Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: LAP06-2.vbs auf USB-Stick

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.04.2013, 18:25   #1
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Hallo Community!

Auf einem USB Stick meiner Freundin, welchen sie mir gab, schien sich die Datei "LAP06-2.vbs" versteckt zu haben, welche Avast als "VBS:AutoRun-gen [Wrm]" beschreibt.

Da ich mir nun Sorgen um mein System mache, würde ich darum bitten, meine Logs auszuwrten und mir zu sagen, ob ich ein Problem habe oder nicht.

Hier ist das MBAM-Log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Marcel :: ********* [limited]

29.04.2013 18:10:51
mbam-log-2013-04-29 (18-10-51).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 404780
Time elapsed: 50 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Und hier die OTL-Logs:

OTL logfile created on: 29.04.2013 19:08:52 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

5,96 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 52,30% Memory free
11,92 Gb Paging File | 8,90 Gb Available in Paging File | 74,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,54 Gb Total Space | 713,44 Gb Free Space | 77,50% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 455,67 Gb Free Space | 97,83% Space Free | Partition Type: NTFS

Computer Name: ********* | User Name: ********* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\******\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDYT.exe (Logitech Inc.)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDWebCam.exe (Logitech Inc.)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDMovieViewer.exe (Logitech Inc.)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Hama\Common\RaUI.exe (Ralink Technology, Corp.)
PRC - C:\Program Files (x86)\Hama\Common\RaRegistry.exe (Ralink Technology, Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\Hama\Common\RaWLAPI.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (RalinkRegistryWriter64) -- C:\Program Files (x86)\Hama\Common\RaRegistry64.exe (Ralink Technology, Corp.)
SRV - (RalinkRegistryWriter) -- C:\Program Files (x86)\Hama\Common\RaRegistry.exe (Ralink Technology, Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LGPBTDD) -- C:\Windows\SysNative\drivers\LGPBTDD.sys (Logitech Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=skyp&ocid=skydhp
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.12 22:37:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.01 19:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 14:13:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.01 19:29:34 | 000,000,000 | ---D | M]

[2013.04.12 14:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 14:13:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.12 14:13:10 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.01.05 17:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.05 17:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.01.05 17:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.05 17:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.05 17:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.05 17:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\SysNative\rstrui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt64.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe (AVAST Software)
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1\{9D15E~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{9D15E~1\reboot.ini File not found
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [mcpatcherefdg] File not found
O4 - HKCU..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKCU..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*********\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*********\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5280806A-217A-4B66-ADDB-0642A258CCF8}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96A7B7E4-E87C-4404-AFDE-90B8D8BDDB0E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.04.24 20:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.12 14:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.10 18:10:23 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 18:10:22 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 18:10:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.10 18:10:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.10 18:10:22 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.10 18:10:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.10 18:10:21 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 18:10:21 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.10 18:10:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.10 18:10:21 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.10 18:10:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.10 18:10:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.10 18:10:20 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 18:10:20 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 18:10:19 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 17:26:44 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 17:26:44 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 17:26:43 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 17:26:43 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 17:26:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 17:26:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.30 21:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
[2013.03.30 21:40:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sweet Home 3D

========== Files - Modified Within 30 Days ==========

[2013.04.29 18:15:59 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.29 18:15:59 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.29 18:15:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.29 18:08:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.29 18:08:19 | 504,688,639 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.29 18:02:34 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.29 17:45:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.04.29 17:37:46 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.29 17:37:46 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.29 17:37:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.29 17:37:46 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.29 17:37:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.27 20:33:22 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\WebReg HP Deskjet F300 series.job
[2013.04.10 20:02:27 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.10 20:02:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.10 19:53:21 | 000,310,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2013.04.29 18:02:34 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.01 21:28:20 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2013.02.01 19:23:50 | 000,245,557 | ---- | C] () -- C:\Windows\hpoins19.dat
[2013.02.01 19:23:50 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.11.22 14:28:12 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.22 14:27:55 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.09.28 22:56:34 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012.09.28 22:56:00 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2012.09.28 22:55:45 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2012.09.20 16:29:16 | 504,688,639 | -HS- | C] () -- \hiberfil.sys
[2012.08.26 23:10:34 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012.08.21 05:15:22 | 003,978,240 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012.08.21 05:14:04 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.08.21 05:12:48 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012.08.21 05:12:34 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012.08.21 05:12:32 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012.08.21 05:12:30 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012.08.21 05:12:28 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012.08.21 05:12:28 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012.08.21 05:12:28 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012.08.21 05:12:24 | 000,330,240 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012.07.19 20:56:08 | 000,172,544 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012.07.19 20:56:02 | 006,894,331 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012.07.19 20:56:02 | 001,111,581 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012.07.19 20:56:02 | 000,401,685 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012.07.19 20:56:02 | 000,232,895 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012.07.19 20:56:02 | 000,162,743 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2012.07.19 20:56:02 | 000,101,820 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-0.dll
[2012.06.19 14:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011.05.30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.05.23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >


OTL Extras logfile created on: 29.04.2013 19:08:52 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\******\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

5,96 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 52,30% Memory free
11,92 Gb Paging File | 8,90 Gb Available in Paging File | 74,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,54 Gb Total Space | 713,44 Gb Free Space | 77,50% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 455,67 Gb Free Space | 97,83% Space Free | Partition Type: NTFS

