm hat leider etwas gefunden.

Hier die Logs:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.08.15

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pascal :: PASCAL-PC [Administrator]

Schutz: Deaktiviert

08.03.2013 19:08:20
MBAM-log-2013-03-08 (19-20-14).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 245448
Laufzeit: 6 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Pascal\AppData\Roaming\Amgiuv\oqsa.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.
C:\Users\Pascal\AppData\Roaming\Nilebo\yciqo.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.
C:\Users\Pascal\AppData\Roaming\Tuyqe\yvtu.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.

(Ende)

Hoffe ihr könnt mir helfen oder gar sagen das es sich um ein Fehlalarm handelt.

cosinus · 08.03.2013, 19:38

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bladel1998 · 08.03.2013, 19:46

Nein bis jetzt habe ich keine anderen Logs.

Könntest du mir dann sagen mit welchen Tools ich nochmal scannen soll?

Danke schonmal

cosinus · 08.03.2013, 19:50

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

Bladel1998 · 08.03.2013, 20:35

Hallo cosinus,
habe so eben OTL drüberlaufen lassen hier die Logs:

OTL.txt

Code:

ATTFilter

OTL logfile created on: 08.03.2013 20:04:57 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Pascal\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,91 Gb Total Physical Memory | 5,25 Gb Available Physical Memory | 66,40% Memory free
15,82 Gb Paging File | 12,88 Gb Available in Paging File | 81,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,45 Gb Total Space | 127,82 Gb Free Space | 45,74% Space Free | Partition Type: NTFS
Drive D: | 394,18 Gb Total Space | 380,08 Gb Free Space | 96,42% Space Free | Partition Type: NTFS
Drive E: | 150,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Pascal\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Users\Pascal\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Steam\SDL.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (CGVPNCliSrvc) -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (TiMiniService) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (Trend Micro Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (HiPatchService) -- D:\HiPatchService.exe (Hi-Rez Studios)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (Update-Service) -- C:\Windows\SysWOW64\UpdSvc.dll (Joosoft.com GmbH)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)
DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (USBPNPA) -- C:\Windows\SysNative\drivers\CM10864.sys (C-Media Electronics Inc)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (XENfiltv) -- C:\Windows\SysNative\drivers\XENfiltv.sys (Creative Technology Ltd.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=10&cc=
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\..\SearchScopes,DefaultScope = {BE6D23F7-8510-43D3-B52B-705B297379BA}
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=117023&tt=0213_2&babsrc=SP_ss&mntrId=dcc9ff5c00000000000000ff8183310e
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\..\SearchScopes\{BE6D23F7-8510-43D3-B52B-705B297379BA}: "URL" = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=709
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.04.13 03:51:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.09 03:37:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.15 20:13:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2012.12.31 17:57:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.08 18:25:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.15 20:13:23 | 000,000,000 | ---D | M]
 
[2011.12.24 22:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Extensions
[2013.02.11 14:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Firefox\Profiles\7xpm5qk7.default-1347801284979\extensions
[2013.02.11 14:24:43 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\firefox\profiles\7xpm5qk7.default-1347801284979\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.12 09:12:51 | 000,002,432 | ---- | M] () -- C:\Users\Pascal\AppData\Roaming\mozilla\firefox\profiles\7xpm5qk7.default-1347801284979\searchplugins\babylon1.xml
[2013.02.03 13:05:20 | 000,002,060 | ---- | M] () -- C:\Users\Pascal\AppData\Roaming\mozilla\firefox\profiles\7xpm5qk7.default-1347801284979\searchplugins\softonic.xml
[2012.10.20 15:30:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.06 02:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.20 15:30:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.12 09:12:14 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.10.20 15:30:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.20 15:30:13 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.20 15:30:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.20 15:30:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.20 15:30:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.babylon.com/?affID=117023&tt=0213_2&babsrc=HP_ss&mntrId=dcc9ff5c00000000000000ff8183310e
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://search.babylon.com/?affID=117023&tt=0213_2&babsrc=HP_ss&mntrId=dcc9ff5c00000000000000ff8183310e
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Drive = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: avast! WebRep = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.8.11\bh\Softonic.dll (Softonic.com)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.8.11\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Cm108Sound] C:\Windows\Syswow64\cm108.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001..\Run: [Akamai NetSession Interface] C:\Users\Pascal\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1970508738-1949916810-4156901659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pascal\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pascal\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{856705FE-A221-47BE-AB9B-811E9BD8E651}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFE8D07F-B88B-4E90-A11B-AD21B5FFFB71}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261070~1.41\{c16c1~1\browse~1.dll) -  File not found
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.08 19:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.08 19:05:12 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.08 19:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.08 15:02:55 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Malwarebytes
[2013.03.08 15:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.08 15:02:28 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\Programs
[2013.02.27 19:48:54 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 19:48:54 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 19:48:54 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 19:48:54 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 19:48:48 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 19:48:48 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 19:48:40 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 19:48:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 19:48:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 19:48:39 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 19:48:39 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 19:48:39 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 19:48:39 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 19:48:39 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 19:48:39 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 19:48:38 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 19:48:38 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 19:48:38 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 19:48:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 19:48:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 19:48:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 19:48:37 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 19:48:37 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 19:48:37 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 19:48:37 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 19:48:37 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 19:48:37 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 19:48:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 19:48:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 19:48:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 19:48:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 19:48:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 19:48:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 19:48:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 19:48:36 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 19:48:36 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 19:48:36 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 19:48:36 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 19:48:36 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 19:48:36 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.27 19:48:35 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.26 13:27:45 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.02.26 13:27:31 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.02.26 13:27:31 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.02.26 13:27:31 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.02.26 13:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.02.24 11:39:38 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Desktop\Neuer Ordner (4)
[2013.02.24 11:32:47 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Documents\My Games
[2013.02.24 11:31:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013.02.23 07:53:15 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\{E665229D-D0D3-48BA-938E-441F9494B890}
[2013.02.22 14:48:53 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Documents\Music Maker 2013
[2013.02.22 14:48:53 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Documents\MAGIX
[2013.02.22 14:27:38 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\simplitec
[2013.02.22 14:05:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX
[2013.02.22 14:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2013.02.22 14:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2013.02.22 14:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\simplitec
[2013.02.22 14:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
[2013.02.22 14:04:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\simplitec
[2013.02.22 14:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013.02.22 14:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013.02.22 14:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2013.02.22 13:11:10 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Documents\MAGIX Downloads
[2013.02.22 13:11:09 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\MAGIX
[2013.02.13 19:53:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 19:53:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 19:53:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 19:53:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 19:53:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 19:53:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 19:53:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 19:53:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 19:53:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 19:53:34 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 19:53:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 19:53:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 19:53:30 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 19:53:29 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 19:53:29 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 16:22:06 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 16:22:05 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 16:22:05 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 16:16:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 16:16:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 16:16:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 16:16:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 16:16:48 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 16:16:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 15:47:11 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.11 13:27:52 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Documents\Steuerfälle
[2013.02.11 13:27:07 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\AAV
[2013.02.11 13:25:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps
[2013.02.11 13:25:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
[2013.02.11 13:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2013.02.10 20:07:29 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Desktop\Neuer Ordner (3)
[2013.02.10 20:06:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TERA
[2013.02.10 10:12:31 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Desktop\Neuer Ordner (2)
[2013.02.07 21:45:02 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\{DD5D5DDA-8BC7-4668-A15B-7743020441D1}
[2013.02.07 20:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\TERA
[2013.02.07 20:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.08 19:18:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.08 19:05:13 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.08 19:04:46 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.08 19:04:46 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.08 18:56:24 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.08 18:56:02 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013.03.08 18:55:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.08 18:55:24 | 2077,249,535 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.08 18:54:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.08 14:44:47 | 000,007,601 | ---- | M] () -- C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg
[2013.03.08 14:17:14 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.08 14:17:14 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.02.26 13:27:24 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.02.26 13:27:23 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.02.26 13:27:23 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.02.26 13:27:22 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2013.02.26 13:27:22 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.02.26 13:27:22 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.02.22 14:44:01 | 000,002,238 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013.02.22 14:43:54 | 000,001,501 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.02.22 14:43:43 | 004,903,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.22 14:05:46 | 000,120,200 | ---- | M] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2013.02.22 14:05:43 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker 2013.lnk
[2013.02.22 14:04:57 | 000,002,053 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
[2013.02.22 14:04:56 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\simplicheck.lnk
[2013.02.17 16:36:53 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.02.17 16:36:52 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.13 19:56:18 | 001,695,176 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.13 19:56:18 | 000,718,978 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.13 19:56:18 | 000,672,556 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.13 19:56:18 | 000,156,878 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.13 19:56:18 | 000,129,086 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.11 13:25:43 | 000,002,219 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Spar- Erklärung 2013.lnk
[2013.02.10 20:02:37 | 000,001,844 | ---- | M] () -- C:\Users\Pascal\Desktop\TERA.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.08 19:05:13 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.08 14:41:13 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.08 14:41:13 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.02.22 14:05:43 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker 2013.lnk
[2013.02.22 14:04:57 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
[2013.02.22 14:04:56 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\simplicheck.lnk
[2013.02.11 13:25:43 | 000,002,219 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Spar- Erklärung 2013.lnk
[2013.02.11 13:22:46 | 159,222,096 | ---- | C] () -- C:\Users\Pascal\Desktop\SSEStandard_18.06.exe
[2013.02.11 13:21:01 | 157,204,544 | ---- | C] () -- C:\Users\Pascal\Desktop\SSEStandard_18.06.zip
[2013.02.07 20:04:30 | 000,001,844 | ---- | C] () -- C:\Users\Pascal\Desktop\TERA.lnk
[2013.01.19 12:42:00 | 000,000,680 | RHS- | C] () -- C:\Users\Pascal\ntuser.pol
[2013.01.19 11:25:14 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix108.dll
[2013.01.19 11:25:04 | 000,000,321 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2013.01.19 11:24:27 | 000,002,547 | ---- | C] () -- C:\Windows\Cm108.ini.cfg
[2013.01.19 11:24:27 | 000,000,746 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2012.11.10 17:05:57 | 000,582,227 | ---- | C] () -- C:\Users\Pascal\AppData\Roaming\technic-launcher.jar
[2012.11.10 17:05:57 | 000,581,642 | ---- | C] () -- C:\Users\Pascal\AppData\Roaming\technic-launcher.jar.bak
[2012.10.09 21:46:45 | 000,000,262 | ---- | C] () -- C:\Users\Pascal\Ka.ini
[2012.07.12 15:25:22 | 000,639,488 | ---- | C] () -- C:\Windows\SysWow64\ficvdec_x86.dll
[2012.07.12 08:38:26 | 000,001,471 | ---- | C] () -- C:\Windows\cm108.ini
[2012.06.18 19:24:31 | 000,007,601 | ---- | C] () -- C:\Users\Pascal\AppData\Local\Resmon.ResmonCfg
[2012.05.03 14:36:29 | 000,000,600 | ---- | C] () -- C:\Users\Pascal\AppData\Local\PUTTY.RND
[2012.04.05 16:45:48 | 001,055,498 | ---- | C] () -- C:\Windows\SysWow64\libodbc++.dll
[2012.03.03 11:46:41 | 000,000,094 | ---- | C] () -- C:\Users\Pascal\AppData\Local\fusioncache.dat
[2012.03.03 11:44:29 | 001,651,078 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.07.07 07:12:52 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.07.07 07:12:49 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.07.07 07:12:47 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.04.13 03:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011.03.31 08:59:24 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:F63A059B

< End of report >

Extras.txt

Code:

ATTFilter

OTL Extras logfile created on: 08.03.2013 20:04:57 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Pascal\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,91 Gb Total Physical Memory | 5,25 Gb Available Physical Memory | 66,40% Memory free
15,82 Gb Paging File | 12,88 Gb Available in Paging File | 81,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,45 Gb Total Space | 127,82 Gb Free Space | 45,74% Space Free | Partition Type: NTFS
Drive D: | 394,18 Gb Total Space | 380,08 Gb Free Space | 96,42% Space Free | Partition Type: NTFS
Drive E: | 150,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1970508738-1949916810-4156901659-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E56C58-7B6F-45F1-BB4F-C8E409DA0D07}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{07549C41-32A8-4981-A7B7-27F94A0D94FE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{22F179D0-0AE1-4F7B-88F9-E99085020B59}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3AA5F8AB-D893-4B24-907C-AD6C3B085ECF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3AC68768-09D4-4041-83F5-965319A81863}" = rport=138 | protocol=17 | dir=out | app=system | 
"{4C48A5E0-DB5A-4103-A3F0-78D21FCD5C0E}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4DEF4159-B217-40F1-8462-9F593BCE63DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4E28C2A6-EE20-4320-BFB2-E38CE140499A}" = lport=80 | protocol=6 | dir=in | name=league of legends | 
"{4F991E96-73DC-4119-82C6-65157F5F021B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | 
"{5E81324A-3E1B-4BCE-8F55-94A89DD8A3CE}" = rport=445 | protocol=6 | dir=out | app=system | 
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{76DFF5A6-EEB3-47AB-98B1-67ADA78D1697}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{7FCD323B-C717-4341-BD30-E342820B02AC}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{80082A49-F3BB-4ADD-B230-E2BF7F207BDC}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{818E5E05-5CFA-4F17-9E63-69ABF89E01CB}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A0C9767B-9A7C-4D15-8D27-C466E03D2837}" = lport=8393 | protocol=6 | dir=in | name=league of legends 2 | 
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | 
"{A73519DF-CA56-49A9-A5CF-21E634D69959}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B637D48F-7551-4CFB-B3D2-1653DC9018A4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{C1FAF036-3960-4211-946F-54CF094651D5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{C4C424FB-A9E4-4255-B4CF-44F18160007A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D535263B-B297-4A5D-8733-8289088CC834}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D5DB0CDB-6964-40AD-B558-62D6847584BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E5B09B62-B0EE-42C4-BDEB-792E7696DB02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F019D4E1-0B59-4D95-82DD-F49DAA448A68}" = rport=10243 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09C5AD4E-9071-4161-986A-7AFBE97F5C28}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe | 
"{11BE6A0C-C9E3-4C4D-A147-B42CE4A3760D}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{16CCEA58-2CF9-460F-9096-F04D15228FBF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{23D1C113-D80E-4F21-B036-C851C870BE40}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{25F3C89D-256F-4A7D-9A5C-D3C9820867D5}" = protocol=17 | dir=in | name=java(tm) platform se binary | 
"{2F15F181-8A41-4A3E-B43A-B8F6A1595B78}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3332A7B9-9520-49D0-B63D-FFB8ACBCAFAA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{3468A69B-9A48-448D-A01B-320F3A19CCEB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{399C1BBC-0E66-4AD6-BBE9-37E9A29DC905}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{39B2B566-046C-4C4B-92A0-8BEE6509F537}" = protocol=6 | dir=out | app=system | 
"{3A00D680-3AF7-475B-90B4-9B97C7513DEE}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"{3B2A22E4-6033-44F7-B49C-D37E72BFC3EC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gamemaker_studio\gamemakerplayer.exe | 
"{3B95F9A0-AD3A-4264-BFE3-8C53CEAF90F7}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe | 
"{3FE1ADE4-2E05-4B6A-8C6B-2F6B610D4C29}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{4411FD6E-6A97-462B-84B7-E894C1158492}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{474F5F08-531F-4A44-A91F-B22F8AAD046C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{48A34B90-304B-410A-B204-CB847A15F38C}" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\rar$ex68.704\sh-it.exe | 
"{48C1C94D-7407-4765-80A2-A75BD8E5B50A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4CC4B549-3AF7-4782-A76E-52A7C54CFCE3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{4EB3ED51-13E3-42C7-817B-4336CF47CD7F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{50E2626E-B977-44FA-B497-5BC6F9757DDC}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{57542515-20D0-450D-8424-4B01EA2F1C77}" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | 
"{5F94853F-D70B-45D9-9C93-96F5D3823D7A}" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\akamai\netsession_win.exe | 
"{649E4168-9338-4FF9-8A2B-25382BFB94A6}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"{65C5C899-E3D7-446C-B9BE-0CCFF758E271}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{66715E2F-6DAD-4F50-A2C7-9D602F75B3E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6A0E451F-B136-4923-A315-C453F8C66814}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{6C9BEF5F-BF98-4AD6-A182-05200D9EA497}" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | 
"{712D9344-163E-4CAB-AC5D-FB00538F2990}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{73362449-9CEC-4024-BDBF-8FD5068604B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7356805F-E2AA-48DE-9EFB-0516C56C1424}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{7FD9E899-8A7E-4FEB-9F70-3D5557646DEA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{80D827EC-0248-401C-ABEB-737B7E4431CC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{894E2151-A87D-4750-AEEC-BA536AEEE32F}" = dir=in | app=d:\league of legends\rads\projects\lol_air_client\releases\0.0.0.176\deploy\lolclient.exe | 
"{8ACE6B9C-31EF-4BDA-AC73-4B7F5DEAA827}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe | 
"{8BDFD782-858D-4E4E-9DAB-A12D9AEBD127}" = dir=in | app=d:\league of legends\lol.launcher.exe | 
"{8DD2CB17-C5B2-4975-80F6-E545747D43C8}" = dir=in | app=c:\brickforce\brickforce.exe | 
"{8E4E180D-72A7-4B5A-96BF-8F98C14B49F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{957500D5-C7DA-4B7D-955D-8B834CAEEBBF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{964D7E16-182B-4D21-8505-E5DE5B2B084C}" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\rar$ex68.704\sh-it.exe | 
"{9797C0D7-C80E-4591-8756-FA87C31D052A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{98004AAE-869A-48A9-AE51-FF3F30A73ED1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{9FD06ECF-D028-4750-A506-7020994A2E58}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gamemaker_studio\gamemakerplayer.exe | 
"{A2353FB7-1E91-4552-8EB1-C26BDF37AACC}" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\akamai\netsession_win.exe | 
"{A77894E7-C814-40A7-93DB-3673B2002488}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"{A7FCA7D1-F9AB-4548-96B0-54BB3078EC4B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{AC499D4D-B056-4EAD-8042-2C667571DEB6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AECCA1B5-4E8E-4992-A498-9FA0BE0A8871}" = dir=in | app=d:\league of legends\rads\solutions\lol_game_client_sln\releases\0.0.0.171\deploy\league of legends.exe | 
"{B86E7C7E-26B1-4E1C-8F03-45056E46E360}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe | 
"{B8955039-8DA4-433B-BE63-944B77544A1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BB3F1F89-2C3C-40C3-B2F4-2D9CF09A3A2B}" = protocol=58 | dir=in | app=system | 
"{BDDF01E1-DA95-45D7-B260-3EF9F89A09C0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{C70B5D3C-5B45-4497-988E-9DC3DDF44453}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe | 
"{C9AC92D0-44F8-41FC-B792-8013CEA9E3E2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CB9565A0-3F6C-43D5-8273-40C80DB94BEA}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{CC015AC0-A783-4B07-95AC-8EE77632C094}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D3BA6AB7-3171-4B9E-B3C5-84C5911A283A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{DAEFA046-54FB-49AB-8830-A576F9A65334}" = dir=in | app=c:\brickforce\bflauncher.exe | 
"{DB90EDD3-BA2D-45C5-9EE9-D74891D15CA1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F28CEF1A-DAE9-4FDE-9AE8-BDD7D35AB45C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{F3C9ABB6-2A18-4D03-AEA4-FE16FA3DBB88}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F747C43B-2E5A-4C02-81C6-0AABDF5BAF18}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"{F7AE7C1B-0E3F-4EF9-9139-CD0C8863F6CE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F8EEA808-FB1F-4100-B81B-7AD9180A8320}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe | 
"{FB9F95CB-7341-43F4-95D8-715344775EF0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FF34677F-B700-4E43-AAC7-CDDE00C30D82}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"TCP Query User{33C1D47E-25C8-427C-99B5-78BCAA62A69D}C:\users\pascal\desktop\warcraft3\war3.exe" = protocol=6 | dir=in | app=c:\users\pascal\desktop\warcraft3\war3.exe | 
"TCP Query User{49CB8909-0394-4AE7-9E75-6081A75C21F8}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | 
"TCP Query User{6EB24C26-A868-419A-9FC7-7ABC254BE80D}C:\users\pascal\appdata\local\temp\rar$ex68.704\sh-it.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\rar$ex68.704\sh-it.exe | 
"TCP Query User{A2F8F105-FA3D-42D4-9711-2F26C28B72FD}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{A4E00EC6-AFD0-493B-AF08-D2F238F604D8}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"TCP Query User{AA417CB7-EE55-4F40-8CA7-DB01553AEC47}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{CDEC2244-EBE5-4848-B017-ACF059C37CB0}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{E4112004-D9BE-4682-8CE7-B3491167C91A}C:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe | 
"UDP Query User{38414430-7452-4D90-97A8-C9FC5CC0A720}C:\users\pascal\appdata\local\temp\rar$ex68.704\sh-it.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\rar$ex68.704\sh-it.exe | 
"UDP Query User{6BA14627-B3B1-4D25-B90C-A022A317A01F}C:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe | 
"UDP Query User{78CC47FB-54B6-4C18-B0DF-705FFC5FACCC}C:\users\pascal\desktop\warcraft3\war3.exe" = protocol=17 | dir=in | app=c:\users\pascal\desktop\warcraft3\war3.exe | 
"UDP Query User{7B28925A-296E-4101-98B1-EC438A731D60}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"UDP Query User{A3C93BD0-35AE-46E4-BB75-8C51B56CAAAE}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{BD2F0EF1-D1F8-4370-AF82-398E9E677D56}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{E9842866-DB1A-4B12-8E80-2E14B22AF9A7}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | 
"UDP Query User{EC6663F7-8945-4B19-B106-9178994CA4C4}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{108B6F8D-5158-4ACE-BB39-61F970656824}" = MAGIX Music Maker 2013 Trial Soundpools
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86417015FF}" = Java 7 Update 15 (64-bit)
"{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety
"{287134AD-092F-4BD0-A6F4-911B0B351E87}" = Windows Live Family Safety
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{3F5C2BC0-B7D7-4114-B273-3B1460B2452B}" = MAGIX Music Maker 2013
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{464F7B5E-80BB-4F34-A602-384F0702674A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5ECA80C9-7D7A-49AC-B487-52F1CF47ECEE}" = Windows Live Family Safety
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{698EAE05-09DE-47D0-9586-29E41A0934DD}" = Windows Live Family Safety
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{74AC7ECE-87E1-41F7-ABA2-5ED9B13CECFA}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8832CAA2-4934-4916-A8BF-A9A51C6B58B3}" = Windows Live Family Safety
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{944E73EF-857E-4F71-9DC4-CD059D7ADDEF}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B332E15B-243F-4F40-8530-1524F84230A0}" = MAGIX Goya burnR (MSI)
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C61D639C-3A1B-4654-901F-08927C804321}" = Windows Live Family Safety
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"C-Media CM108 Like Sound Driver" = SPEEDLINK MEDUSA NX 7.1
"CyberGhost VPN_is1" = CyberGhost VPN
"Elantech" = ETDWare PS/2-X64 8.0.5.3_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{183D780B-28F9-41BA-A2CB-605F324A5781}" = simplitec simplicheck
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1DDBB040-3BEB-4057-90BB-B38B5E081D1B}" = MorphVOX Pro
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Games
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"ASUS K3 Series ScreenSaver" = ASUS K3 Series ScreenSaver
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"avast" = avast! Free Antivirus
"Bookworm Deluxe" = Bookworm Deluxe
"BrickForce" = BrickForce 1.4.40
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Conquest of Paradise Client" = Conquest of Paradise Client
"Cooking Dash" = Cooking Dash
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup" = DivX-Setup
"Emergency 2012" = Emergency 2012
"FantasyTennis" = FantasyTennis
"Florensia" = Florensia 2.00.01
"Fraps" = Fraps (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Google Chrome" = Google Chrome
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"Icy Tower v1.5_is1" = Icy Tower v1.5
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Jewel Quest 3" = Jewel Quest 3
"LogMeIn Hamachi" = LogMeIn Hamachi
"Luxor 3" = Luxor 3
"MAGIX_{3F5C2BC0-B7D7-4114-B273-3B1460B2452B}" = MAGIX Music Maker 2013
"MAGIX_{B332E15B-243F-4F40-8530-1524F84230A0}" = MAGIX Goya burnR (MSI)
"MAGIX_GlobalContent" = MAGIX Content und Soundpools
"Mahjongg dimensions" = Mahjongg dimensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mirillis Action!" = Action!
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MTA:SA 1.1" = MTA:SA v1.1.1
"MTA:SA 1.3" = MTA:SA v1.3
"Notepad++" = Notepad++
"Plants vs Zombies" = Plants vs Zombies
"ProInst" = Intel PROSet Wireless
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Softonic" = Softonic toolbar  on IE and Chrome
"Steam App 214850" = GameMaker: Studio
"TeamViewer 7" = TeamViewer 7
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1970508738-1949916810-4156901659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"0bf1b68a17c4f977" = MyCrAft.eu
"Akamai" = Akamai NetSession Interface
"FileZilla Client" = FileZilla Client 3.5.3
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10.02.2013 05:13:56 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Terraria.exe, Version: 1.0.4.0, Zeitstempel:
 0x4f158690  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0xe0434352  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0xa7c  Startzeit der fehlerhaften Anwendung: 0x01ce076ef22ca6f0  Pfad der
 fehlerhaften Anwendung: C:\Users\Pascal\Desktop\Neuer Ordner (2)\Terraria.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: 32032e76-7362-11e2-b843-50465ddd2b32
 
Error - 10.02.2013 05:14:08 | Computer Name = Pascal-PC | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 10.02.2013 05:14:08 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Terraria.exe, Version: 1.0.4.0, Zeitstempel:
 0x4f158690  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0xe0434352  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0x1650  Startzeit der fehlerhaften Anwendung: 0x01ce076efb7a132f  Pfad der
 fehlerhaften Anwendung: C:\Users\Pascal\Desktop\Neuer Ordner (2)\Terraria.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: 3940ecdb-7362-11e2-b843-50465ddd2b32
 
Error - 10.02.2013 18:56:47 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
 Zeitstempel: 0x4c00573a  Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.5.0.600,
 Zeitstempel: 0x508e04d9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0006dcf8  ID des fehlerhaften
 Prozesses: 0x1b20  Startzeit der fehlerhaften Anwendung: 0x01ce07dd2e0b603e  Pfad der
 fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.239\deploy\LolClient.exe
Pfad
 des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.239\deploy\Adobe
 AIR\Versions\1.0\Adobe AIR.dll  Berichtskennung: 253ed06f-73d5-11e2-a8aa-50465ddd2b32
 
Error - 11.02.2013 07:41:00 | Computer Name = Pascal-PC | Source = Application Hang | ID = 1002
Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 23b4    Startzeit: 01ce084c9d6269f3    Endzeit: 2    Anwendungspfad: 
D:\League of Legends\RADS\system\rads_user_kernel.exe    Berichts-ID: e606cb9a-743f-11e2-98ed-50465ddd2b32

 
Error - 11.02.2013 12:33:51 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
 Zeitstempel: 0x4c00573a  Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.5.0.600,
 Zeitstempel: 0x508e04d9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0006dcf8  ID des fehlerhaften
 Prozesses: 0x2378  Startzeit der fehlerhaften Anwendung: 0x01ce08744fbd500d  Pfad der
 fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.239\deploy\LolClient.exe
Pfad
 des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.239\deploy\Adobe
 AIR\Versions\1.0\Adobe AIR.dll  Berichtskennung: d0ac96af-7468-11e2-b7f7-50465ddd2b32
 
Error - 12.02.2013 04:25:41 | Computer Name = Pascal-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.1.2:5353   12 2.1.168.192.in-addr.arpa.
 PTR iPad.local.
 
Error - 12.02.2013 04:25:41 | Computer Name = Pascal-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   17 2.1.168.192.in-addr.arpa.
 PTR Pascal-PC.local.
 
Error - 13.02.2013 13:06:36 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
 Zeitstempel: 0x4c00573a  Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.5.0.600,
 Zeitstempel: 0x508e04d9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0006dcf8  ID des fehlerhaften
 Prozesses: 0x173c  Startzeit der fehlerhaften Anwendung: 0x01ce0a0ab5ea40ca  Pfad der
 fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.239\deploy\LolClient.exe
Pfad
 des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.239\deploy\Adobe
 AIR\Versions\1.0\Adobe AIR.dll  Berichtskennung: b90f0a21-75ff-11e2-8022-50465ddd2b32
 
Error - 13.02.2013 14:22:20 | Computer Name = Pascal-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
 Zeitstempel: 0x4c00573a  Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.5.0.600,
 Zeitstempel: 0x508e04d9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0006dcf8  ID des fehlerhaften
 Prozesses: 0x1474  Startzeit der fehlerhaften Anwendung: 0x01ce0a0c8d6858e7  Pfad der
 fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.239\deploy\LolClient.exe
Pfad
 des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.239\deploy\Adobe
 AIR\Versions\1.0\Adobe AIR.dll  Berichtskennung: 4d3b8ff2-760a-11e2-8022-50465ddd2b32
 
[ System Events ]
Error - 05.03.2013 15:27:32 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Mobile-basierte Geräteverbindungen" wurde aufgrund
 folgenden Fehlers nicht gestartet:   %%1053
 
Error - 06.03.2013 10:01:38 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Hi-Rez Studios Authenticate and Update Service erreicht.
 
Error - 06.03.2013 10:02:28 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) Turbo Boost Technology Monitor erreicht.
 
Error - 06.03.2013 10:02:28 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Turbo Boost Technology Monitor" wurde aufgrund
 folgenden Fehlers nicht gestartet:   %%1053
 
Error - 06.03.2013 10:12:12 | Computer Name = Pascal-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?06.?03.?2013 um 15:10:19 unerwartet heruntergefahren.
 
Error - 06.03.2013 15:45:39 | Computer Name = Pascal-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?06.?03.?2013 um 20:14:13 unerwartet heruntergefahren.
 
Error - 06.03.2013 15:47:15 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Hi-Rez Studios Authenticate and Update Service erreicht.
 
Error - 08.03.2013 12:29:31 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Hi-Rez Studios Authenticate and Update Service erreicht.
 
Error - 08.03.2013 13:44:29 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 08.03.2013 13:57:04 | Computer Name = Pascal-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Hi-Rez Studios Authenticate and Update Service erreicht.
 
 
< End of report >

Könntest du mir sagen ob es sich um einen Virus handelt oder es nur ein Fehlalarm war?

Danke schonmal

cosinus · 08.03.2013, 21:23

Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus.