Computer Name: KAWAII-PC | User Name: Admin-san | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01206FCA-F841-432B-A460-B054A68CF507}" = lport=138 | protocol=17 | dir=in | app=system |
"{1C99E57C-A366-475D-9BBD-5BD61D8635DB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DB8046C-2BB5-4132-A075-D2F78223D45C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2C906D14-B2CD-44D9-9063-0442F7BE50A4}" = rport=137 | protocol=17 | dir=out | app=system |
"{2E18036F-8BCC-47FC-8949-80DF471DFB5E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33512AED-3310-4C77-8218-C303DC247A82}" = rport=139 | protocol=6 | dir=out | app=system |
"{468C2F20-8A64-4FDF-8D02-4877DECA07D0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{59D1E017-1541-40F7-8D1B-A30AC0068CB8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5C1A9C92-204C-4ADE-AAD1-EE322DF2E228}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5C38C9C6-7158-40F1-92B6-891A29E1DCC3}" = lport=137 | protocol=17 | dir=in | app=system |
"{5DD418D0-366F-4F0D-9DCF-6F87B32AEC36}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7BFE35F1-8705-48D9-9EF9-159054970CD3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7DF009B6-CECD-4EA4-8E2C-477A7C36A398}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{83F1FC19-5AFA-470A-8259-1E6EA990E729}" = rport=138 | protocol=17 | dir=out | app=system |
"{8A69C3BD-2D73-4EEB-B72B-6EBF9152D6A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D2F142C-170F-4095-B6C5-BB68C50EB274}" = lport=445 | protocol=6 | dir=in | app=system |
"{901A9148-6A64-418C-82D3-B375FA16971C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91CDE7E7-D1B8-4B40-B9C6-858B6154B070}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{96C01591-AF40-4049-B4CE-76808DD09B05}" = rport=10243 | protocol=6 | dir=out | app=system |
"{99AA57BC-5CB0-4228-8F60-8FF829D90D12}" = lport=139 | protocol=6 | dir=in | app=system |
"{A7D6A79C-2EA6-49CC-8E4E-9D8A20BC27E5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B8057F9B-59EB-4CB0-AB28-1064430B4A19}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BF8D4F5D-0147-41C2-9152-CEC4ED5E634E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E0C063EB-2D68-46FF-B446-981C411AB46C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3EC24CE-DA46-439A-8D0B-90CF2CFDF6A4}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F3D25B-613C-4875-B2C3-2D785B4109FB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{05C6E242-7CDD-445E-9586-0CA3742B6269}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{06C310EB-8E6A-49FC-B975-708BF13AB5C7}" = protocol=6 | dir=out | app=system |
"{079BE555-CC7F-4399-9C9D-3F94A67F46B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0B1FF26A-435F-415B-AE34-E4ADDD83C53E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0E89601C-697B-48F0-876F-C1189D9FBA2A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{10349D4C-37E0-4B0E-980B-E61EB4EE9046}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{108FACDF-C3F4-4BB8-9D06-BF1DA95EBEB3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{10A96265-1D56-473F-91FA-F99CE47EC6CE}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{125A89B9-77F1-4E48-97E2-B2443D3333CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1BC5997E-1BAC-4256-A844-F357E65BE1F1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{1C41E9EA-CB51-437E-8605-3455DE0B09EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe |
"{1E283FD1-A426-49FE-9BA7-FDA104D41EB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1FF83CC0-F9B6-4840-A348-5CB41DD43501}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{2035A271-0736-4D84-A659-D4963835CB1F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{20BDDC42-B774-450A-972A-DF36B8B25A11}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{22EA8186-AF1C-4C02-9454-B3C8C0B055F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{26BFFC09-461D-46BC-8919-F015CE16A8D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garrysmod\hl2.exe |
"{2828DFED-B40F-4F2A-B3E4-BF3E7425102F}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{29DC5369-6118-49C3-8D6A-F1AE9FF3D480}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{2A922E1B-9837-4A12-8C81-CAAA864005C7}" = protocol=17 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe |
"{2AD00A7E-E293-40F9-AB5A-241754E7E2D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{2ADF97DC-89AC-450A-B0D2-A7C205EBAB7B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{2F1EF178-603B-472A-BCA7-9B1A3E7C5D26}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{2F3C2FB5-2825-42D2-9DBA-732D3D649842}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{329774BF-691E-42FC-8394-4A0FC3510443}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe |
"{386B4519-C489-4F51-A1AB-A7D347286560}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{39DFAE92-C332-4006-9D38-BE709F4E268A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe |
"{3F94D3AF-CDBF-4F81-A44E-F475CA56ECDB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{4335E2B2-AE9C-419D-A13C-353F07D1BB78}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46541142-CFA1-471E-9906-711CDF5855ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{4CEFA2B8-ED2D-46E2-B0F8-E97DF10E3B23}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4DB18CFE-9765-4191-92EE-1FEF81C0A803}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{4FBBB10F-9A57-4898-8BC1-A577E3055067}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{5377B385-0F0D-4A90-88A1-DFA2C32055F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{54B36543-2690-4703-83C8-1B72E079AB7E}" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{5532E41D-D48D-418C-AFA9-922D633C969A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{56D75BF9-E201-4FF6-A399-E09C6548ADB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{57F5AAEB-8D05-471D-8447-CCF597907E0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magical diary demo\magicaldiary.exe |
"{5A24E8BD-9D20-47A0-AF81-5A9F182E3D8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\gamesw.exe |
"{5CE8C554-2D64-4291-AF22-A030D21D1F61}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{5E039FD1-2FBF-4937-A945-19D895FC5BEE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\game.exe |
"{5F3EEA7A-E172-49A8-A522-8EFDE31F0199}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{5FDB8CF5-B066-48F9-A21D-20236A39EC9A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{60B296E7-D5CA-4B84-9FA5-7F7781971D89}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{664F0037-2835-4E85-B38E-FB63FBF929EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{6A43C36E-37F7-4CF2-BFF6-DF0CBE27AEE9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{6B3B04F3-3E3F-4C7A-AF32-3BE77D8C0708}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{6B6B141E-0AF0-4A9A-8579-E692246C68EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6B966EEB-D4CA-4461-BD29-5BB7CFB6A61A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{72337EBE-1694-4504-AB01-8261353B7376}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72CCD81D-FDD4-4631-826E-5D4630D6F849}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{72DF97AB-669E-43EA-A3C5-A1680E64F92C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{72DFD5C0-5497-4955-B4F6-BDBC6342AE5A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\custom.exe |
"{73A71208-1C25-4383-AFEB-B51ECA73EBAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{77A99E11-BA9C-4A91-8E48-CA740B77DCB1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{77D18086-7A03-40B7-A826-6BF3EBCCE637}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{78FE1E40-8DAB-46D4-9DBD-24B2F0B78032}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\gamesw.exe |
"{79A3CEB5-2C18-4B42-A4C1-E6046CB0959B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{7B03B66B-F409-4543-AF47-CF336CC76C9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe |
"{7B70DBEE-74A3-4274-B2E2-5DFD0E605151}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{7CAE9174-15E6-4F7C-BDF0-88BBA704B65D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine demo\trine_launcher.exe |
"{7DE9E39A-65C9-4670-9B3A-F71EFDE8ECC9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8A8DB8F5-B8C5-4D00-A57A-15B3A5BD2BAF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D5EB4D1-DDDB-411C-960D-56D29716364E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{8EBA644A-BCB2-4C61-98D2-81251C66EEAD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{90C26014-18A1-4BE2-AE3D-56553AB15B33}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{90CD8FD1-051D-428C-B508-EEA8EECB170F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{932D2805-62FB-4605-99BE-96448C696A6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{93695211-BF60-4D1F-89FB-908C3928930E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{94D97E17-95B7-4CFE-9D34-0042D37409AC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{96C9A87F-ACC1-4254-8A4C-797030DFD653}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{9802D616-2DBE-4EBC-8B22-5324107397F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garrysmod\hl2.exe |