Anleitung MBAR:

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Bladel1998 · 09.03.2013, 14:04

Hi,
wenn ich Mbar starte sagt er:

Registry Value "APPInit_Dlls" has been found which may be caused by rootkit activity

Note:Press "NO" button if you´re not sure.If the tool crashes or terminates unexpectedly
during a system scan,restart the tool and press "YES" should this message appear again.

Do you want to remove this value and restart the tool?

Soll ich jetzt Ja oder nein drücken? (Sorry will aber nichts falsch machen)

Bladel1998 · 10.03.2013, 15:40

Hi,
hast du das Thema eventuell übersehen ?
Tut mir leid falls nicht.
Könntest du mir die gestellte frage beantworten?
Danke schonmal

cosinus · 10.03.2013, 16:24

Was soll dieses Drängeln, darf ich mir auch mal einen Tag ohne Trojaner-Board am Wochenende erlauben?

Du solltest abwarten erst wenn ich drei Tage nicht mehr geantwortet habe sollst du erinnern!

Und bei MBAR bitte auf nein klicken und weitermachen

Bladel1998 · 10.03.2013, 18:30

Hallo,
tut mir nochmal leid
GMER hänge ich an.
Achso und als ich den Pc heute gestartet habe war die untere Taskleiste wie soll ich sagen veraltet/anders
aber nachdem ich Mbar gescannt habe lassen ist dies wieder normal.
Hier die Logs:

Mbar Log (Das erste mal):

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pascal :: PASCAL-PC [administrator]

10.03.2013 17:26:37
mbar-log-2013-03-10 (17-26-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 32648
Time elapsed: 43 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
c:\Users\Pascal\AppData\Roaming\Amgiuv\oqsa.exe (Trojan.Ransom.ANC) -> Delete on reboot.
c:\Users\Pascal\AppData\Roaming\Nilebo\yciqo.exe (Trojan.Ransom.ANC) -> Delete on reboot.
c:\Users\Pascal\AppData\Roaming\Tuyqe\yvtu.exe (Trojan.Ransom.ANC) -> Delete on reboot.

(end)

Mbar Log (Das zweite mal):

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pascal :: PASCAL-PC [administrator]

10.03.2013 18:15:49
mbar-log-2013-03-10 (18-15-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 32654
Time elapsed: 42 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

So hoffe das der Laptop schon wieder Clean ist

Danke schonmal

cosinus · 10.03.2013, 20:35

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bladel1998 · 11.03.2013, 19:13

Hi,
habe soeben die beiden Tools durchlaufen lassen.
Hier die Logs:

aswMBR Log:

Code:

ATTFilter

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-11 18:45:58
-----------------------------
18:45:58.215    OS Version: Windows x64 6.1.7601 Service Pack 1
18:45:58.215    Number of processors: 8 586 0x2A07
18:45:58.216    ComputerName: PASCAL-PC  UserName: Pascal
18:45:59.186    Initialize success
18:45:59.285    AVAST engine defs: 13031100
18:46:11.005    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:46:11.007    Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
18:46:11.035    Disk 0 MBR read successfully
18:46:11.037    Disk 0 MBR scan
18:46:11.039    Disk 0 Windows 7 default MBR code
18:46:11.065    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    25600 MB offset 2048
18:46:11.076    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       286161 MB offset 52430848
18:46:11.102    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       403641 MB offset 638488576
18:46:11.168    Disk 0 scanning C:\Windows\system32\drivers
18:46:21.024    Service scanning
18:47:19.502    Modules scanning
18:47:19.507    Disk 0 trace - called modules:
18:47:19.563    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
18:47:19.891    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80080fe790]
18:47:19.894    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8007b218c0]
18:47:19.897    5 ACPI.sys[fffff88000efe7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b27050]
18:47:21.259    AVAST engine scan C:\Windows
18:47:26.038    AVAST engine scan C:\Windows\system32
18:50:49.350    AVAST engine scan C:\Windows\system32\drivers
18:51:05.469    AVAST engine scan C:\Users\Pascal
19:00:05.841    AVAST engine scan C:\ProgramData
19:04:21.243    Scan finished successfully
19:06:24.573    Disk 0 MBR has been saved successfully to "C:\Users\Pascal\Desktop\MBR.dat"
19:06:24.577    The log file has been saved successfully to "C:\Users\Pascal\Desktop\aswMBR.txt"

TDSSKiller Log:

Code:

ATTFilter

19:07:41.0282 5304  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:07:41.0526 5304  ============================================================
19:07:41.0526 5304  Current date / time: 2013/03/11 19:07:41.0526
19:07:41.0526 5304  SystemInfo:
19:07:41.0526 5304  
19:07:41.0526 5304  OS Version: 6.1.7601 ServicePack: 1.0
19:07:41.0526 5304  Product type: Workstation
19:07:41.0527 5304  ComputerName: PASCAL-PC
19:07:41.0527 5304  UserName: Pascal
19:07:41.0527 5304  Windows directory: C:\Windows
19:07:41.0527 5304  System windows directory: C:\Windows
19:07:41.0527 5304  Running under WOW64
19:07:41.0527 5304  Processor architecture: Intel x64
19:07:41.0527 5304  Number of processors: 8
19:07:41.0527 5304  Page size: 0x1000
19:07:41.0527 5304  Boot type: Normal boot
19:07:41.0527 5304  ============================================================
19:07:41.0931 5304  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:07:41.0937 5304  ============================================================
19:07:41.0937 5304  \Device\Harddisk0\DR0:
19:07:41.0937 5304  MBR partitions:
19:07:41.0937 5304  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x22EE8800
19:07:41.0938 5304  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x260E9000, BlocksNum 0x3145C800
19:07:41.0938 5304  ============================================================
19:07:41.0965 5304  C: <-> \Device\Harddisk0\DR0\Partition1
19:07:42.0013 5304  D: <-> \Device\Harddisk0\DR0\Partition2
19:07:42.0013 5304  ============================================================
19:07:42.0013 5304  Initialize success
19:07:42.0013 5304  ============================================================
19:07:56.0912 4640  ============================================================
19:07:56.0912 4640  Scan started
19:07:56.0913 4640  Mode: Manual; 
19:07:56.0913 4640  ============================================================
19:07:57.0353 4640  ================ Scan system memory ========================
19:07:57.0353 4640  System memory - ok
19:07:57.0354 4640  ================ Scan services =============================
19:07:57.0650 4640  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:07:57.0653 4640  1394ohci - ok
19:07:57.0783 4640  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
19:07:57.0784 4640  AAV UpdateService - ok
19:07:57.0804 4640  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:07:57.0808 4640  ACPI - ok
19:07:57.0834 4640  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:07:57.0834 4640  AcpiPmi - ok
19:07:57.0868 4640  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:07:57.0873 4640  adp94xx - ok
19:07:57.0897 4640  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:07:57.0902 4640  adpahci - ok
19:07:57.0922 4640  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:07:57.0926 4640  adpu320 - ok
19:07:57.0956 4640  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:07:57.0957 4640  AeLookupSvc - ok
19:07:58.0032 4640  [ 69FD46FAC0D9C4A8ECD522AC6A7481F5 ] AFBAgent        C:\Windows\system32\FBAgent.exe
19:07:58.0037 4640  AFBAgent - ok
19:07:58.0073 4640  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:07:58.0078 4640  AFD - ok
19:07:58.0101 4640  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:07:58.0102 4640  agp440 - ok
19:07:58.0275 4640  [ B9B98E08EC127900025F42462D3D0A66 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
19:07:58.0276 4640  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
19:07:58.0279 4640  Akamai ( HiddenFile.Multi.Generic ) - warning
19:07:58.0279 4640  Akamai - detected HiddenFile.Multi.Generic (1)
19:07:58.0313 4640  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:07:58.0314 4640  ALG - ok
19:07:58.0345 4640  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:07:58.0346 4640  aliide - ok
19:07:58.0356 4640  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:07:58.0357 4640  amdide - ok
19:07:58.0371 4640  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:07:58.0372 4640  AmdK8 - ok
19:07:58.0376 4640  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:07:58.0377 4640  AmdPPM - ok
19:07:58.0444 4640  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:07:58.0445 4640  amdsata - ok
19:07:58.0467 4640  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:07:58.0469 4640  amdsbs - ok
19:07:58.0479 4640  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:07:58.0480 4640  amdxata - ok
19:07:58.0588 4640  [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
19:07:58.0592 4640  Amsp - ok
19:07:58.0611 4640  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:07:58.0611 4640  AppID - ok
19:07:58.0633 4640  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:07:58.0634 4640  AppIDSvc - ok
19:07:58.0652 4640  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
19:07:58.0653 4640  Appinfo - ok
19:07:58.0747 4640  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:07:58.0749 4640  Apple Mobile Device - ok
19:07:58.0759 4640  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
19:07:58.0760 4640  arc - ok
19:07:58.0764 4640  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:07:58.0765 4640  arcsas - ok
19:07:58.0835 4640  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
19:07:58.0836 4640  ASLDRService - ok
19:07:58.0902 4640  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:07:58.0902 4640  ASMMAP64 - ok
19:07:58.0943 4640  [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
19:07:58.0944 4640  asmthub3 - ok
19:07:58.0994 4640  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
19:07:58.0996 4640  asmtxhci - ok
19:07:59.0150 4640  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:07:59.0152 4640  aspnet_state - ok
19:07:59.0206 4640  [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
19:07:59.0207 4640  aswFsBlk - ok
19:07:59.0245 4640  [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:07:59.0246 4640  aswMonFlt - ok
19:07:59.0285 4640  [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
19:07:59.0286 4640  aswRdr - ok
19:07:59.0327 4640  [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:07:59.0328 4640  aswRvrt - ok
19:07:59.0356 4640  [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:07:59.0361 4640  aswSnx - ok
19:07:59.0381 4640  [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:07:59.0383 4640  aswSP - ok
19:07:59.0401 4640  [ D62C10D1829C65115111C160EA956260 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
19:07:59.0402 4640  aswTdi - ok
19:07:59.0426 4640  [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:07:59.0428 4640  aswVmm - ok
19:07:59.0445 4640  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:59.0447 4640  AsyncMac - ok
19:07:59.0487 4640  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:07:59.0488 4640  atapi - ok
19:07:59.0524 4640  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:07:59.0557 4640  athr - ok
19:07:59.0607 4640  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
19:07:59.0609 4640  ATKGFNEXSrv - ok
19:07:59.0670 4640  [ AC31727F9946E9009480708E4D1B9986 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:07:59.0671 4640  ATKWMIACPIIO - ok
19:07:59.0722 4640  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:07:59.0728 4640  AudioEndpointBuilder - ok
19:07:59.0737 4640  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:07:59.0741 4640  AudioSrv - ok
19:07:59.0850 4640  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:07:59.0850 4640  avast! Antivirus - ok
19:07:59.0878 4640  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:07:59.0880 4640  AxInstSV - ok
19:07:59.0937 4640  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:07:59.0941 4640  b06bdrv - ok
19:07:59.0971 4640  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:07:59.0974 4640  b57nd60a - ok
19:08:00.0124 4640  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
19:08:00.0126 4640  BBSvc - ok
19:08:00.0164 4640  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
19:08:00.0166 4640  BBUpdate - ok
19:08:00.0202 4640  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:08:00.0204 4640  BDESVC - ok
19:08:00.0231 4640  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:08:00.0232 4640  Beep - ok
19:08:00.0272 4640  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:08:00.0279 4640  BFE - ok
19:08:00.0320 4640  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:08:00.0330 4640  BITS - ok
19:08:00.0360 4640  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:08:00.0361 4640  blbdrive - ok
19:08:00.0433 4640  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:08:00.0438 4640  Bonjour Service - ok
19:08:00.0490 4640  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:08:00.0491 4640  bowser - ok
19:08:00.0517 4640  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:08:00.0518 4640  BrFiltLo - ok
19:08:00.0521 4640  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:08:00.0522 4640  BrFiltUp - ok
19:08:00.0568 4640  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:08:00.0570 4640  Browser - ok
19:08:00.0575 4640  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:08:00.0579 4640  Brserid - ok
19:08:00.0594 4640  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:08:00.0594 4640  BrSerWdm - ok
19:08:00.0597 4640  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:08:00.0598 4640  BrUsbMdm - ok
19:08:00.0601 4640  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:08:00.0602 4640  BrUsbSer - ok
19:08:00.0660 4640  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
19:08:00.0660 4640  BthEnum - ok
19:08:00.0664 4640  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:08:00.0665 4640  BTHMODEM - ok
19:08:00.0669 4640  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:08:00.0670 4640  BthPan - ok
19:08:00.0731 4640  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:08:00.0737 4640  BTHPORT - ok
19:08:00.0782 4640  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:08:00.0783 4640  bthserv - ok
19:08:00.0820 4640  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:08:00.0821 4640  BTHUSB - ok
19:08:00.0852 4640  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:08:00.0853 4640  cdfs - ok
19:08:00.0874 4640  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:08:00.0876 4640  cdrom - ok
19:08:00.0887 4640  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:08:00.0888 4640  CertPropSvc - ok
19:08:00.0979 4640  [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
19:08:01.0026 4640  CGVPNCliSrvc - ok
19:08:01.0052 4640  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
19:08:01.0053 4640  circlass - ok
19:08:01.0075 4640  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:08:01.0079 4640  CLFS - ok
19:08:01.0206 4640  [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
19:08:01.0209 4640  CLKMSVC10_38F51D56 - ok
19:08:01.0275 4640  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:08:01.0277 4640  clr_optimization_v2.0.50727_32 - ok
19:08:01.0330 4640  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:08:01.0332 4640  clr_optimization_v2.0.50727_64 - ok
19:08:01.0426 4640  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:08:01.0427 4640  clr_optimization_v4.0.30319_32 - ok
19:08:01.0446 4640  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:08:01.0448 4640  clr_optimization_v4.0.30319_64 - ok
19:08:01.0482 4640  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:08:01.0483 4640  CmBatt - ok
19:08:01.0499 4640  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:08:01.0500 4640  cmdide - ok
19:08:01.0552 4640  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:08:01.0557 4640  CNG - ok
19:08:01.0577 4640  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:08:01.0577 4640  Compbatt - ok
19:08:01.0606 4640  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:08:01.0607 4640  CompositeBus - ok
19:08:01.0619 4640  COMSysApp - ok
19:08:01.0633 4640  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:08:01.0634 4640  crcdisk - ok
19:08:01.0679 4640  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:08:01.0681 4640  CryptSvc - ok
19:08:01.0712 4640  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:08:01.0719 4640  DcomLaunch - ok
19:08:01.0751 4640  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:08:01.0755 4640  defragsvc - ok
19:08:01.0826 4640  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:08:01.0828 4640  DfsC - ok
19:08:01.0860 4640  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:08:01.0864 4640  Dhcp - ok
19:08:01.0875 4640  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:08:01.0875 4640  discache - ok
19:08:01.0911 4640  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
19:08:01.0913 4640  Disk - ok
19:08:01.0928 4640  Dnscache - ok
19:08:01.0948 4640  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:08:01.0951 4640  dot3svc - ok
19:08:01.0973 4640  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:08:01.0976 4640  DPS - ok
19:08:02.0007 4640  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:08:02.0008 4640  drmkaud - ok
19:08:02.0040 4640  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:08:02.0044 4640  DXGKrnl - ok
19:08:02.0066 4640  EagleX64 - ok
19:08:02.0105 4640  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:08:02.0107 4640  EapHost - ok
19:08:02.0167 4640  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:08:02.0223 4640  ebdrv - ok
19:08:02.0274 4640  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:08:02.0276 4640  EFS - ok
19:08:02.0349 4640  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:08:02.0356 4640  ehRecvr - ok
19:08:02.0380 4640  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:08:02.0382 4640  ehSched - ok
19:08:02.0458 4640  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:08:02.0463 4640  elxstor - ok
19:08:02.0465 4640  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:08:02.0466 4640  ErrDev - ok
19:08:02.0529 4640  [ 871AB1BFA00ECA5DFDE99D6EECE1BFD4 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
19:08:02.0530 4640  ETD - ok
19:08:02.0556 4640  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:08:02.0561 4640  EventSystem - ok
19:08:02.0675 4640  [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:08:02.0708 4640  EvtEng - ok
19:08:02.0768 4640  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:08:02.0771 4640  exfat - ok
19:08:02.0851 4640  Fabs - ok
19:08:02.0885 4640  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:08:02.0888 4640  fastfat - ok
19:08:02.0934 4640  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:08:02.0941 4640  Fax - ok
19:08:02.0984 4640  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
19:08:02.0985 4640  fdc - ok
19:08:02.0999 4640  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:08:03.0001 4640  fdPHost - ok
19:08:03.0011 4640  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:08:03.0013 4640  FDResPub - ok
19:08:03.0032 4640  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:08:03.0034 4640  FileInfo - ok
19:08:03.0046 4640  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:08:03.0047 4640  Filetrace - ok
19:08:03.0169 4640  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:08:03.0215 4640  FirebirdServerMAGIXInstance - ok
19:08:03.0264 4640  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:08:03.0265 4640  flpydisk - ok
19:08:03.0300 4640  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:08:03.0303 4640  FltMgr - ok
19:08:03.0365 4640  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
19:08:03.0383 4640  FontCache - ok
19:08:03.0459 4640  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:08:03.0460 4640  FontCache3.0.0.0 - ok
19:08:03.0474 4640  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:08:03.0474 4640  FsDepends - ok
19:08:03.0523 4640  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
19:08:03.0524 4640  fssfltr - ok
19:08:03.0592 4640  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:08:03.0621 4640  fsssvc - ok
19:08:03.0667 4640  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:08:03.0667 4640  Fs_Rec - ok
19:08:03.0714 4640  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:08:03.0716 4640  fvevol - ok
19:08:03.0735 4640  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:08:03.0736 4640  gagp30kx - ok
19:08:03.0775 4640  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:08:03.0775 4640  GEARAspiWDM - ok
19:08:03.0813 4640  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:08:03.0822 4640  gpsvc - ok
19:08:03.0943 4640  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:03.0944 4640  gupdate - ok
19:08:03.0967 4640  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:03.0968 4640  gupdatem - ok
19:08:04.0006 4640  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
19:08:04.0007 4640  hamachi - ok
19:08:04.0150 4640  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:08:04.0195 4640  Hamachi2Svc - ok
19:08:04.0249 4640  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:08:04.0250 4640  hcw85cir - ok
19:08:04.0281 4640  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:08:04.0285 4640  HdAudAddService - ok
19:08:04.0314 4640  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:08:04.0316 4640  HDAudBus - ok
19:08:04.0318 4640  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:08:04.0320 4640  HidBatt - ok
19:08:04.0323 4640  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:08:04.0324 4640  HidBth - ok
19:08:04.0334 4640  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:08:04.0335 4640  HidIr - ok
19:08:04.0354 4640  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:08:04.0356 4640  hidserv - ok
19:08:04.0363 4640  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:08:04.0365 4640  HidUsb - ok
19:08:04.0397 4640  [ 5350AEF38CA2D8885F47D4455E7EF4EE ] HiPatchService  D:\HiPatchService.exe
19:08:04.0398 4640  HiPatchService - ok
19:08:04.0434 4640  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:08:04.0437 4640  hkmsvc - ok
19:08:04.0465 4640  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:08:04.0468 4640  HomeGroupListener - ok
19:08:04.0497 4640  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:08:04.0501 4640  HomeGroupProvider - ok
19:08:04.0522 4640  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:08:04.0524 4640  HpSAMD - ok
19:08:04.0548 4640  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:08:04.0555 4640  HTTP - ok
19:08:04.0605 4640  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:08:04.0606 4640  hwpolicy - ok
19:08:04.0626 4640  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:08:04.0627 4640  i8042prt - ok
19:08:04.0693 4640  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:08:04.0695 4640  iaStor - ok
19:08:04.0730 4640  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:08:04.0735 4640  iaStorV - ok
19:08:04.0791 4640  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:08:04.0800 4640  idsvc - ok
19:08:05.0031 4640  [ EFE5A0AF39A8E179624117C521F1E012 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:08:05.0222 4640  igfx - ok
19:08:05.0242 4640  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:08:05.0243 4640  iirsp - ok
19:08:05.0280 4640  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:08:05.0289 4640  IKEEXT - ok
19:08:05.0380 4640  [ 9F573C952961F444F400489E81ECA381 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:08:05.0393 4640  IntcAzAudAddService - ok
19:08:05.0452 4640  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:08:05.0456 4640  IntcDAud - ok
19:08:05.0459 4640  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:08:05.0460 4640  intelide - ok
19:08:05.0486 4640  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:08:05.0487 4640  intelppm - ok
19:08:05.0502 4640  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:08:05.0504 4640  IPBusEnum - ok
19:08:05.0507 4640  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:08:05.0509 4640  IpFilterDriver - ok
19:08:05.0563 4640  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:08:05.0570 4640  iphlpsvc - ok
19:08:05.0573 4640  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:08:05.0574 4640  IPMIDRV - ok
19:08:05.0591 4640  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:08:05.0592 4640  IPNAT - ok
19:08:05.0646 4640  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:08:05.0649 4640  iPod Service - ok
19:08:05.0682 4640  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:08:05.0683 4640  IRENUM - ok
19:08:05.0697 4640  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:08:05.0697 4640  isapnp - ok
19:08:05.0719 4640  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:08:05.0722 4640  iScsiPrt - ok
19:08:05.0735 4640  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:08:05.0736 4640  kbdclass - ok
19:08:05.0761 4640  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:08:05.0762 4640  kbdhid - ok
19:08:05.0822 4640  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
19:08:05.0822 4640  kbfiltr - ok
19:08:05.0840 4640  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:08:05.0842 4640  KeyIso - ok
19:08:05.0873 4640  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:08:05.0875 4640  KSecDD - ok
19:08:05.0914 4640  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:08:05.0916 4640  KSecPkg - ok
19:08:05.0930 4640  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:08:05.0931 4640  ksthunk - ok
19:08:05.0950 4640  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:08:05.0955 4640  KtmRm - ok
19:08:05.0972 4640  [ 033B4AED2C5519072C0D81E00804D003 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
19:08:05.0974 4640  L1C - ok
19:08:06.0001 4640  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:08:06.0006 4640  LanmanServer - ok
19:08:06.0043 4640  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:08:06.0046 4640  LanmanWorkstation - ok
19:08:06.0093 4640  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:08:06.0093 4640  lltdio - ok
19:08:06.0117 4640  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:08:06.0122 4640  lltdsvc - ok
19:08:06.0148 4640  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:08:06.0150 4640  lmhosts - ok
19:08:06.0209 4640  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:08:06.0210 4640  LSI_FC - ok
19:08:06.0213 4640  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:08:06.0214 4640  LSI_SAS - ok
19:08:06.0218 4640  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:08:06.0219 4640  LSI_SAS2 - ok
19:08:06.0222 4640  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:08:06.0223 4640  LSI_SCSI - ok
19:08:06.0238 4640  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:08:06.0240 4640  luafv - ok
19:08:06.0314 4640  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:08:06.0314 4640  MBAMProtector - ok
19:08:06.0388 4640  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:08:06.0390 4640  MBAMScheduler - ok
19:08:06.0415 4640  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:08:06.0418 4640  MBAMService - ok
19:08:06.0436 4640  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:08:06.0438 4640  Mcx2Svc - ok
19:08:06.0451 4640  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:08:06.0453 4640  megasas - ok
19:08:06.0492 4640  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:08:06.0496 4640  MegaSR - ok
19:08:06.0552 4640  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:08:06.0553 4640  MEIx64 - ok
19:08:06.0582 4640  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:08:06.0584 4640  MMCSS - ok
19:08:06.0587 4640  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:08:06.0587 4640  Modem - ok
19:08:06.0590 4640  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:08:06.0591 4640  monitor - ok
19:08:06.0620 4640  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:08:06.0621 4640  mouclass - ok
19:08:06.0645 4640  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:08:06.0646 4640  mouhid - ok
19:08:06.0681 4640  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:08:06.0683 4640  mountmgr - ok
19:08:06.0699 4640  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:08:06.0702 4640  mpio - ok
19:08:06.0712 4640  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:08:06.0714 4640  mpsdrv - ok
19:08:06.0755 4640  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:08:06.0764 4640  MpsSvc - ok
19:08:06.0768 4640  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:08:06.0770 4640  MRxDAV - ok
19:08:06.0810 4640  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:08:06.0813 4640  mrxsmb - ok
19:08:06.0825 4640  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:08:06.0828 4640  mrxsmb10 - ok
19:08:06.0840 4640  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:08:06.0842 4640  mrxsmb20 - ok
19:08:06.0845 4640  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:08:06.0846 4640  msahci - ok
19:08:06.0856 4640  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:08:06.0857 4640  msdsm - ok
19:08:06.0880 4640  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:08:06.0883 4640  MSDTC - ok
19:08:06.0901 4640  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:08:06.0902 4640  Msfs - ok
19:08:06.0923 4640  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:08:06.0923 4640  mshidkmdf - ok
19:08:06.0926 4640  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:08:06.0926 4640  msisadrv - ok
19:08:06.0954 4640  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:08:06.0957 4640  MSiSCSI - ok
19:08:06.0959 4640  msiserver - ok
19:08:06.0982 4640  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:08:06.0983 4640  MSKSSRV - ok
19:08:06.0993 4640  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:08:06.0993 4640  MSPCLOCK - ok
19:08:06.0996 4640  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:08:06.0999 4640  MSPQM - ok
19:08:07.0048 4640  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:08:07.0052 4640  MsRPC - ok
19:08:07.0079 4640  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:08:07.0079 4640  mssmbios - ok
19:08:07.0082 4640  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:08:07.0082 4640  MSTEE - ok
19:08:07.0092 4640  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:08:07.0093 4640  MTConfig - ok
19:08:07.0110 4640  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:08:07.0111 4640  Mup - ok