"{984C382A-2F7A-41D3-9F3C-9F6B2F519BAA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{9927ACCD-26D4-4354-AF69-B8AFEA87CF26}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{9BE1E4BD-ED7F-47A2-A79B-FDE04F31B2DC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{9C21881B-07C2-461D-995A-3F86B8D22003}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{9C892C60-CCA0-4319-8F74-80F71AC21A45}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\recettear.exe |
"{9E202595-245B-4E3A-ABFB-CA071F6EDF31}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{A1B32D66-C74B-47C2-ABD9-B7DC49E1F3EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{A2D544E2-DBF5-4668-BC18-3A3861633ED3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{A33F2535-18CE-4144-89BA-8A10CE859041}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A38AFE41-0DA0-4F0E-AF0E-8791EFC7A116}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe |
"{A40F0861-5241-4FC6-845B-D562CE7E29AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{A72226A2-B155-4716-9DD8-C2606D0FF7A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{A8ABB70C-3ABA-4394-A244-63E304F5858E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\recettear.exe |
"{AA29384D-EB86-456D-AA83-4FFFD3502CE1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AAE74808-8BFA-42A0-A1B3-7179CC063C27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magical diary demo\magicaldiary.exe |
"{B0174C6F-91F3-41B0-842D-5E17C8E331E1}" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{B31858BC-83DE-41BE-92A0-05DF916BF590}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B34422AC-1CAB-446A-8AF2-F669B8DC1FD8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{B47C0F56-4FAD-4BED-8F0A-55187AE980BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe |
"{B5C0F2A4-20A5-47BD-B1BB-8406365FD110}" = protocol=6 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe |
"{B5C7D15D-B872-46A3-A5A7-FA6637A4BB23}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B7956A4E-01FF-4B97-BB90-8A8E49DEFE73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{BBB96C35-3344-47A1-91F0-2E92FDEC52B6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\game.exe |
"{BEE9E782-7698-4559-AC57-171509FCB69E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C59D8830-0C51-41BE-B432-542E3CDEC8D9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C5D87CAA-794A-4921-A1E8-070A997A9AC1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{C77FF4D0-F319-443F-9B3A-DB0CEBC31B8F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{C98630AE-4C91-4046-ACCE-FB3C6B523A7F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{CC0DE909-D605-41A1-8CCB-47919216D4F6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CFC29B5B-AB7A-4066-8811-FC71C759678D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D37664C6-5E9C-431C-8768-D7D7DA5ECDCE}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{D3FBFDCF-AA21-47FE-8E71-987F8546AB27}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{D4C01DE4-5FDD-4220-B3A7-5E7F7C978806}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D4FC82D2-EB64-4300-A679-1143CE75F641}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{D60AB8BC-C347-4FA4-874A-3923CCD5BAA0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{D8125DF0-1546-4393-9C93-BA9D004DAC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{D9A40395-208A-4392-BBAF-CC940B759096}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DBDE8CC9-4D44-46F8-83AE-A265C320660B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{E0C63BAA-9F83-4B1B-A986-A760FF1168F7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{E0E6060E-2BAB-41ED-80A2-3E277BEDF465}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{E4FCFD59-EACC-4B9A-9872-14A20A5EC3D7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E84C0F18-5A60-4B78-8997-832B20BBA0B1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E8E62174-AD52-439F-8A3A-60151DFF21A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA6390D2-28EA-47D9-8A00-781838C9FA3C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EBEC52E0-3C4D-4D48-97BF-766717846ED5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{EFC8061C-7FAD-41CE-8656-070F26CBE37D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{F16D0597-15ED-4E4F-9C48-11411FDCDC88}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\custom.exe |
"{F2F6AE99-9DB4-4BDD-9224-2ACE2021C765}" = protocol=58 | dir=in | app=system |
"{F6C076FF-F51E-4274-B88A-60542422A534}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine demo\trine_launcher.exe |
"{F7E7FA67-FAEB-42CA-AE06-79745840894B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{FAB54238-3B3C-49D4-887C-D8AA4B7FC5AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FAE8822F-AA7C-4E3D-A4AB-556FB792AABB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FC477E3A-B7F6-4B1A-B606-5F2DA235E2A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{FF1F51D3-4C7E-4BEE-84C9-50C60227F050}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"TCP Query User{16F9CE79-4008-4DAF-A1A0-4E330A4640ED}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{50C135D5-5E06-4095-83D7-A1961513800A}C:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe |
"TCP Query User{5608CA92-912A-4599-8976-814D2DBE48E9}C:\users\******\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe |
"TCP Query User{58A85CC8-15E7-4DB1-B762-0F9A66A2F671}C:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe |
"TCP Query User{5DAA8A9B-EC57-4C48-828F-430E5AEAA167}C:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe |
"TCP Query User{645D32DB-20E2-4FA4-8BD9-0CD9339287B2}C:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe |
"TCP Query User{68AD8263-05CC-4F7D-A0B0-FE2D49029B31}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{851500EC-8A62-44D7-B053-8D91D8342CA2}C:\users\******\desktop\warcraftiii\war3.exe" = protocol=6 | dir=in | app=c:\users\******\desktop\warcraftiii\war3.exe |
"TCP Query User{B93D60A1-B481-46EA-B7CD-2273537F3115}C:\users\******\desktop\killingfloor\system\killingfloor.exe" = protocol=6 | dir=in | app=c:\users\******\desktop\killingfloor\system\killingfloor.exe |
"UDP Query User{67F10B10-DE97-413F-AC49-CC4E9592C5C1}C:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe |
"UDP Query User{8CC6095C-3ADA-4772-94CF-53EC5DC87BD8}C:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe |
"UDP Query User{99DFD034-0E8D-4286-89C1-88295606551B}C:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe |
"UDP Query User{AA043430-FAB2-4C96-AE41-51A694BF5330}C:\users\******\desktop\warcraftiii\war3.exe" = protocol=17 | dir=in | app=c:\users\******\desktop\warcraftiii\war3.exe |
"UDP Query User{BA94540B-E457-4E3E-BB05-E647EE25C685}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{BED7B405-DF0F-4137-84B3-46B58827F192}C:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe |
"UDP Query User{CD06F978-2386-490E-A273-0143C23A9262}C:\users\******\desktop\killingfloor\system\killingfloor.exe" = protocol=17 | dir=in | app=c:\users\******\desktop\killingfloor\system\killingfloor.exe |
"UDP Query User{D1ACE927-1F06-402F-85F5-1F39B51CBA75}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{E78826F8-F692-493F-8CF8-977AE680C77C}C:\users\******\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Blender" = Blender
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Logitech Gaming Software" = Logitech Gaming Software 8.35
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.20 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = HALO 2 FÜR WINDOWS VISTA
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Hama Wireless LAN Adapter
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{668B80AF-D98F-42FC-8EE1-36252B03C5C9}_is1" = MIDI4all
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed III 1.01
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"Codecs for Windows 7 Pack" = Codecs for Windows 7 Pack 4.0.5
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 5.0.22.128
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"Frets on Fire" = Frets On Fire
"Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
"Guild Wars 2" = Guild Wars 2
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Halo 2" = HALO 2 FÜR WINDOWS VISTA
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NifSkope" = NifSkope (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Patch-Master" = Patch-Master
"PunkBusterSvc" = PunkBuster Services
"Secunia PSI" = Secunia PSI (3.0.0.3001)
"Steam App 105600" = Terraria
"Steam App 12900" = Audiosurf
"Steam App 202480" = Creation Kit
"Steam App 212140" = Magical Diary Demo
"Steam App 218" = Source SDK Base 2007
"Steam App 220" = Half-Life 2
"Steam App 22380" = Fallout: New Vegas
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 35710" = Trine Demo
"Steam App 4000" = Garry's Mod
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 440" = Team Fortress 2
"Steam App 49600" = Beat Hazard
"Steam App 500" = Left 4 Dead
"Steam App 550" = Left 4 Dead 2
"Steam App 70410" = Recettear: An Item Shop's Tale - Demo
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"Steam App 98300" = Toy Soldiers
"Sweet Home 3D_is1" = Sweet Home 3D version 4.0
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29.04.2013 04:45:29 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8237

Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9235

Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9235

Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10249

Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10249

Error - 29.04.2013 04:45:32 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 29.04.2013 04:45:32 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11248

Error - 29.04.2013 04:45:32 | Computer Name = *********| Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11248

[ System Events ]
Error - 18.04.2013 03:31:04 | Computer Name = ********* | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error - 19.04.2013 12:42:06 | Computer Name = ********* | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WinHttpAutoProxySvc" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1352 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).

Error - 19.04.2013 12:42:06 | Computer Name = ********* | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%1069

Error - 23.04.2013 06:29:22 | Computer Name = ********* | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.

Error - 23.04.2013 06:29:22 | Computer Name = ********* | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 25.04.2013 16:44:36 | Computer Name = ********* | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WinHttpAutoProxySvc" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).

Error - 25.04.2013 16:44:36 | Computer Name = ********* | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%1069

Error - 27.04.2013 14:33:32 | Computer Name = ********* | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error - 27.04.2013 14:33:33 | Computer Name = ********* | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error - 27.04.2013 14:33:33 | Computer Name = ********* | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.


< End of report >


Vielen Dank im Voraus!

MfG.

Keahl

Alt 01.05.2013, 22:02   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 02.05.2013, 08:00   #3
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Vielen Dank für die schnelle Antwort, Cosinus!

Die beiden Avast Logs, in welchen die Funde verzeichnet waren (erstes Log beim direkten erkennen der Datei und zweites als ich sie mit Malwarebytes untersucht habe. Da hat er mir dann Malwarebytes als infiziert dargestellt) haben sich aus dem Protokollreiter von Avast verabschiedet und sind nicht mehr aufzufinden, obwohl sie vorgestern noch da waren. Das kommt mir etwas seltsam vor.

Ansonsten habe ich keine Logs mit Funden. Den Ordner auf dem Stick habe ich mit MBAM und Avast überprüft und laut denen ist er sauber.
__________________

Alt 02.05.2013, 13:03   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Ich versteh noch nicht ganz, hatte Malwarebytes denn je mal etwas gefunden oder nicht?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.05.2013, 16:41   #5
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Malwarebytes nicht, Avast hingegen schon.


Alt 03.05.2013, 14:29   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.




Rootkitscan mit GMER

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.


Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
--> LAP06-2.vbs auf USB-Stick

Alt 03.05.2013, 16:26   #7
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Vielen Dank für die Antwort!
Hier die Logs:

1. MBAR

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.03.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
********* :: ******** [administrator]

03.05.2013 16:24:51
mbar-log-2013-05-03 (16-24-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28752
Time elapsed: 6 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
(Info: Ich musste während des Scanvorganges weg. Als ich wiederkam, hatte sich der PC wohl von selbst neugestartet, da ich abgemeldet im Kontoauswahlbildschirm war.)

2. MBAR

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.03.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
********* :: ********* [administrator]

03.05.2013 17:17:18
mbar-log-2013-05-03 (17-17-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28759
Time elapsed: 6 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Das Gmer-Logfile scheint zu groß zu sein. Soll ich das als Anhang posten?

Geändert von Keahl (03.05.2013 um 16:31 Uhr) Grund: Verbesserung des Textverständnisses.

Alt 03.05.2013, 23:13   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



ja, bitte gezipt in Anhang. Aber nur dann wenn die Logs zu groß sind.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.05.2013, 16:53   #9
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Tut mir leid, dass es so lange gedauert hat.
Hier das GMER log.

Alt 07.05.2013, 20:40   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.05.2013, 17:36   #11
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Verzeihung nocheinmal, ich war wieder so lange abwesend. >_<

MBR:
Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-13 18:28:33
-----------------------------
18:28:33.282    OS Version: Windows x64 6.1.7601 Service Pack 1
18:28:33.282    Number of processors: 8 586 0x1E05
18:28:33.282    ComputerName: *********  UserName: *********
18:28:35.202    Initialize success
18:28:35.343    AVAST engine defs: 13051300
18:29:05.218    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:29:05.223    Disk 0 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 8
18:29:05.304    Disk 0 MBR read successfully
18:29:05.309    Disk 0 MBR scan
18:29:05.315    Disk 0 Windows 7 default MBR code
18:29:05.321    Disk 0 Partition 1 00     DE Dell Utility NTFS           94 MB offset 63
18:29:05.334    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        11142 MB offset 194560
18:29:05.355    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       942631 MB offset 23013376
18:29:05.383    Disk 0 scanning C:\Windows\system32\drivers
18:29:10.345    Service scanning
18:29:21.010    Modules scanning
18:29:21.012    Disk 0 trace - called modules:
18:29:21.027    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorV.sys hal.dll 
18:29:21.032    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800654a790]
18:29:21.033    3 CLASSPNP.SYS[fffff880013b643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006300050]
18:29:22.742    AVAST engine scan C:\Windows
18:29:25.102    AVAST engine scan C:\Windows\system32
18:30:55.397    AVAST engine scan C:\Windows\system32\drivers
18:31:02.255    AVAST engine scan C:\Users\*********
18:31:54.760    AVAST engine scan C:\ProgramData
18:32:45.980    Scan finished successfully
18:33:12.117    Disk 0 MBR has been saved successfully to "C:\Users\******\Desktop\Logs Mai\MBR.dat"
18:33:12.123    The log file has been saved successfully to "C:\Users\******\Desktop\Logs Mai\aswMBR.txt"
         