19:08:07.0166 4640  [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:08:07.0170 4640  MyWiFiDHCPDNS - ok
19:08:07.0193 4640  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:08:07.0200 4640  napagent - ok
19:08:07.0226 4640  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:08:07.0230 4640  NativeWifiP - ok
19:08:07.0290 4640  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:08:07.0299 4640  NDIS - ok
19:08:07.0347 4640  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:08:07.0348 4640  NdisCap - ok
19:08:07.0367 4640  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:08:07.0368 4640  NdisTapi - ok
19:08:07.0382 4640  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:08:07.0383 4640  Ndisuio - ok
19:08:07.0398 4640  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:08:07.0400 4640  NdisWan - ok
19:08:07.0416 4640  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:08:07.0417 4640  NDProxy - ok
19:08:07.0427 4640  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:08:07.0428 4640  NetBIOS - ok
19:08:07.0441 4640  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:08:07.0445 4640  NetBT - ok
19:08:07.0462 4640  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:08:07.0464 4640  Netlogon - ok
19:08:07.0505 4640  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:08:07.0511 4640  Netman - ok
19:08:07.0567 4640  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:07.0569 4640  NetMsmqActivator - ok
19:08:07.0591 4640  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:07.0592 4640  NetPipeActivator - ok
19:08:07.0612 4640  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:08:07.0618 4640  netprofm - ok
19:08:07.0635 4640  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:07.0636 4640  NetTcpActivator - ok
19:08:07.0639 4640  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:07.0641 4640  NetTcpPortSharing - ok
19:08:07.0801 4640  [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
19:08:07.0925 4640  NETwNs64 - ok
19:08:07.0957 4640  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:08:07.0958 4640  nfrd960 - ok
19:08:08.0009 4640  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:08:08.0015 4640  NlaSvc - ok
19:08:08.0026 4640  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:08:08.0027 4640  Npfs - ok
19:08:08.0057 4640  npggsvc - ok
19:08:08.0061 4640  NPPTNT2 - ok
19:08:08.0083 4640  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:08:08.0085 4640  nsi - ok
19:08:08.0095 4640  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:08:08.0096 4640  nsiproxy - ok
19:08:08.0145 4640  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:08:08.0178 4640  Ntfs - ok
19:08:08.0193 4640  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:08:08.0194 4640  Null - ok
19:08:08.0435 4640  [ 07CA1D99512EE5EF99E954A13F3BFFA8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:08:08.0491 4640  nvlddmkm - ok
19:08:08.0504 4640  [ A8DB9EBD9887A9820DBC1878F0301EE7 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
19:08:08.0505 4640  nvpciflt - ok
19:08:08.0544 4640  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:08:08.0546 4640  nvraid - ok
19:08:08.0590 4640  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:08:08.0592 4640  nvstor - ok
19:08:08.0626 4640  [ 9007A22A1938A9EF81CA5122121ECCD8 ] NVSvc           C:\Windows\system32\nvvsvc.exe
19:08:08.0637 4640  NVSvc - ok
19:08:08.0706 4640  [ 00572C26C6DCF99362068FB7283B7126 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
19:08:08.0715 4640  nvUpdatusService - ok
19:08:08.0744 4640  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:08:08.0746 4640  nv_agp - ok
19:08:08.0750 4640  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:08:08.0752 4640  ohci1394 - ok
19:08:08.0780 4640  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:08:08.0785 4640  p2pimsvc - ok
19:08:08.0804 4640  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:08:08.0810 4640  p2psvc - ok
19:08:08.0814 4640  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
19:08:08.0815 4640  Parport - ok
19:08:08.0835 4640  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:08:08.0837 4640  partmgr - ok
19:08:08.0847 4640  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:08:08.0851 4640  PcaSvc - ok
19:08:08.0864 4640  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:08:08.0867 4640  pci - ok
19:08:08.0895 4640  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:08:08.0896 4640  pciide - ok
19:08:08.0910 4640  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:08:08.0912 4640  pcmcia - ok
19:08:08.0926 4640  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:08:08.0926 4640  pcw - ok
19:08:08.0935 4640  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:08:08.0941 4640  PEAUTH - ok
19:08:09.0053 4640  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:08:09.0055 4640  PerfHost - ok
19:08:09.0105 4640  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:08:09.0136 4640  pla - ok
19:08:09.0241 4640  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:08:09.0248 4640  PlugPlay - ok
19:08:09.0291 4640  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:08:09.0294 4640  PNRPAutoReg - ok
19:08:09.0314 4640  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:08:09.0317 4640  PNRPsvc - ok
19:08:09.0360 4640  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:08:09.0366 4640  PolicyAgent - ok
19:08:09.0397 4640  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:08:09.0401 4640  Power - ok
19:08:09.0442 4640  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:08:09.0443 4640  PptpMiniport - ok
19:08:09.0456 4640  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
19:08:09.0457 4640  Processor - ok
19:08:09.0489 4640  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:08:09.0494 4640  ProfSvc - ok
19:08:09.0506 4640  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:08:09.0508 4640  ProtectedStorage - ok
19:08:09.0519 4640  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:08:09.0521 4640  Psched - ok
19:08:09.0568 4640  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:08:09.0600 4640  ql2300 - ok
19:08:09.0604 4640  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:08:09.0606 4640  ql40xx - ok
19:08:09.0636 4640  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:08:09.0641 4640  QWAVE - ok
19:08:09.0649 4640  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:08:09.0649 4640  QWAVEdrv - ok
19:08:09.0709 4640  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
19:08:09.0710 4640  RapiMgr - ok
19:08:09.0712 4640  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:08:09.0714 4640  RasAcd - ok
19:08:09.0750 4640  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:08:09.0751 4640  RasAgileVpn - ok
19:08:09.0770 4640  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:08:09.0773 4640  RasAuto - ok
19:08:09.0794 4640  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:08:09.0796 4640  Rasl2tp - ok
19:08:09.0825 4640  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:08:09.0830 4640  RasMan - ok
19:08:09.0850 4640  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:08:09.0852 4640  RasPppoe - ok
19:08:09.0887 4640  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:08:09.0890 4640  RasSstp - ok
19:08:09.0903 4640  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:08:09.0907 4640  rdbss - ok
19:08:09.0926 4640  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:08:09.0927 4640  rdpbus - ok
19:08:09.0954 4640  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:08:09.0955 4640  RDPCDD - ok
19:08:09.0972 4640  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:08:09.0973 4640  RDPENCDD - ok
19:08:09.0977 4640  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:08:09.0977 4640  RDPREFMP - ok
19:08:09.0998 4640  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:08:10.0001 4640  RDPWD - ok
19:08:10.0006 4640  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:08:10.0008 4640  rdyboost - ok
19:08:10.0139 4640  [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:08:10.0143 4640  RegSrvc - ok
19:08:10.0178 4640  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:08:10.0181 4640  RemoteAccess - ok
19:08:10.0202 4640  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:08:10.0206 4640  RemoteRegistry - ok
19:08:10.0244 4640  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:08:10.0247 4640  RFCOMM - ok
19:08:10.0280 4640  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:08:10.0283 4640  RpcEptMapper - ok
19:08:10.0300 4640  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:08:10.0302 4640  RpcLocator - ok
19:08:10.0321 4640  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:08:10.0325 4640  RpcSs - ok
19:08:10.0336 4640  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:08:10.0337 4640  rspndr - ok
19:08:10.0398 4640  [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
19:08:10.0400 4640  RSUSBVSTOR - ok
19:08:10.0440 4640  [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:08:10.0442 4640  RTL8167 - ok
19:08:10.0462 4640  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:08:10.0463 4640  SamSs - ok
19:08:10.0473 4640  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:08:10.0475 4640  sbp2port - ok
19:08:10.0485 4640  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:08:10.0489 4640  SCardSvr - ok
19:08:10.0505 4640  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:08:10.0507 4640  scfilter - ok
19:08:10.0530 4640  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:08:10.0548 4640  Schedule - ok
19:08:10.0566 4640  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:08:10.0567 4640  SCPolicySvc - ok
19:08:10.0620 4640  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
19:08:10.0620 4640  ScreamBAudioSvc - ok
19:08:10.0641 4640  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:08:10.0646 4640  SDRSVC - ok
19:08:10.0668 4640  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:08:10.0669 4640  secdrv - ok
19:08:10.0684 4640  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:08:10.0687 4640  seclogon - ok
19:08:10.0711 4640  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:08:10.0714 4640  SENS - ok
19:08:10.0741 4640  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:08:10.0744 4640  SensrSvc - ok
19:08:10.0778 4640  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:08:10.0779 4640  Serenum - ok
19:08:10.0782 4640  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
19:08:10.0784 4640  Serial - ok
19:08:10.0799 4640  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:08:10.0800 4640  sermouse - ok
19:08:10.0823 4640  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:08:10.0826 4640  SessionEnv - ok
19:08:10.0829 4640  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:08:10.0830 4640  sffdisk - ok
19:08:10.0832 4640  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:08:10.0833 4640  sffp_mmc - ok
19:08:10.0835 4640  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:08:10.0836 4640  sffp_sd - ok
19:08:10.0839 4640  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:08:10.0840 4640  sfloppy - ok
19:08:10.0879 4640  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:08:10.0884 4640  SharedAccess - ok
19:08:10.0902 4640  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:08:10.0907 4640  ShellHWDetection - ok
19:08:10.0910 4640  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
19:08:10.0911 4640  SiSGbeLH - ok
19:08:10.0914 4640  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:08:10.0915 4640  SiSRaid2 - ok
19:08:10.0918 4640  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:08:10.0919 4640  SiSRaid4 - ok
19:08:10.0996 4640  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:08:10.0998 4640  SkypeUpdate - ok
19:08:11.0008 4640  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:08:11.0009 4640  Smb - ok
19:08:11.0037 4640  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:08:11.0041 4640  SNMPTRAP - ok
19:08:11.0053 4640  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:08:11.0053 4640  spldr - ok
19:08:11.0089 4640  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:08:11.0097 4640  Spooler - ok
19:08:11.0163 4640  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:08:11.0219 4640  sppsvc - ok
19:08:11.0245 4640  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:08:11.0248 4640  sppuinotify - ok
19:08:11.0283 4640  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:08:11.0289 4640  srv - ok
19:08:11.0311 4640  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:08:11.0315 4640  srv2 - ok
19:08:11.0335 4640  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:08:11.0337 4640  srvnet - ok
19:08:11.0364 4640  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:08:11.0369 4640  SSDPSRV - ok
19:08:11.0381 4640  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:08:11.0385 4640  SstpSvc - ok
19:08:11.0457 4640  Steam Client Service - ok
19:08:11.0486 4640  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:08:11.0487 4640  stexstor - ok
19:08:11.0522 4640  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:08:11.0531 4640  stisvc - ok
19:08:11.0548 4640  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:08:11.0548 4640  swenum - ok
19:08:11.0624 4640  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:08:11.0627 4640  SwitchBoard - ok
19:08:11.0661 4640  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:08:11.0668 4640  swprv - ok
19:08:11.0701 4640  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:08:11.0736 4640  SysMain - ok
19:08:11.0746 4640  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:08:11.0749 4640  TabletInputService - ok
19:08:11.0780 4640  [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
19:08:11.0780 4640  tap0901 - ok
19:08:11.0799 4640  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:08:11.0804 4640  TapiSrv - ok
19:08:11.0815 4640  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:08:11.0818 4640  TBS - ok
19:08:11.0890 4640  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:08:11.0923 4640  Tcpip - ok
19:08:11.0976 4640  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:08:11.0985 4640  TCPIP6 - ok
19:08:12.0017 4640  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:08:12.0018 4640  tcpipreg - ok
19:08:12.0050 4640  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:08:12.0051 4640  TDPIPE - ok
19:08:12.0078 4640  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:08:12.0079 4640  TDTCP - ok
19:08:12.0098 4640  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:08:12.0099 4640  tdx - ok
19:08:12.0191 4640  [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
19:08:12.0203 4640  TeamViewer7 - ok
19:08:12.0218 4640  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:08:12.0218 4640  TermDD - ok
19:08:12.0247 4640  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:08:12.0256 4640  TermService - ok
19:08:12.0271 4640  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:08:12.0274 4640  Themes - ok
19:08:12.0292 4640  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:08:12.0294 4640  THREADORDER - ok
19:08:12.0362 4640  [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService   C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
19:08:12.0363 4640  TiMiniService - ok
19:08:12.0381 4640  [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
19:08:12.0382 4640  tmactmon - ok
19:08:12.0396 4640  [ 360E61217D4E1E333583D0C721057F70 ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
19:08:12.0398 4640  tmcomm - ok
19:08:12.0409 4640  [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
19:08:12.0410 4640  tmevtmgr - ok
19:08:12.0452 4640  [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
19:08:12.0453 4640  tmtdi - ok
19:08:12.0476 4640  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:08:12.0479 4640  TrkWks - ok
19:08:12.0550 4640  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:08:12.0551 4640  TrustedInstaller - ok
19:08:12.0583 4640  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:08:12.0585 4640  tssecsrv - ok
19:08:12.0622 4640  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:08:12.0623 4640  TsUsbFlt - ok
19:08:12.0626 4640  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:08:12.0627 4640  TsUsbGD - ok
19:08:12.0642 4640  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:08:12.0644 4640  tunnel - ok
19:08:12.0681 4640  [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
19:08:12.0682 4640  TurboB - ok
19:08:12.0760 4640  [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:08:12.0761 4640  TurboBoost - ok
19:08:12.0764 4640  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:08:12.0765 4640  uagp35 - ok
19:08:12.0782 4640  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:08:12.0786 4640  udfs - ok
19:08:12.0820 4640  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:08:12.0823 4640  UI0Detect - ok
19:08:12.0845 4640  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:08:12.0847 4640  uliagpkx - ok
19:08:12.0865 4640  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:08:12.0867 4640  umbus - ok
19:08:12.0883 4640  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:08:12.0884 4640  UmPass - ok
19:08:12.0900 4640  Update-Service - ok
19:08:12.0926 4640  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:08:12.0932 4640  upnphost - ok
19:08:12.0982 4640  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:08:12.0983 4640  USBAAPL64 - ok
19:08:13.0031 4640  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:08:13.0032 4640  usbaudio - ok
19:08:13.0072 4640  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:08:13.0073 4640  usbccgp - ok
19:08:13.0077 4640  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:08:13.0078 4640  usbcir - ok
19:08:13.0112 4640  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:08:13.0113 4640  usbehci - ok
19:08:13.0130 4640  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:08:13.0134 4640  usbhub - ok
19:08:13.0157 4640  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:08:13.0158 4640  usbohci - ok
19:08:13.0232 4640  [ 538233FBBC748AA1D57B7B53F150DE9A ] USBPNPA         C:\Windows\system32\drivers\CM10864.sys
19:08:13.0245 4640  USBPNPA - ok
19:08:13.0270 4640  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:08:13.0271 4640  usbprint - ok
19:08:13.0287 4640  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:08:13.0289 4640  USBSTOR - ok
19:08:13.0321 4640  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:08:13.0322 4640  usbuhci - ok
19:08:13.0367 4640  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:08:13.0370 4640  usbvideo - ok
19:08:13.0392 4640  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:08:13.0395 4640  UxSms - ok
19:08:13.0417 4640  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:08:13.0419 4640  VaultSvc - ok
19:08:13.0431 4640  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:08:13.0432 4640  vdrvroot - ok
19:08:13.0449 4640  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:08:13.0457 4640  vds - ok
19:08:13.0490 4640  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:08:13.0491 4640  vga - ok
19:08:13.0507 4640  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:08:13.0508 4640  VgaSave - ok
19:08:13.0512 4640  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:08:13.0515 4640  vhdmp - ok
19:08:13.0518 4640  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:08:13.0518 4640  viaide - ok
19:08:13.0535 4640  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:08:13.0536 4640  volmgr - ok
19:08:13.0547 4640  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:08:13.0551 4640  volmgrx - ok
19:08:13.0557 4640  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:08:13.0560 4640  volsnap - ok
19:08:13.0572 4640  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:08:13.0574 4640  vsmraid - ok
19:08:13.0607 4640  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:08:13.0637 4640  VSS - ok
19:08:13.0653 4640  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:08:13.0654 4640  vwifibus - ok
19:08:13.0668 4640  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:08:13.0669 4640  vwififlt - ok
19:08:13.0700 4640  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:08:13.0701 4640  vwifimp - ok
19:08:13.0729 4640  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:08:13.0735 4640  W32Time - ok
19:08:13.0739 4640  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:08:13.0740 4640  WacomPen - ok
19:08:13.0761 4640  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:08:13.0762 4640  WANARP - ok
19:08:13.0765 4640  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:08:13.0766 4640  Wanarpv6 - ok
19:08:13.0854 4640  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:08:13.0873 4640  WatAdminSvc - ok
19:08:13.0910 4640  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:08:13.0925 4640  wbengine - ok
19:08:13.0944 4640  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:08:13.0949 4640  WbioSrvc - ok
19:08:13.0988 4640  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
19:08:13.0991 4640  WcesComm - ok
19:08:14.0005 4640  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:08:14.0011 4640  wcncsvc - ok
19:08:14.0027 4640  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:08:14.0031 4640  WcsPlugInService - ok
19:08:14.0064 4640  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
19:08:14.0065 4640  Wd - ok
19:08:14.0108 4640  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:08:14.0116 4640  Wdf01000 - ok
19:08:14.0127 4640  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:08:14.0131 4640  WdiServiceHost - ok
19:08:14.0134 4640  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:08:14.0137 4640  WdiSystemHost - ok
19:08:14.0153 4640  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:08:14.0157 4640  WebClient - ok
19:08:14.0176 4640  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:08:14.0181 4640  Wecsvc - ok
19:08:14.0196 4640  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:08:14.0200 4640  wercplsupport - ok
19:08:14.0223 4640  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:08:14.0226 4640  WerSvc - ok
19:08:14.0239 4640  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:08:14.0239 4640  WfpLwf - ok
19:08:14.0314 4640  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
19:08:14.0316 4640  WimFltr - ok
19:08:14.0350 4640  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:08:14.0351 4640  WIMMount - ok
19:08:14.0366 4640  WinDefend - ok
19:08:14.0390 4640  WinHttpAutoProxySvc - ok
19:08:14.0454 4640  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:08:14.0458 4640  Winmgmt - ok
19:08:14.0520 4640  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
19:08:14.0521 4640  WinRing0_1_2_0 - ok
19:08:14.0574 4640  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:08:14.0607 4640  WinRM - ok
19:08:14.0671 4640  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:08:14.0672 4640  WinUsb - ok
19:08:14.0711 4640  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:08:14.0721 4640  Wlansvc - ok
19:08:14.0773 4640  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:08:14.0775 4640  wlcrasvc - ok
19:08:14.0902 4640  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:08:14.0913 4640  wlidsvc - ok
19:08:14.0940 4640  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:08:14.0941 4640  WmiAcpi - ok
19:08:14.0967 4640  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:08:14.0970 4640  wmiApSrv - ok
19:08:14.0998 4640  WMPNetworkSvc - ok
19:08:15.0026 4640  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:08:15.0029 4640  WPCSvc - ok
19:08:15.0043 4640  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:08:15.0047 4640  WPDBusEnum - ok
19:08:15.0070 4640  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:08:15.0071 4640  ws2ifsl - ok
19:08:15.0090 4640  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:08:15.0094 4640  wscsvc - ok
19:08:15.0097 4640  WSearch - ok
19:08:15.0159 4640  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:08:15.0204 4640  wuauserv - ok
19:08:15.0258 4640  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:08:15.0259 4640  WudfPf - ok
19:08:15.0297 4640  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:08:15.0300 4640  WUDFRd - ok
19:08:15.0338 4640  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:08:15.0342 4640  wudfsvc - ok
19:08:15.0374 4640  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:08:15.0379 4640  WwanSvc - ok
19:08:15.0523 4640  X6va006 - ok
19:08:15.0538 4640  X6va007 - ok
19:08:15.0651 4640  X6va008 - ok
19:08:15.0687 4640  [ 754C8BF43F0DD4B54865F174A62761E9 ] XENfiltv        C:\Windows\system32\drivers\XENfiltv.sys
19:08:15.0689 4640  XENfiltv - ok
19:08:15.0721 4640  ================ Scan global ===============================
19:08:15.0743 4640  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:08:15.0783 4640  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:08:15.0793 4640  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:08:15.0814 4640  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:08:15.0847 4640  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:08:15.0853 4640  [Global] - ok
19:08:15.0854 4640  ================ Scan MBR ==================================
19:08:15.0863 4640  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:08:16.0254 4640  \Device\Harddisk0\DR0 - ok
19:08:16.0254 4640  ================ Scan VBR ==================================
19:08:16.0256 4640  [ BF59654C36CBDF50B9E7154162CEAD4A ] \Device\Harddisk0\DR0\Partition1
19:08:16.0257 4640  \Device\Harddisk0\DR0\Partition1 - ok
19:08:16.0276 4640  [ 798E86F24908B175FD53B910F05C8CAB ] \Device\Harddisk0\DR0\Partition2
19:08:16.0279 4640  \Device\Harddisk0\DR0\Partition2 - ok
19:08:16.0279 4640  ============================================================
19:08:16.0279 4640  Scan finished
19:08:16.0279 4640  ============================================================
19:08:16.0284 5064  Detected object count: 1
19:08:16.0284 5064  Actual detected object count: 1
19:08:37.0162 5064  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:08:37.0162 5064  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