TDSSKiller
Code:
ATTFilter
18:33:46.0762 2616  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:33:47.0223 2616  ============================================================
18:33:47.0223 2616  Current date / time: 2013/05/13 18:33:47.0223
18:33:47.0223 2616  SystemInfo:
18:33:47.0223 2616  
18:33:47.0223 2616  OS Version: 6.1.7601 ServicePack: 1.0
18:33:47.0223 2616  Product type: Workstation
18:33:47.0223 2616  ComputerName: *********
18:33:47.0223 2616  UserName: *********
18:33:47.0223 2616  Windows directory: C:\Windows
18:33:47.0223 2616  System windows directory: C:\Windows
18:33:47.0223 2616  Running under WOW64
18:33:47.0223 2616  Processor architecture: Intel x64
18:33:47.0223 2616  Number of processors: 8
18:33:47.0223 2616  Page size: 0x1000
18:33:47.0223 2616  Boot type: Normal boot
18:33:47.0223 2616  ============================================================
18:33:48.0097 2616  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:33:48.0122 2616  Drive \Device\Harddisk5\DR5 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:33:48.0143 2616  ============================================================
18:33:48.0143 2616  \Device\Harddisk0\DR0:
18:33:48.0143 2616  MBR partitions:
18:33:48.0143 2616  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x15C3000
18:33:48.0143 2616  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15F2800, BlocksNum 0x73113800
18:33:48.0143 2616  \Device\Harddisk5\DR5:
18:33:48.0144 2616  MBR partitions:
18:33:48.0144 2616  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
18:33:48.0144 2616  ============================================================
18:33:48.0175 2616  C: <-> \Device\Harddisk0\DR0\Partition2
18:33:48.0178 2616  I: <-> \Device\Harddisk5\DR5\Partition1
18:33:48.0179 2616  ============================================================
18:33:48.0179 2616  Initialize success
18:33:48.0179 2616  ============================================================
18:33:51.0642 6908  ============================================================
18:33:51.0642 6908  Scan started
18:33:51.0642 6908  Mode: Manual; 
18:33:51.0642 6908  ============================================================
18:33:52.0405 6908  ================ Scan system memory ========================
18:33:52.0405 6908  System memory - ok
18:33:52.0406 6908  ================ Scan services =============================
18:33:52.0523 6908  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:33:52.0527 6908  1394ohci - ok
18:33:52.0546 6908  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:33:52.0551 6908  ACPI - ok
18:33:52.0567 6908  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:33:52.0568 6908  AcpiPmi - ok
18:33:52.0653 6908  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:33:52.0654 6908  AdobeARMservice - ok
18:33:52.0736 6908  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:33:52.0740 6908  AdobeFlashPlayerUpdateSvc - ok
18:33:52.0770 6908  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:33:52.0777 6908  adp94xx - ok
18:33:52.0798 6908  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:33:52.0803 6908  adpahci - ok
18:33:52.0816 6908  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:33:52.0819 6908  adpu320 - ok
18:33:52.0836 6908  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:33:52.0838 6908  AeLookupSvc - ok
18:33:52.0869 6908  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:33:52.0876 6908  AFD - ok
18:33:52.0893 6908  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:33:52.0895 6908  agp440 - ok
18:33:52.0909 6908  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:33:52.0911 6908  ALG - ok
18:33:52.0920 6908  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:33:52.0921 6908  aliide - ok
18:33:52.0928 6908  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:33:52.0929 6908  amdide - ok
18:33:52.0940 6908  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:33:52.0942 6908  AmdK8 - ok
18:33:52.0953 6908  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:33:52.0954 6908  AmdPPM - ok
18:33:52.0967 6908  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:33:52.0969 6908  amdsata - ok
18:33:52.0980 6908  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:33:52.0983 6908  amdsbs - ok
18:33:52.0993 6908  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:33:52.0994 6908  amdxata - ok
18:33:53.0017 6908  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:33:53.0019 6908  AppID - ok
18:33:53.0028 6908  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:33:53.0030 6908  AppIDSvc - ok
18:33:53.0050 6908  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:33:53.0052 6908  Appinfo - ok
18:33:53.0104 6908  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:33:53.0106 6908  Apple Mobile Device - ok
18:33:53.0121 6908  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:33:53.0122 6908  arc - ok
18:33:53.0135 6908  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:33:53.0137 6908  arcsas - ok
18:33:53.0150 6908  [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
18:33:53.0151 6908  aswFsBlk - ok
18:33:53.0190 6908  [ 36949EB7E71C5779C5163AF6AFB2A161 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
18:33:53.0191 6908  aswKbd - ok
18:33:53.0216 6908  [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:33:53.0217 6908  aswMonFlt - ok
18:33:53.0228 6908  [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
18:33:53.0229 6908  aswRdr - ok
18:33:53.0289 6908  [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:33:53.0290 6908  aswRvrt - ok
18:33:53.0323 6908  [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:33:53.0333 6908  aswSnx - ok
18:33:53.0354 6908  [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:33:53.0358 6908  aswSP - ok
18:33:53.0372 6908  [ D62C10D1829C65115111C160EA956260 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
18:33:53.0373 6908  aswTdi - ok
18:33:53.0392 6908  [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:33:53.0395 6908  aswVmm - ok
18:33:53.0407 6908  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:53.0408 6908  AsyncMac - ok
18:33:53.0414 6908  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:33:53.0415 6908  atapi - ok
18:33:53.0450 6908  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:33:53.0461 6908  AudioEndpointBuilder - ok
18:33:53.0475 6908  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:33:53.0482 6908  AudioSrv - ok
18:33:53.0552 6908  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:33:53.0554 6908  avast! Antivirus - ok
18:33:53.0581 6908  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:33:53.0584 6908  AxInstSV - ok
18:33:53.0605 6908  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:33:53.0612 6908  b06bdrv - ok
18:33:53.0642 6908  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:33:53.0647 6908  b57nd60a - ok
18:33:53.0658 6908  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:33:53.0661 6908  BDESVC - ok
18:33:53.0666 6908  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:33:53.0667 6908  Beep - ok
18:33:53.0717 6908  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:33:53.0727 6908  BFE - ok
18:33:53.0754 6908  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:33:53.0775 6908  BITS - ok
18:33:53.0786 6908  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:33:53.0788 6908  blbdrive - ok
18:33:53.0818 6908  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:33:53.0826 6908  Bonjour Service - ok
18:33:53.0848 6908  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:33:53.0850 6908  bowser - ok
18:33:53.0856 6908  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:33:53.0857 6908  BrFiltLo - ok
18:33:53.0870 6908  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:33:53.0871 6908  BrFiltUp - ok
18:33:53.0900 6908  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:33:53.0904 6908  Browser - ok
18:33:53.0913 6908  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:33:53.0917 6908  Brserid - ok
18:33:53.0929 6908  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:33:53.0930 6908  BrSerWdm - ok
18:33:53.0935 6908  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:33:53.0936 6908  BrUsbMdm - ok
18:33:53.0944 6908  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:33:53.0945 6908  BrUsbSer - ok
18:33:53.0950 6908  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:33:53.0952 6908  BTHMODEM - ok
18:33:53.0986 6908  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:33:53.0989 6908  bthserv - ok
18:33:54.0000 6908  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:33:54.0002 6908  cdfs - ok
18:33:54.0015 6908  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:33:54.0017 6908  cdrom - ok
18:33:54.0030 6908  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:33:54.0032 6908  CertPropSvc - ok
18:33:54.0041 6908  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:33:54.0042 6908  circlass - ok