Hoffe das der Pc wieder clean ist

cosinus · 11.03.2013, 22:04

Zitat:

19:07:56.0912 4640 Scan started
19:07:56.0913 4640 Mode: Manual;

Du hast den TDSS-Killer falsch eingestellt bitte nochmal richtig machen

Bladel1998 · 12.03.2013, 13:46

Hi,
hier das Log (hoffe das es diesmal richtig ist)

TDSSkiller:

Code:

ATTFilter

13:42:03.0178 7040  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:42:03.0438 7040  ============================================================
13:42:03.0438 7040  Current date / time: 2013/03/12 13:42:03.0438
13:42:03.0438 7040  SystemInfo:
13:42:03.0438 7040  
13:42:03.0438 7040  OS Version: 6.1.7601 ServicePack: 1.0
13:42:03.0438 7040  Product type: Workstation
13:42:03.0438 7040  ComputerName: PASCAL-PC
13:42:03.0438 7040  UserName: Pascal
13:42:03.0438 7040  Windows directory: C:\Windows
13:42:03.0438 7040  System windows directory: C:\Windows
13:42:03.0438 7040  Running under WOW64
13:42:03.0438 7040  Processor architecture: Intel x64
13:42:03.0438 7040  Number of processors: 8
13:42:03.0438 7040  Page size: 0x1000
13:42:03.0438 7040  Boot type: Normal boot
13:42:03.0438 7040  ============================================================
13:42:03.0849 7040  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:03.0855 7040  ============================================================
13:42:03.0855 7040  \Device\Harddisk0\DR0:
13:42:03.0855 7040  MBR partitions:
13:42:03.0855 7040  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x22EE8800
13:42:03.0855 7040  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x260E9000, BlocksNum 0x3145C800
13:42:03.0855 7040  ============================================================
13:42:03.0918 7040  C: <-> \Device\Harddisk0\DR0\Partition1
13:42:04.0063 7040  D: <-> \Device\Harddisk0\DR0\Partition2
13:42:04.0064 7040  ============================================================
13:42:04.0064 7040  Initialize success
13:42:04.0064 7040  ============================================================
13:42:38.0714 6328  ============================================================
13:42:38.0714 6328  Scan started
13:42:38.0714 6328  Mode: Manual; SigCheck; TDLFS; 
13:42:38.0714 6328  ============================================================
13:42:39.0281 6328  ================ Scan system memory ========================
13:42:39.0281 6328  System memory - ok
13:42:39.0281 6328  ================ Scan services =============================
13:42:39.0545 6328  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:42:39.0635 6328  1394ohci - ok
13:42:39.0755 6328  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
13:42:39.0766 6328  AAV UpdateService - ok
13:42:39.0798 6328  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:42:39.0813 6328  ACPI - ok
13:42:39.0839 6328  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:42:39.0887 6328  AcpiPmi - ok
13:42:39.0929 6328  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:42:39.0948 6328  adp94xx - ok
13:42:39.0970 6328  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:42:39.0985 6328  adpahci - ok
13:42:40.0017 6328  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:42:40.0029 6328  adpu320 - ok
13:42:40.0051 6328  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:42:40.0112 6328  AeLookupSvc - ok
13:42:40.0182 6328  [ 69FD46FAC0D9C4A8ECD522AC6A7481F5 ] AFBAgent        C:\Windows\system32\FBAgent.exe
13:42:40.0206 6328  AFBAgent - ok
13:42:40.0245 6328  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:42:40.0287 6328  AFD - ok
13:42:40.0317 6328  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:42:40.0329 6328  agp440 - ok
13:42:40.0492 6328  [ B9B98E08EC127900025F42462D3D0A66 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
13:42:40.0492 6328  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
13:42:40.0496 6328  Akamai ( HiddenFile.Multi.Generic ) - warning
13:42:40.0496 6328  Akamai - detected HiddenFile.Multi.Generic (1)
13:42:40.0530 6328  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:42:40.0572 6328  ALG - ok
13:42:40.0606 6328  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:42:40.0616 6328  aliide - ok
13:42:40.0628 6328  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:42:40.0638 6328  amdide - ok
13:42:40.0654 6328  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:42:40.0712 6328  AmdK8 - ok
13:42:40.0715 6328  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:42:40.0742 6328  AmdPPM - ok
13:42:40.0783 6328  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:42:40.0795 6328  amdsata - ok
13:42:40.0819 6328  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:42:40.0832 6328  amdsbs - ok
13:42:40.0851 6328  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:42:40.0860 6328  amdxata - ok
13:42:40.0960 6328  [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
13:42:40.0974 6328  Amsp - ok
13:42:41.0018 6328  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:42:41.0071 6328  AppID - ok
13:42:41.0116 6328  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:42:41.0169 6328  AppIDSvc - ok
13:42:41.0191 6328  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
13:42:41.0238 6328  Appinfo - ok
13:42:41.0352 6328  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:42:41.0362 6328  Apple Mobile Device - ok
13:42:41.0386 6328  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
13:42:41.0398 6328  arc - ok
13:42:41.0407 6328  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:42:41.0418 6328  arcsas - ok
13:42:41.0474 6328  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:42:41.0483 6328  ASLDRService - ok
13:42:41.0552 6328  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:42:41.0560 6328  ASMMAP64 - ok
13:42:41.0604 6328  [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
13:42:41.0637 6328  asmthub3 - ok
13:42:41.0688 6328  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
13:42:41.0733 6328  asmtxhci - ok
13:42:41.0889 6328  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:42:41.0957 6328  aspnet_state - ok
13:42:42.0023 6328  [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
13:42:42.0034 6328  aswFsBlk - ok
13:42:42.0073 6328  [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:42:42.0083 6328  aswMonFlt - ok
13:42:42.0112 6328  [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
13:42:42.0123 6328  aswRdr - ok
13:42:42.0166 6328  [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:42:42.0176 6328  aswRvrt - ok
13:42:42.0217 6328  [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:42:42.0239 6328  aswSnx - ok
13:42:42.0298 6328  [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:42:42.0311 6328  aswSP - ok
13:42:42.0328 6328  [ D62C10D1829C65115111C160EA956260 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
13:42:42.0338 6328  aswTdi - ok
13:42:42.0375 6328  [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:42:42.0387 6328  aswVmm - ok
13:42:42.0406 6328  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:42.0456 6328  AsyncMac - ok
13:42:42.0515 6328  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:42:42.0524 6328  atapi - ok
13:42:42.0563 6328  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
13:42:42.0654 6328  athr - ok
13:42:42.0691 6328  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:42:42.0700 6328  ATKGFNEXSrv - ok
13:42:42.0776 6328  [ AC31727F9946E9009480708E4D1B9986 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:42:42.0784 6328  ATKWMIACPIIO - ok
13:42:42.0828 6328  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:42:42.0892 6328  AudioEndpointBuilder - ok
13:42:42.0901 6328  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:42:42.0935 6328  AudioSrv - ok
13:42:43.0044 6328  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:42:43.0053 6328  avast! Antivirus - ok
13:42:43.0095 6328  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:42:43.0134 6328  AxInstSV - ok
13:42:43.0198 6328  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:42:43.0259 6328  b06bdrv - ok
13:42:43.0287 6328  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:42:43.0341 6328  b57nd60a - ok
13:42:43.0506 6328  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
13:42:43.0519 6328  BBSvc - ok
13:42:43.0558 6328  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
13:42:43.0571 6328  BBUpdate - ok
13:42:43.0596 6328  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:42:43.0627 6328  BDESVC - ok
13:42:43.0657 6328  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:42:43.0707 6328  Beep - ok
13:42:43.0777 6328  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:42:43.0858 6328  BFE - ok
13:42:43.0913 6328  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
13:42:43.0986 6328  BITS - ok
13:42:44.0031 6328  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:42:44.0070 6328  blbdrive - ok
13:42:44.0137 6328  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:42:44.0152 6328  Bonjour Service - ok
13:42:44.0194 6328  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:42:44.0228 6328  bowser - ok
13:42:44.0255 6328  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:42:44.0281 6328  BrFiltLo - ok
13:42:44.0295 6328  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:42:44.0330 6328  BrFiltUp - ok
13:42:44.0383 6328  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:42:44.0414 6328  Browser - ok
13:42:44.0442 6328  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:42:44.0490 6328  Brserid - ok
13:42:44.0492 6328  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:44.0512 6328  BrSerWdm - ok
13:42:44.0535 6328  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:44.0581 6328  BrUsbMdm - ok
13:42:44.0583 6328  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:44.0602 6328  BrUsbSer - ok
13:42:44.0653 6328  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
13:42:44.0717 6328  BthEnum - ok
13:42:44.0745 6328  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:42:44.0775 6328  BTHMODEM - ok
13:42:44.0779 6328  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:42:44.0817 6328  BthPan - ok
13:42:44.0868 6328  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:42:44.0913 6328  BTHPORT - ok
13:42:44.0954 6328  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:42:45.0031 6328  bthserv - ok
13:42:45.0069 6328  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:42:45.0113 6328  BTHUSB - ok
13:42:45.0157 6328  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:42:45.0207 6328  cdfs - ok
13:42:45.0256 6328  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:42:45.0283 6328  cdrom - ok
13:42:45.0316 6328  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:42:45.0386 6328  CertPropSvc - ok
13:42:45.0472 6328  [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
13:42:45.0543 6328  CGVPNCliSrvc - ok
13:42:45.0568 6328  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
13:42:45.0598 6328  circlass - ok
13:42:45.0635 6328  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:42:45.0650 6328  CLFS - ok
13:42:45.0777 6328  [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
13:42:45.0788 6328  CLKMSVC10_38F51D56 - ok
13:42:45.0857 6328  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:45.0866 6328  clr_optimization_v2.0.50727_32 - ok
13:42:45.0912 6328  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:42:45.0921 6328  clr_optimization_v2.0.50727_64 - ok
13:42:46.0008 6328  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:46.0161 6328  clr_optimization_v4.0.30319_32 - ok
13:42:46.0184 6328  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:42:46.0235 6328  clr_optimization_v4.0.30319_64 - ok
13:42:46.0275 6328  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:42:46.0320 6328  CmBatt - ok
13:42:46.0336 6328  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:42:46.0347 6328  cmdide - ok
13:42:46.0401 6328  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
13:42:46.0422 6328  CNG - ok
13:42:46.0436 6328  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:42:46.0446 6328  Compbatt - ok
13:42:46.0477 6328  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:42:46.0511 6328  CompositeBus - ok
13:42:46.0535 6328  COMSysApp - ok
13:42:46.0538 6328  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:42:46.0549 6328  crcdisk - ok
13:42:46.0594 6328  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:42:46.0632 6328  CryptSvc - ok
13:42:46.0681 6328  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:42:46.0746 6328  DcomLaunch - ok
13:42:46.0789 6328  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:42:46.0848 6328  defragsvc - ok
13:42:46.0886 6328  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:42:46.0936 6328  DfsC - ok
13:42:46.0975 6328  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:42:47.0005 6328  Dhcp - ok
13:42:47.0023 6328  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:42:47.0071 6328  discache - ok
13:42:47.0104 6328  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
13:42:47.0115 6328  Disk - ok
13:42:47.0133 6328  Dnscache - ok
13:42:47.0152 6328  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:42:47.0214 6328  dot3svc - ok
13:42:47.0233 6328  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:42:47.0290 6328  DPS - ok
13:42:47.0322 6328  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:42:47.0370 6328  drmkaud - ok
13:42:47.0399 6328  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:42:47.0418 6328  DXGKrnl - ok
13:42:47.0437 6328  EagleX64 - ok
13:42:47.0475 6328  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:42:47.0522 6328  EapHost - ok
13:42:47.0582 6328  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:42:47.0683 6328  ebdrv - ok
13:42:47.0722 6328  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:42:47.0756 6328  EFS - ok
13:42:47.0831 6328  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:42:47.0876 6328  ehRecvr - ok
13:42:47.0895 6328  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:42:47.0939 6328  ehSched - ok
13:42:48.0018 6328  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:42:48.0037 6328  elxstor - ok
13:42:48.0039 6328  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:42:48.0076 6328  ErrDev - ok
13:42:48.0122 6328  [ 871AB1BFA00ECA5DFDE99D6EECE1BFD4 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
13:42:48.0133 6328  ETD - ok
13:42:48.0160 6328  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:42:48.0207 6328  EventSystem - ok
13:42:48.0312 6328  [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:42:48.0336 6328  EvtEng - ok
13:42:48.0361 6328  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:42:48.0406 6328  exfat - ok
13:42:48.0477 6328  Fabs - ok
13:42:48.0511 6328  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:42:48.0565 6328  fastfat - ok
13:42:48.0616 6328  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:42:48.0672 6328  Fax - ok
13:42:48.0699 6328  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
13:42:48.0732 6328  fdc - ok
13:42:48.0759 6328  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:42:48.0809 6328  fdPHost - ok
13:42:48.0826 6328  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:42:48.0878 6328  FDResPub - ok
13:42:48.0914 6328  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:42:48.0925 6328  FileInfo - ok
13:42:48.0939 6328  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:42:49.0000 6328  Filetrace - ok
13:42:49.0129 6328  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
13:42:49.0217 6328  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
13:42:49.0217 6328  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
13:42:49.0245 6328  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:42:49.0274 6328  flpydisk - ok
13:42:49.0305 6328  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:42:49.0318 6328  FltMgr - ok
13:42:49.0381 6328  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:42:49.0449 6328  FontCache - ok
13:42:49.0509 6328  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:49.0517 6328  FontCache3.0.0.0 - ok
13:42:49.0534 6328  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:42:49.0546 6328  FsDepends - ok
13:42:49.0594 6328  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:42:49.0604 6328  fssfltr - ok
13:42:49.0675 6328  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:42:49.0733 6328  fsssvc - ok
13:42:49.0761 6328  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:42:49.0770 6328  Fs_Rec - ok
13:42:49.0808 6328  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:42:49.0823 6328  fvevol - ok
13:42:49.0841 6328  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:42:49.0852 6328  gagp30kx - ok
13:42:49.0891 6328  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:42:49.0898 6328  GEARAspiWDM - ok
13:42:49.0930 6328  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:42:49.0986 6328  gpsvc - ok
13:42:50.0092 6328  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:42:50.0101 6328  gupdate - ok
13:42:50.0117 6328  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:42:50.0125 6328  gupdatem - ok
13:42:50.0167 6328  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
13:42:50.0176 6328  hamachi - ok
13:42:50.0322 6328  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
13:42:50.0356 6328  Hamachi2Svc - ok
13:42:50.0388 6328  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:42:50.0400 6328  hcw85cir - ok
13:42:50.0417 6328  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:42:50.0444 6328  HdAudAddService - ok
13:42:50.0475 6328  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:42:50.0510 6328  HDAudBus - ok
13:42:50.0513 6328  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:42:50.0528 6328  HidBatt - ok
13:42:50.0531 6328  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:42:50.0560 6328  HidBth - ok
13:42:50.0591 6328  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:42:50.0606 6328  HidIr - ok
13:42:50.0626 6328  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:42:50.0676 6328  hidserv - ok
13:42:50.0713 6328  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:42:50.0747 6328  HidUsb - ok
13:42:50.0791 6328  [ 5350AEF38CA2D8885F47D4455E7EF4EE ] HiPatchService  D:\HiPatchService.exe