18:33:54.0051 6908  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:33:54.0055 6908  CLFS - ok
18:33:54.0095 6908  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:33:54.0097 6908  clr_optimization_v2.0.50727_32 - ok
18:33:54.0114 6908  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:33:54.0117 6908  clr_optimization_v2.0.50727_64 - ok
18:33:54.0172 6908  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:33:54.0176 6908  clr_optimization_v4.0.30319_32 - ok
18:33:54.0198 6908  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:33:54.0201 6908  clr_optimization_v4.0.30319_64 - ok
18:33:54.0205 6908  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:33:54.0206 6908  CmBatt - ok
18:33:54.0220 6908  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:33:54.0221 6908  cmdide - ok
18:33:54.0260 6908  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
18:33:54.0267 6908  CNG - ok
18:33:54.0285 6908  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:33:54.0286 6908  Compbatt - ok
18:33:54.0310 6908  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:33:54.0311 6908  CompositeBus - ok
18:33:54.0323 6908  COMSysApp - ok
18:33:54.0329 6908  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:33:54.0330 6908  crcdisk - ok
18:33:54.0365 6908  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:33:54.0368 6908  CryptSvc - ok
18:33:54.0396 6908  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:33:54.0403 6908  DcomLaunch - ok
18:33:54.0419 6908  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:33:54.0423 6908  defragsvc - ok
18:33:54.0441 6908  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:33:54.0442 6908  DfsC - ok
18:33:54.0460 6908  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:33:54.0464 6908  Dhcp - ok
18:33:54.0467 6908  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:33:54.0467 6908  discache - ok
18:33:54.0476 6908  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:33:54.0477 6908  Disk - ok
18:33:54.0498 6908  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:33:54.0500 6908  Dnscache - ok
18:33:54.0514 6908  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:33:54.0517 6908  dot3svc - ok
18:33:54.0567 6908  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:33:54.0570 6908  Dot4 - ok
18:33:54.0586 6908  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:33:54.0587 6908  Dot4Print - ok
18:33:54.0617 6908  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:33:54.0618 6908  dot4usb - ok
18:33:54.0637 6908  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:33:54.0641 6908  DPS - ok
18:33:54.0665 6908  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:33:54.0666 6908  drmkaud - ok
18:33:54.0703 6908  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:33:54.0712 6908  DXGKrnl - ok
18:33:54.0724 6908  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:33:54.0728 6908  EapHost - ok
18:33:54.0787 6908  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:33:54.0851 6908  ebdrv - ok
18:33:54.0941 6908  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:33:54.0945 6908  EFS - ok
18:33:54.0990 6908  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:33:55.0000 6908  ehRecvr - ok
18:33:55.0029 6908  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:33:55.0032 6908  ehSched - ok
18:33:55.0054 6908  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:33:55.0062 6908  elxstor - ok
18:33:55.0069 6908  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:33:55.0070 6908  ErrDev - ok
18:33:55.0095 6908  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:33:55.0102 6908  EventSystem - ok
18:33:55.0117 6908  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:33:55.0120 6908  exfat - ok
18:33:55.0136 6908  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:33:55.0140 6908  fastfat - ok
18:33:55.0170 6908  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:33:55.0181 6908  Fax - ok
18:33:55.0196 6908  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:33:55.0197 6908  fdc - ok
18:33:55.0213 6908  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:33:55.0216 6908  fdPHost - ok
18:33:55.0226 6908  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:33:55.0229 6908  FDResPub - ok
18:33:55.0241 6908  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:33:55.0243 6908  FileInfo - ok
18:33:55.0251 6908  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:33:55.0252 6908  Filetrace - ok
18:33:55.0257 6908  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:33:55.0258 6908  flpydisk - ok
18:33:55.0277 6908  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:33:55.0280 6908  FltMgr - ok
18:33:55.0317 6908  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:33:55.0331 6908  FontCache - ok
18:33:55.0356 6908  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:33:55.0358 6908  FontCache3.0.0.0 - ok
18:33:55.0366 6908  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:33:55.0367 6908  FsDepends - ok
18:33:55.0386 6908  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:33:55.0387 6908  Fs_Rec - ok
18:33:55.0418 6908  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:33:55.0421 6908  fvevol - ok
18:33:55.0435 6908  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:33:55.0437 6908  gagp30kx - ok
18:33:55.0479 6908  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:33:55.0479 6908  GEARAspiWDM - ok
18:33:55.0516 6908  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:33:55.0527 6908  gpsvc - ok
18:33:55.0571 6908  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
18:33:55.0572 6908  hamachi - ok
18:33:55.0771 6908  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:33:55.0814 6908  Hamachi2Svc - ok
18:33:55.0820 6908  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:33:55.0821 6908  hcw85cir - ok
18:33:55.0842 6908  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:33:55.0847 6908  HdAudAddService - ok
18:33:55.0877 6908  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:33:55.0879 6908  HDAudBus - ok
18:33:55.0901 6908  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
18:33:55.0903 6908  HECIx64 - ok
18:33:55.0908 6908  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:33:55.0909 6908  HidBatt - ok
18:33:55.0922 6908  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:33:55.0924 6908  HidBth - ok
18:33:55.0931 6908  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:33:55.0933 6908  HidIr - ok
18:33:55.0957 6908  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:33:55.0961 6908  hidserv - ok
18:33:55.0965 6908  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:33:55.0967 6908  HidUsb - ok
18:33:55.0990 6908  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:33:55.0994 6908  hkmsvc - ok
18:33:56.0017 6908  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:33:56.0023 6908  HomeGroupListener - ok
18:33:56.0035 6908  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:33:56.0041 6908  HomeGroupProvider - ok
18:33:56.0128 6908  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:33:56.0132 6908  hpqcxs08 - ok
18:33:56.0156 6908  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:33:56.0158 6908  hpqddsvc - ok
18:33:56.0170 6908  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:33:56.0172 6908  HpSAMD - ok
18:33:56.0201 6908  [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:33:56.0220 6908  HPSLPSVC - ok
18:33:56.0278 6908  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:33:56.0289 6908  HTTP - ok
18:33:56.0309 6908  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:33:56.0310 6908  hwpolicy - ok
18:33:56.0325 6908  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:33:56.0327 6908  i8042prt - ok
18:33:56.0338 6908  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:33:56.0343 6908  iaStorV - ok
18:33:56.0375 6908  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:33:56.0388 6908  idsvc - ok
18:33:56.0409 6908  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:33:56.0411 6908  iirsp - ok
18:33:56.0441 6908  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:33:56.0456 6908  IKEEXT - ok
18:33:56.0526 6908  [ 13089F31AA37CDE1CE3784EE01A48484 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:33:56.0544 6908  IntcAzAudAddService - ok
18:33:56.0562 6908  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:33:56.0563 6908  intelide - ok
18:33:56.0576 6908  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:33:56.0577 6908  intelppm - ok
18:33:56.0592 6908  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:33:56.0595 6908  IPBusEnum - ok
18:33:56.0610 6908  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:33:56.0612 6908  IpFilterDriver - ok
18:33:56.0649 6908  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:33:56.0659 6908  iphlpsvc - ok
18:33:56.0674 6908  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:33:56.0677 6908  IPMIDRV - ok
18:33:56.0694 6908  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:33:56.0696 6908  IPNAT - ok
18:33:56.0754 6908  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:33:56.0764 6908  iPod Service - ok
18:33:56.0778 6908  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:33:56.0779 6908  IRENUM - ok
18:33:56.0792 6908  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:33:56.0793 6908  isapnp - ok
18:33:56.0814 6908  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:33:56.0819 6908  iScsiPrt - ok
18:33:56.0859 6908  [ B2B34FD7372E6E01A26E9AE22CC8F1EC ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
18:33:56.0863 6908  k57nd60a - ok
18:33:56.0874 6908  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:33:56.0875 6908  kbdclass - ok
18:33:56.0881 6908  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:33:56.0882 6908  kbdhid - ok
18:33:56.0888 6908  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:33:56.0890 6908  KeyIso - ok
18:33:56.0912 6908  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:33:56.0913 6908  KSecDD - ok
18:33:56.0946 6908  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:33:56.0949 6908  KSecPkg - ok
18:33:56.0958 6908  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:33:56.0959 6908  ksthunk - ok
18:33:56.0983 6908  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:33:56.0993 6908  KtmRm - ok
18:33:57.0018 6908  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:33:57.0026 6908  LanmanServer - ok
18:33:57.0047 6908  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:33:57.0055 6908  LanmanWorkstation - ok
18:33:57.0083 6908  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
18:33:57.0084 6908  LGBusEnum - ok
18:33:57.0095 6908  [ F705A641C18DF31B48B5DBDA94B425E4 ] LGPBTDD         C:\Windows\system32\Drivers\LGPBTDD.sys
18:33:57.0096 6908  LGPBTDD - ok
18:33:57.0124 6908  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
18:33:57.0125 6908  LGVirHid - ok
18:33:57.0154 6908  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:33:57.0156 6908  lltdio - ok
18:33:57.0180 6908  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:33:57.0188 6908  lltdsvc - ok
18:33:57.0210 6908  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:33:57.0214 6908  lmhosts - ok
18:33:57.0231 6908  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:33:57.0234 6908  LSI_FC - ok
18:33:57.0248 6908  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:33:57.0251 6908  LSI_SAS - ok
18:33:57.0264 6908  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:33:57.0266 6908  LSI_SAS2 - ok
18:33:57.0280 6908  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:33:57.0283 6908  LSI_SCSI - ok
18:33:57.0298 6908  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:33:57.0301 6908  luafv - ok
18:33:57.0366 6908  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:33:57.0367 6908  MBAMProtector - ok
18:33:57.0418 6908  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:33:57.0424 6908  MBAMScheduler - ok
18:33:57.0450 6908  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:33:57.0462 6908  MBAMService - ok
18:33:57.0501 6908  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:33:57.0506 6908  Mcx2Svc - ok
18:33:57.0524 6908  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:33:57.0526 6908  megasas - ok
18:33:57.0541 6908  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:33:57.0545 6908  MegaSR - ok
18:33:57.0555 6908  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:33:57.0560 6908  MMCSS - ok
18:33:57.0574 6908  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:33:57.0576 6908  Modem - ok
18:33:57.0585 6908  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:33:57.0586 6908  monitor - ok
18:33:57.0607 6908  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:33:57.0608 6908  mouclass - ok
18:33:57.0624 6908  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:33:57.0626 6908  mouhid - ok
18:33:57.0643 6908  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:33:57.0646 6908  mountmgr - ok
18:33:57.0675 6908  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:33:57.0678 6908  MozillaMaintenance - ok
18:33:57.0697 6908  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:33:57.0701 6908  mpio - ok
18:33:57.0713 6908  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:33:57.0715 6908  mpsdrv - ok
18:33:57.0753 6908  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:33:57.0775 6908  MpsSvc - ok
18:33:57.0803 6908  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:33:57.0806 6908  MRxDAV - ok
18:33:57.0828 6908  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:33:57.0832 6908  mrxsmb - ok
18:33:57.0847 6908  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:33:57.0852 6908  mrxsmb10 - ok
18:33:57.0869 6908  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:33:57.0872 6908  mrxsmb20 - ok
18:33:57.0882 6908  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:33:57.0884 6908  msahci - ok
18:33:57.0896 6908  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:33:57.0899 6908  msdsm - ok
18:33:57.0914 6908  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:33:57.0920 6908  MSDTC - ok
18:33:57.0931 6908  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:33:57.0933 6908  Msfs - ok
18:33:57.0939 6908  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:33:57.0940 6908  mshidkmdf - ok
18:33:57.0945 6908  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:33:57.0945 6908  msisadrv - ok
18:33:57.0962 6908  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:33:57.0965 6908  MSiSCSI - ok
18:33:57.0968 6908  msiserver - ok
18:33:57.0986 6908  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:33:57.0987 6908  MSKSSRV - ok
18:33:57.0990 6908  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:33:57.0991 6908  MSPCLOCK - ok
18:33:57.0994 6908  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:33:57.0995 6908  MSPQM - ok
18:33:58.0023 6908  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:33:58.0027 6908  MsRPC - ok
18:33:58.0037 6908  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:33:58.0037 6908  mssmbios - ok
18:33:58.0048 6908  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:33:58.0049 6908  MSTEE - ok
18:33:58.0064 6908  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:33:58.0065 6908  MTConfig - ok
18:33:58.0077 6908  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:33:58.0078 6908  Mup - ok
18:33:58.0096 6908  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:33:58.0104 6908  napagent - ok
18:33:58.0128 6908  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:33:58.0132 6908  NativeWifiP - ok
18:33:58.0154 6908  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:33:58.0164 6908  NDIS - ok
18:33:58.0207 6908  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:33:58.0208 6908  NdisCap - ok
18:33:58.0224 6908  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:33:58.0226 6908  NdisTapi - ok
18:33:58.0251 6908  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:33:58.0253 6908  Ndisuio - ok
18:33:58.0274 6908  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:33:58.0277 6908  NdisWan - ok
18:33:58.0297 6908  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:33:58.0299 6908  NDProxy - ok
18:33:58.0354 6908  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:33:58.0357 6908  Net Driver HPZ12 - ok
18:33:58.0362 6908  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:33:58.0364 6908  NetBIOS - ok
18:33:58.0373 6908  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:33:58.0377 6908  NetBT - ok
18:33:58.0391 6908  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:33:58.0394 6908  Netlogon - ok
18:33:58.0416 6908  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:33:58.0424 6908  Netman - ok
18:33:58.0440 6908  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:33:58.0449 6908  netprofm - ok
18:33:58.0492 6908  [ C9E9017AC2291E96ED3376B72BC7CF8D ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
18:33:58.0503 6908  netr28ux - ok
18:33:58.0529 6908  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:33:58.0531 6908  NetTcpPortSharing - ok
18:33:58.0543 6908  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:33:58.0544 6908  nfrd960 - ok
18:33:58.0555 6908  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:33:58.0560 6908  NlaSvc - ok
18:33:58.0564 6908  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:33:58.0565 6908  Npfs - ok
18:33:58.0578 6908  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:33:58.0581 6908  nsi - ok
18:33:58.0590 6908  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:33:58.0590 6908  nsiproxy - ok
18:33:58.0648 6908  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:33:58.0690 6908  Ntfs - ok
18:33:58.0701 6908  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:33:58.0702 6908  Null - ok
18:33:58.0884 6908  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:33:58.0923 6908  nvlddmkm - ok