13:42:50.0819 6328  HiPatchService ( UnsignedFile.Multi.Generic ) - warning
13:42:50.0819 6328  HiPatchService - detected UnsignedFile.Multi.Generic (1)
13:42:50.0883 6328  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:42:50.0932 6328  hkmsvc - ok
13:42:50.0959 6328  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:42:50.0987 6328  HomeGroupListener - ok
13:42:51.0024 6328  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:42:51.0057 6328  HomeGroupProvider - ok
13:42:51.0083 6328  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:42:51.0094 6328  HpSAMD - ok
13:42:51.0119 6328  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:42:51.0213 6328  HTTP - ok
13:42:51.0243 6328  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:42:51.0253 6328  hwpolicy - ok
13:42:51.0298 6328  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:42:51.0312 6328  i8042prt - ok
13:42:51.0376 6328  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:42:51.0389 6328  iaStor - ok
13:42:51.0424 6328  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:42:51.0440 6328  iaStorV - ok
13:42:51.0507 6328  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:42:51.0528 6328  idsvc - ok
13:42:51.0757 6328  [ EFE5A0AF39A8E179624117C521F1E012 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:42:52.0021 6328  igfx - ok
13:42:52.0047 6328  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:42:52.0058 6328  iirsp - ok
13:42:52.0096 6328  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:42:52.0135 6328  IKEEXT - ok
13:42:52.0230 6328  [ 9F573C952961F444F400489E81ECA381 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:42:52.0270 6328  IntcAzAudAddService - ok
13:42:52.0335 6328  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
13:42:52.0371 6328  IntcDAud - ok
13:42:52.0389 6328  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:42:52.0399 6328  intelide - ok
13:42:52.0414 6328  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:42:52.0444 6328  intelppm - ok
13:42:52.0484 6328  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:42:52.0532 6328  IPBusEnum - ok
13:42:52.0535 6328  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:52.0571 6328  IpFilterDriver - ok
13:42:52.0646 6328  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:42:52.0679 6328  iphlpsvc - ok
13:42:52.0682 6328  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:42:52.0713 6328  IPMIDRV - ok
13:42:52.0716 6328  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:42:52.0759 6328  IPNAT - ok
13:42:52.0818 6328  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:42:52.0833 6328  iPod Service - ok
13:42:52.0876 6328  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:42:52.0906 6328  IRENUM - ok
13:42:52.0931 6328  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:42:52.0942 6328  isapnp - ok
13:42:52.0957 6328  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:42:52.0972 6328  iScsiPrt - ok
13:42:52.0996 6328  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:42:53.0006 6328  kbdclass - ok
13:42:53.0009 6328  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:42:53.0043 6328  kbdhid - ok
13:42:53.0160 6328  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
13:42:53.0169 6328  kbfiltr - ok
13:42:53.0190 6328  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:42:53.0202 6328  KeyIso - ok
13:42:53.0233 6328  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:42:53.0244 6328  KSecDD - ok
13:42:53.0286 6328  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:42:53.0297 6328  KSecPkg - ok
13:42:53.0324 6328  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:42:53.0370 6328  ksthunk - ok
13:42:53.0410 6328  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:42:53.0479 6328  KtmRm - ok
13:42:53.0500 6328  [ 033B4AED2C5519072C0D81E00804D003 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
13:42:53.0529 6328  L1C - ok
13:42:53.0572 6328  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:42:53.0626 6328  LanmanServer - ok
13:42:53.0681 6328  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:42:53.0730 6328  LanmanWorkstation - ok
13:42:53.0786 6328  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:42:53.0831 6328  lltdio - ok
13:42:53.0866 6328  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:42:53.0928 6328  lltdsvc - ok
13:42:53.0964 6328  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:42:53.0994 6328  lmhosts - ok
13:42:54.0047 6328  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:42:54.0060 6328  LSI_FC - ok
13:42:54.0063 6328  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:42:54.0074 6328  LSI_SAS - ok
13:42:54.0078 6328  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:42:54.0089 6328  LSI_SAS2 - ok
13:42:54.0092 6328  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:42:54.0103 6328  LSI_SCSI - ok
13:42:54.0121 6328  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:42:54.0162 6328  luafv - ok
13:42:54.0252 6328  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:42:54.0261 6328  MBAMProtector - ok
13:42:54.0326 6328  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:42:54.0337 6328  MBAMScheduler - ok
13:42:54.0364 6328  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:42:54.0379 6328  MBAMService - ok
13:42:54.0397 6328  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:42:54.0427 6328  Mcx2Svc - ok
13:42:54.0445 6328  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:42:54.0456 6328  megasas - ok
13:42:54.0488 6328  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:42:54.0503 6328  MegaSR - ok
13:42:54.0557 6328  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
13:42:54.0566 6328  MEIx64 - ok
13:42:54.0576 6328  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:42:54.0629 6328  MMCSS - ok
13:42:54.0631 6328  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:42:54.0667 6328  Modem - ok
13:42:54.0690 6328  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:42:54.0725 6328  monitor - ok
13:42:54.0758 6328  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:42:54.0768 6328  mouclass - ok
13:42:54.0794 6328  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:42:54.0829 6328  mouhid - ok
13:42:54.0863 6328  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:42:54.0874 6328  mountmgr - ok
13:42:54.0893 6328  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:42:54.0905 6328  mpio - ok
13:42:54.0917 6328  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:42:54.0967 6328  mpsdrv - ok
13:42:55.0015 6328  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:42:55.0070 6328  MpsSvc - ok
13:42:55.0097 6328  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:42:55.0135 6328  MRxDAV - ok
13:42:55.0171 6328  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:55.0211 6328  mrxsmb - ok
13:42:55.0230 6328  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:55.0257 6328  mrxsmb10 - ok
13:42:55.0278 6328  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:55.0315 6328  mrxsmb20 - ok
13:42:55.0345 6328  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:42:55.0354 6328  msahci - ok
13:42:55.0372 6328  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:42:55.0385 6328  msdsm - ok
13:42:55.0395 6328  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:42:55.0432 6328  MSDTC - ok
13:42:55.0461 6328  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:42:55.0508 6328  Msfs - ok
13:42:55.0539 6328  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:42:55.0582 6328  mshidkmdf - ok
13:42:55.0584 6328  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:42:55.0594 6328  msisadrv - ok
13:42:55.0614 6328  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:42:55.0672 6328  MSiSCSI - ok
13:42:55.0674 6328  msiserver - ok
13:42:55.0700 6328  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:42:55.0731 6328  MSKSSRV - ok
13:42:55.0753 6328  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:55.0794 6328  MSPCLOCK - ok
13:42:55.0797 6328  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:42:55.0831 6328  MSPQM - ok
13:42:55.0852 6328  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:42:55.0867 6328  MsRPC - ok
13:42:55.0883 6328  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:42:55.0893 6328  mssmbios - ok
13:42:55.0895 6328  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:42:55.0949 6328  MSTEE - ok
13:42:55.0951 6328  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:42:55.0980 6328  MTConfig - ok
13:42:56.0004 6328  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:42:56.0014 6328  Mup - ok
13:42:56.0071 6328  [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:42:56.0084 6328  MyWiFiDHCPDNS - ok
13:42:56.0109 6328  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:42:56.0145 6328  napagent - ok
13:42:56.0209 6328  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:42:56.0250 6328  NativeWifiP - ok
13:42:56.0295 6328  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:42:56.0319 6328  NDIS - ok
13:42:56.0341 6328  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:56.0371 6328  NdisCap - ok
13:42:56.0394 6328  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:56.0424 6328  NdisTapi - ok
13:42:56.0432 6328  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:56.0481 6328  Ndisuio - ok
13:42:56.0502 6328  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:56.0552 6328  NdisWan - ok
13:42:56.0577 6328  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:42:56.0619 6328  NDProxy - ok
13:42:56.0643 6328  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:42:56.0685 6328  NetBIOS - ok
13:42:56.0702 6328  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:42:56.0748 6328  NetBT - ok
13:42:56.0778 6328  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:42:56.0790 6328  Netlogon - ok
13:42:56.0832 6328  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:42:56.0900 6328  Netman - ok
13:42:56.0950 6328  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:56.0979 6328  NetMsmqActivator - ok
13:42:56.0995 6328  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:57.0005 6328  NetPipeActivator - ok
13:42:57.0027 6328  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:42:57.0080 6328  netprofm - ok
13:42:57.0105 6328  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:57.0115 6328  NetTcpActivator - ok
13:42:57.0118 6328  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:57.0127 6328  NetTcpPortSharing - ok
13:42:57.0283 6328  [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
13:42:57.0466 6328  NETwNs64 - ok
13:42:57.0506 6328  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:42:57.0517 6328  nfrd960 - ok
13:42:57.0569 6328  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:42:57.0604 6328  NlaSvc - ok
13:42:57.0619 6328  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:42:57.0649 6328  Npfs - ok
13:42:57.0673 6328  npggsvc - ok
13:42:57.0676 6328  NPPTNT2 - ok
13:42:57.0699 6328  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:42:57.0747 6328  nsi - ok
13:42:57.0767 6328  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:42:57.0815 6328  nsiproxy - ok
13:42:57.0872 6328  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:42:57.0926 6328  Ntfs - ok
13:42:57.0943 6328  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:42:57.0986 6328  Null - ok
13:42:58.0239 6328  [ 07CA1D99512EE5EF99E954A13F3BFFA8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:42:58.0391 6328  nvlddmkm - ok
13:42:58.0409 6328  [ A8DB9EBD9887A9820DBC1878F0301EE7 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
13:42:58.0417 6328  nvpciflt - ok
13:42:58.0460 6328  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:42:58.0473 6328  nvraid - ok
13:42:58.0483 6328  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:42:58.0496 6328  nvstor - ok
13:42:58.0530 6328  [ 9007A22A1938A9EF81CA5122121ECCD8 ] NVSvc           C:\Windows\system32\nvvsvc.exe
13:42:58.0556 6328  NVSvc - ok
13:42:58.0622 6328  [ 00572C26C6DCF99362068FB7283B7126 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:42:58.0653 6328  nvUpdatusService - ok
13:42:58.0682 6328  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:42:58.0694 6328  nv_agp - ok
13:42:58.0697 6328  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:42:58.0727 6328  ohci1394 - ok
13:42:58.0763 6328  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:42:58.0795 6328  p2pimsvc - ok
13:42:58.0830 6328  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:42:58.0870 6328  p2psvc - ok
13:42:58.0873 6328  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
13:42:58.0898 6328  Parport - ok
13:42:58.0929 6328  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:42:58.0939 6328  partmgr - ok
13:42:58.0951 6328  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:42:58.0984 6328  PcaSvc - ok
13:42:59.0002 6328  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:42:59.0013 6328  pci - ok
13:42:59.0033 6328  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:42:59.0042 6328  pciide - ok
13:42:59.0059 6328  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:42:59.0073 6328  pcmcia - ok
13:42:59.0086 6328  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:42:59.0096 6328  pcw - ok
13:42:59.0104 6328  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:42:59.0157 6328  PEAUTH - ok
13:42:59.0280 6328  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:42:59.0314 6328  PerfHost - ok
13:42:59.0387 6328  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:42:59.0456 6328  pla - ok
13:42:59.0568 6328  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:42:59.0618 6328  PlugPlay - ok
13:42:59.0641 6328  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:42:59.0670 6328  PNRPAutoReg - ok
13:42:59.0751 6328  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:42:59.0767 6328  PNRPsvc - ok
13:42:59.0898 6328  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:42:59.0957 6328  PolicyAgent - ok
13:43:00.0024 6328  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:43:00.0079 6328  Power - ok
13:43:00.0158 6328  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:43:00.0203 6328  PptpMiniport - ok
13:43:00.0260 6328  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
13:43:00.0304 6328  Processor - ok
13:43:00.0360 6328  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:43:00.0400 6328  ProfSvc - ok
13:43:00.0422 6328  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:43:00.0434 6328  ProtectedStorage - ok
13:43:00.0625 6328  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:43:00.0678 6328  Psched - ok
13:43:01.0029 6328  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:43:01.0064 6328  ql2300 - ok
13:43:01.0148 6328  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:43:01.0160 6328  ql40xx - ok
13:43:01.0241 6328  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:43:01.0260 6328  QWAVE - ok
13:43:01.0276 6328  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:43:01.0313 6328  QWAVEdrv - ok
13:43:01.0515 6328  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
13:43:01.0526 6328  RapiMgr - ok
13:43:01.0538 6328  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:43:01.0587 6328  RasAcd - ok
13:43:01.0676 6328  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:43:01.0726 6328  RasAgileVpn - ok
13:43:01.0763 6328  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:43:01.0823 6328  RasAuto - ok
13:43:01.0865 6328  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:43:01.0913 6328  Rasl2tp - ok
13:43:02.0040 6328  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:43:02.0085 6328  RasMan - ok
13:43:02.0099 6328  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:43:02.0149 6328  RasPppoe - ok
13:43:02.0192 6328  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:43:02.0244 6328  RasSstp - ok
13:43:02.0263 6328  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:43:02.0311 6328  rdbss - ok
13:43:02.0353 6328  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:43:02.0434 6328  rdpbus - ok
13:43:02.0492 6328  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:43:02.0578 6328  RDPCDD - ok
13:43:02.0610 6328  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:43:02.0687 6328  RDPENCDD - ok
13:43:02.0761 6328  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:43:02.0844 6328  RDPREFMP - ok
13:43:02.0881 6328  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:43:02.0953 6328  RDPWD - ok
13:43:03.0075 6328  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:43:03.0088 6328  rdyboost - ok
13:43:03.0410 6328  [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:43:03.0427 6328  RegSrvc - ok
13:43:03.0483 6328  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:43:03.0561 6328  RemoteAccess - ok
13:43:03.0651 6328  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:43:03.0701 6328  RemoteRegistry - ok
13:43:03.0805 6328  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:43:03.0874 6328  RFCOMM - ok
13:43:03.0929 6328  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:43:04.0001 6328  RpcEptMapper - ok
13:43:04.0048 6328  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:43:04.0103 6328  RpcLocator - ok
13:43:04.0214 6328  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:43:04.0248 6328  RpcSs - ok
13:43:04.0329 6328  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:43:04.0411 6328  rspndr - ok
13:43:04.0669 6328  [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
13:43:04.0681 6328  RSUSBVSTOR - ok
13:43:04.0855 6328  [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:43:04.0868 6328  RTL8167 - ok
13:43:04.0888 6328  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:43:04.0900 6328  SamSs - ok
13:43:04.0944 6328  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:43:04.0956 6328  sbp2port - ok
13:43:05.0034 6328  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:43:05.0068 6328  SCardSvr - ok
13:43:05.0087 6328  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:43:05.0174 6328  scfilter - ok
13:43:05.0534 6328  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:43:05.0608 6328  Schedule - ok
13:43:05.0682 6328  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:43:05.0710 6328  SCPolicySvc - ok
13:43:05.0791 6328  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
13:43:05.0800 6328  ScreamBAudioSvc - ok
13:43:05.0889 6328  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:43:05.0918 6328  SDRSVC - ok
13:43:06.0006 6328  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:43:06.0052 6328  secdrv - ok
13:43:06.0088 6328  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:43:06.0171 6328  seclogon - ok
13:43:06.0226 6328  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:43:06.0280 6328  SENS - ok
13:43:06.0301 6328  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:43:06.0336 6328  SensrSvc - ok
13:43:06.0393 6328  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:43:06.0426 6328  Serenum - ok
13:43:06.0472 6328  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
13:43:06.0511 6328  Serial - ok
13:43:06.0551 6328  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:43:06.0585 6328  sermouse - ok
13:43:06.0617 6328  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:43:06.0662 6328  SessionEnv - ok
13:43:06.0684 6328  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:43:06.0739 6328  sffdisk - ok
13:43:06.0762 6328  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:43:06.0796 6328  sffp_mmc - ok
13:43:06.0852 6328  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:43:06.0918 6328  sffp_sd - ok
13:43:06.0954 6328  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:43:06.0989 6328  sfloppy - ok
13:43:07.0106 6328  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:43:07.0153 6328  SharedAccess - ok
13:43:07.0362 6328  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:43:07.0428 6328  ShellHWDetection - ok
13:43:07.0511 6328  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
13:43:07.0569 6328  SiSGbeLH - ok
13:43:07.0667 6328  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:43:07.0679 6328  SiSRaid2 - ok
13:43:07.0702 6328  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:43:07.0714 6328  SiSRaid4 - ok
13:43:07.0934 6328  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:43:07.0945 6328  SkypeUpdate - ok
13:43:07.0969 6328  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:43:08.0016 6328  Smb - ok
13:43:08.0087 6328  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:43:08.0117 6328  SNMPTRAP - ok
13:43:08.0135 6328  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:43:08.0145 6328  spldr - ok
13:43:08.0238 6328  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:43:08.0277 6328  Spooler - ok
13:43:08.0356 6328  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:43:08.0475 6328  sppsvc - ok
13:43:08.0505 6328  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:43:08.0559 6328  sppuinotify - ok
13:43:08.0610 6328  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:43:08.0698 6328  srv - ok
13:43:08.0749 6328  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:43:08.0786 6328  srv2 - ok
13:43:08.0807 6328  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:43:08.0851 6328  srvnet - ok
13:43:08.0925 6328  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:43:08.0977 6328  SSDPSRV - ok
13:43:08.0986 6328  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:43:09.0073 6328  SstpSvc - ok
13:43:09.0139 6328  Steam Client Service - ok
13:43:09.0179 6328  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:43:09.0191 6328  stexstor - ok
13:43:09.0227 6328  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:43:09.0273 6328  stisvc - ok
13:43:09.0297 6328  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:43:09.0306 6328  swenum - ok
13:43:09.0373 6328  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:43:09.0399 6328  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
13:43:09.0399 6328  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
13:43:09.0421 6328  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:43:09.0519 6328  swprv - ok
13:43:09.0561 6328  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:43:09.0630 6328  SysMain - ok
13:43:09.0650 6328  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:43:09.0692 6328  TabletInputService - ok
13:43:09.0740 6328  [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
13:43:09.0780 6328  tap0901 - ok
13:43:09.0848 6328  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:43:09.0899 6328  TapiSrv - ok
13:43:09.0920 6328  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:43:09.0975 6328  TBS - ok
13:43:10.0428 6328  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:43:10.0467 6328  Tcpip - ok
13:43:10.0515 6328  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:43:10.0545 6328  TCPIP6 - ok
13:43:10.0599 6328  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:43:10.0633 6328  tcpipreg - ok
13:43:10.0700 6328  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:43:10.0712 6328  TDPIPE - ok
13:43:10.0749 6328  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:43:10.0773 6328  TDTCP - ok
13:43:10.0792 6328  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:43:10.0839 6328  tdx - ok
13:43:11.0017 6328  [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
13:43:11.0056 6328  TeamViewer7 - ok
13:43:11.0100 6328  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:43:11.0110 6328  TermDD - ok
13:43:11.0285 6328  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:43:11.0324 6328  TermService - ok
13:43:11.0342 6328  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:43:11.0376 6328  Themes - ok
13:43:11.0408 6328  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:43:11.0439 6328  THREADORDER - ok
13:43:11.0589 6328  [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService   C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
13:43:11.0598 6328  TiMiniService - ok
13:43:11.0685 6328  [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
13:43:11.0694 6328  tmactmon - ok
13:43:11.0745 6328  [ 360E61217D4E1E333583D0C721057F70 ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
13:43:11.0755 6328  tmcomm - ok
13:43:11.0791 6328  [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:43:11.0800 6328  tmevtmgr - ok
13:43:11.0834 6328  [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
13:43:11.0844 6328  tmtdi - ok
13:43:11.0870 6328  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:43:11.0923 6328  TrkWks - ok
13:43:12.0021 6328  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:43:12.0098 6328  TrustedInstaller - ok
13:43:12.0144 6328  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:43:12.0174 6328  tssecsrv - ok
13:43:12.0204 6328  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:43:12.0235 6328  TsUsbFlt - ok
13:43:12.0237 6328  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:43:12.0271 6328  TsUsbGD - ok
13:43:12.0302 6328  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:43:12.0354 6328  tunnel - ok
13:43:12.0419 6328  [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
13:43:12.0428 6328  TurboB - ok
13:43:12.0486 6328  [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
13:43:12.0495 6328  TurboBoost - ok
13:43:12.0499 6328  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:43:12.0510 6328  uagp35 - ok
13:43:12.0531 6328  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:43:12.0580 6328  udfs - ok
13:43:12.0625 6328  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:43:12.0710 6328  UI0Detect - ok
13:43:12.0739 6328  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:43:12.0749 6328  uliagpkx - ok
13:43:12.0770 6328  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:43:12.0798 6328  umbus - ok
13:43:12.0821 6328  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:43:12.0851 6328  UmPass - ok
13:43:12.0870 6328  Update-Service - ok
13:43:12.0908 6328  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:43:12.0957 6328  upnphost - ok
13:43:12.0997 6328  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:43:13.0034 6328  USBAAPL64 - ok
13:43:13.0091 6328  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:43:13.0120 6328  usbaudio - ok
13:43:13.0165 6328  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:43:13.0198 6328  usbccgp - ok
13:43:13.0234 6328  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:43:13.0289 6328  usbcir - ok
13:43:13.0339 6328  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:43:13.0378 6328  usbehci - ok
13:43:13.0412 6328  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:43:13.0444 6328  usbhub - ok
13:43:13.0461 6328  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:43:13.0473 6328  usbohci - ok
13:43:13.0692 6328  [ 538233FBBC748AA1D57B7B53F150DE9A ] USBPNPA         C:\Windows\system32\drivers\CM10864.sys
13:43:13.0732 6328  USBPNPA - ok
13:43:13.0763 6328  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:43:13.0791 6328  usbprint - ok
13:43:13.0814 6328  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:43:13.0827 6328  USBSTOR - ok
13:43:13.0859 6328  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:43:13.0890 6328  usbuhci - ok
13:43:13.0938 6328  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:43:13.0974 6328  usbvideo - ok
13:43:13.0996 6328  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:43:14.0028 6328  UxSms - ok
13:43:14.0044 6328  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:43:14.0056 6328  VaultSvc - ok
13:43:14.0091 6328  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:43:14.0101 6328  vdrvroot - ok
13:43:14.0120 6328  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:43:14.0168 6328  vds - ok
13:43:14.0183 6328  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:43:14.0198 6328  vga - ok
13:43:14.0211 6328  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:43:14.0241 6328  VgaSave - ok
13:43:14.0245 6328  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:43:14.0260 6328  vhdmp - ok
13:43:14.0276 6328  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:43:14.0286 6328  viaide - ok
13:43:14.0306 6328  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:43:14.0317 6328  volmgr - ok
13:43:14.0329 6328  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:43:14.0345 6328  volmgrx - ok
13:43:14.0365 6328  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:43:14.0396 6328  volsnap - ok
13:43:14.0420 6328  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:43:14.0433 6328  vsmraid - ok
13:43:14.0478 6328  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:43:14.0568 6328  VSS - ok
13:43:14.0590 6328  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:43:14.0620 6328  vwifibus - ok
13:43:14.0639 6328  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:43:14.0672 6328  vwififlt - ok
13:43:14.0727 6328  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:43:14.0758 6328  vwifimp - ok
13:43:14.0800 6328  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:43:14.0855 6328  W32Time - ok
13:43:14.0877 6328  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:43:14.0905 6328  WacomPen - ok
13:43:14.0932 6328  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:43:14.0978 6328  WANARP - ok
13:43:14.0980 6328  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:43:15.0010 6328  Wanarpv6 - ok
13:43:15.0092 6328  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:43:15.0130 6328  WatAdminSvc - ok
13:43:15.0248 6328  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:43:15.0298 6328  wbengine - ok
13:43:15.0337 6328  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:43:15.0370 6328  WbioSrvc - ok
13:43:15.0403 6328  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
13:43:15.0417 6328  WcesComm - ok
13:43:15.0465 6328  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:43:15.0528 6328  wcncsvc - ok
13:43:15.0543 6328  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:43:15.0570 6328  WcsPlugInService - ok
13:43:15.0602 6328  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
13:43:15.0613 6328  Wd - ok
13:43:15.0656 6328  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:43:15.0679 6328  Wdf01000 - ok
13:43:15.0698 6328  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:43:15.0744 6328  WdiServiceHost - ok
13:43:15.0747 6328  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:43:15.0765 6328  WdiSystemHost - ok
13:43:15.0790 6328  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:43:15.0837 6328  WebClient - ok
13:43:15.0858 6328  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:43:15.0916 6328  Wecsvc - ok
13:43:15.0945 6328  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:43:15.0991 6328  wercplsupport - ok
13:43:16.0038 6328  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:43:16.0070 6328  WerSvc - ok
13:43:16.0076 6328  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:43:16.0106 6328  WfpLwf - ok
13:43:16.0473 6328  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
13:43:16.0522 6328  WimFltr - ok
13:43:16.0554 6328  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:43:16.0565 6328  WIMMount - ok
13:43:16.0592 6328  WinDefend - ok
13:43:16.0617 6328  WinHttpAutoProxySvc - ok
13:43:16.0691 6328  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:43:16.0743 6328  Winmgmt - ok
13:43:16.0835 6328  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
13:43:16.0848 6328  WinRing0_1_2_0 - ok
13:43:16.0901 6328  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:43:17.0036 6328  WinRM - ok
13:43:17.0108 6328  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:43:17.0123 6328  WinUsb - ok
13:43:17.0159 6328  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:43:17.0191 6328  Wlansvc - ok
13:43:17.0255 6328  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:43:17.0264 6328  wlcrasvc - ok
13:43:17.0395 6328  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:43:17.0429 6328  wlidsvc - ok
13:43:17.0456 6328  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:43:17.0485 6328  WmiAcpi - ok
13:43:17.0516 6328  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:43:17.0550 6328  wmiApSrv - ok
13:43:17.0580 6328  WMPNetworkSvc - ok
13:43:17.0608 6328  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:43:17.0622 6328  WPCSvc - ok
13:43:17.0636 6328  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:43:17.0652 6328  WPDBusEnum - ok
13:43:17.0674 6328  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:43:17.0732 6328  ws2ifsl - ok
13:43:17.0750 6328  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:43:17.0768 6328  wscsvc - ok
13:43:17.0770 6328  WSearch - ok
13:43:18.0019 6328  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:43:18.0067 6328  wuauserv - ok
13:43:18.0106 6328  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:43:18.0134 6328  WudfPf - ok
13:43:18.0190 6328  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:43:18.0214 6328  WUDFRd - ok
13:43:18.0254 6328  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:43:18.0283 6328  wudfsvc - ok
13:43:18.0322 6328  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:43:18.0363 6328  WwanSvc - ok
13:43:18.0647 6328  X6va006 - ok
13:43:18.0675 6328  X6va007 - ok
13:43:18.0825 6328  X6va008 - ok
13:43:18.0869 6328  [ 754C8BF43F0DD4B54865F174A62761E9 ] XENfiltv        C:\Windows\system32\drivers\XENfiltv.sys
13:43:18.0898 6328  XENfiltv - ok
13:43:18.0926 6328  ================ Scan global ===============================
13:43:18.0948 6328  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:43:18.0987 6328  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:43:18.0996 6328  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:43:19.0018 6328  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:43:19.0040 6328  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:43:19.0046 6328  [Global] - ok
13:43:19.0046 6328  ================ Scan MBR ==================================
13:43:19.0056 6328  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:43:19.0902 6328  \Device\Harddisk0\DR0 - ok
13:43:19.0903 6328  ================ Scan VBR ==================================
13:43:19.0933 6328  [ BF59654C36CBDF50B9E7154162CEAD4A ] \Device\Harddisk0\DR0\Partition1
13:43:19.0936 6328  \Device\Harddisk0\DR0\Partition1 - ok
13:43:19.0958 6328  [ 798E86F24908B175FD53B910F05C8CAB ] \Device\Harddisk0\DR0\Partition2
13:43:19.0961 6328  \Device\Harddisk0\DR0\Partition2 - ok
13:43:19.0961 6328  ============================================================
13:43:19.0961 6328  Scan finished
13:43:19.0961 6328  ============================================================
13:43:19.0967 1400  Detected object count: 4
13:43:19.0967 1400  Actual detected object count: 4
13:43:46.0258 1400  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
13:43:46.0258 1400  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
13:43:46.0259 1400  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
13:43:46.0259 1400  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:43:46.0259 1400  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
13:43:46.0259 1400  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:43:46.0260 1400  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
13:43:46.0260 1400  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 12.03.2013, 16:06

Zitat:

SRV - (Update-Service) -- C:\Windows\SysWOW64\UpdSvc.dll (Joosoft.com GmbH)

Ich seh hier zumidnest einen Eintrag von einem speziellen Schädling, dem sog,. mediyes - das ist recht aufwendig, den zu entfernen

Mach mal bitte mit CF weiter, um den mediyes kümmern wir uns dann, hast du denn mal Meldungen vom Virenscanner über den mediyes bekommen? Wenn ja, hast du noch die Logs dazu?

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

10.03.2013, 16:24	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Malwarebytes Anti-Malware findet Trojan.Ransom.ANC Was soll dieses Drängeln, darf ich mir auch mal einen Tag ohne Trojaner-Board am Wochenende erlauben? Du solltest abwarten erst wenn ich drei Tage nicht mehr geantwortet habe sollst du erinnern! Und bei MBAR bitte auf nein klicken und weitermachen __________________ Logfiles bitte immer in CODE-Tags posten

Malwarebytes Anti-Malware findet Trojan.Ransom.ANC

Plagegeister aller Art und deren Bekämpfung: Malwarebytes Anti-Malware findet Trojan.Ransom.ANC