18:33:58.0935 6908  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:33:58.0937 6908  nvraid - ok
18:33:58.0960 6908  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:33:58.0962 6908  nvstor - ok
18:33:59.0002 6908  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:33:59.0009 6908  nvsvc - ok
18:33:59.0077 6908  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:33:59.0085 6908  nvUpdatusService - ok
18:33:59.0103 6908  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:33:59.0106 6908  nv_agp - ok
18:33:59.0115 6908  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:33:59.0116 6908  ohci1394 - ok
18:33:59.0130 6908  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:33:59.0136 6908  p2pimsvc - ok
18:33:59.0145 6908  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:33:59.0158 6908  p2psvc - ok
18:33:59.0168 6908  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:33:59.0170 6908  Parport - ok
18:33:59.0179 6908  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:33:59.0180 6908  partmgr - ok
18:33:59.0197 6908  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:33:59.0202 6908  PcaSvc - ok
18:33:59.0207 6908  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:33:59.0210 6908  pci - ok
18:33:59.0230 6908  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:33:59.0231 6908  pciide - ok
18:33:59.0237 6908  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:33:59.0239 6908  pcmcia - ok
18:33:59.0243 6908  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:33:59.0244 6908  pcw - ok
18:33:59.0264 6908  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:33:59.0271 6908  PEAUTH - ok
18:33:59.0336 6908  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:33:59.0340 6908  PerfHost - ok
18:33:59.0392 6908  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:33:59.0419 6908  pla - ok
18:33:59.0441 6908  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:33:59.0449 6908  PlugPlay - ok
18:33:59.0507 6908  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:33:59.0511 6908  Pml Driver HPZ12 - ok
18:33:59.0522 6908  PnkBstrA - ok
18:33:59.0528 6908  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:33:59.0532 6908  PNRPAutoReg - ok
18:33:59.0553 6908  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:33:59.0559 6908  PNRPsvc - ok
18:33:59.0595 6908  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:33:59.0604 6908  PolicyAgent - ok
18:33:59.0622 6908  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:33:59.0628 6908  Power - ok
18:33:59.0645 6908  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:33:59.0647 6908  PptpMiniport - ok
18:33:59.0657 6908  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:33:59.0659 6908  Processor - ok
18:33:59.0684 6908  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:33:59.0691 6908  ProfSvc - ok
18:33:59.0699 6908  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:33:59.0702 6908  ProtectedStorage - ok
18:33:59.0726 6908  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:33:59.0728 6908  Psched - ok
18:33:59.0750 6908  [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
18:33:59.0751 6908  PSI - ok
18:33:59.0781 6908  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:33:59.0807 6908  ql2300 - ok
18:33:59.0816 6908  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:33:59.0819 6908  ql40xx - ok
18:33:59.0838 6908  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:33:59.0844 6908  QWAVE - ok
18:33:59.0852 6908  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:33:59.0853 6908  QWAVEdrv - ok
18:33:59.0904 6908  [ D319343661F7FEBFB6F43C453C26E779 ] RalinkRegistryWriter C:\Program Files (x86)\Hama\Common\RaRegistry.exe
18:33:59.0906 6908  RalinkRegistryWriter - ok
18:33:59.0919 6908  [ C0E618F5A0D643F71FDD96CDC0C561C3 ] RalinkRegistryWriter64 C:\Program Files (x86)\Hama\Common\RaRegistry64.exe
18:33:59.0923 6908  RalinkRegistryWriter64 - ok
18:33:59.0940 6908  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:33:59.0942 6908  RasAcd - ok
18:33:59.0969 6908  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:33:59.0971 6908  RasAgileVpn - ok
18:33:59.0981 6908  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:33:59.0987 6908  RasAuto - ok
18:33:59.0993 6908  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:33:59.0996 6908  Rasl2tp - ok
18:34:00.0016 6908  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:34:00.0026 6908  RasMan - ok
18:34:00.0032 6908  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:00.0034 6908  RasPppoe - ok
18:34:00.0040 6908  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:34:00.0042 6908  RasSstp - ok
18:34:00.0060 6908  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:34:00.0064 6908  rdbss - ok
18:34:00.0075 6908  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:34:00.0076 6908  rdpbus - ok
18:34:00.0097 6908  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:34:00.0097 6908  RDPCDD - ok
18:34:00.0103 6908  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:34:00.0103 6908  RDPENCDD - ok
18:34:00.0112 6908  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:34:00.0113 6908  RDPREFMP - ok
18:34:00.0167 6908  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:34:00.0168 6908  RdpVideoMiniport - ok
18:34:00.0196 6908  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:34:00.0200 6908  RDPWD - ok
18:34:00.0238 6908  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:34:00.0242 6908  rdyboost - ok
18:34:00.0264 6908  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:34:00.0269 6908  RemoteAccess - ok
18:34:00.0283 6908  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:34:00.0290 6908  RemoteRegistry - ok
18:34:00.0298 6908  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:34:00.0303 6908  RpcEptMapper - ok
18:34:00.0355 6908  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:34:00.0358 6908  RpcLocator - ok
18:34:00.0380 6908  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:34:00.0390 6908  RpcSs - ok
18:34:00.0409 6908  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:34:00.0411 6908  rspndr - ok
18:34:00.0424 6908  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:34:00.0427 6908  SamSs - ok
18:34:00.0450 6908  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:34:00.0453 6908  sbp2port - ok
18:34:00.0473 6908  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:34:00.0480 6908  SCardSvr - ok
18:34:00.0500 6908  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:34:00.0501 6908  scfilter - ok
18:34:00.0542 6908  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:34:00.0568 6908  Schedule - ok
18:34:00.0580 6908  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:34:00.0581 6908  SCPolicySvc - ok
18:34:00.0599 6908  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:34:00.0605 6908  SDRSVC - ok
18:34:00.0621 6908  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:34:00.0623 6908  secdrv - ok
18:34:00.0642 6908  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:34:00.0647 6908  seclogon - ok
18:34:00.0712 6908  [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:34:00.0739 6908  Secunia PSI Agent - ok
18:34:00.0817 6908  [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:34:00.0824 6908  Secunia Update Agent - ok
18:34:00.0830 6908  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:34:00.0836 6908  SENS - ok
18:34:00.0852 6908  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:34:00.0858 6908  SensrSvc - ok
18:34:00.0871 6908  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:34:00.0873 6908  Serenum - ok
18:34:00.0884 6908  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:34:00.0887 6908  Serial - ok
18:34:00.0912 6908  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:34:00.0914 6908  sermouse - ok
18:34:00.0934 6908  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:34:00.0941 6908  SessionEnv - ok
18:34:00.0953 6908  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:34:00.0954 6908  sffdisk - ok
18:34:00.0961 6908  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:34:00.0962 6908  sffp_mmc - ok
18:34:00.0968 6908  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:34:00.0969 6908  sffp_sd - ok
18:34:00.0974 6908  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:34:00.0976 6908  sfloppy - ok
18:34:01.0004 6908  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:34:01.0012 6908  SharedAccess - ok
18:34:01.0028 6908  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:34:01.0038 6908  ShellHWDetection - ok
18:34:01.0052 6908  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:34:01.0054 6908  SiSRaid2 - ok
18:34:01.0066 6908  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:34:01.0068 6908  SiSRaid4 - ok
18:34:01.0207 6908  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:34:01.0267 6908  Skype C2C Service - ok
18:34:01.0307 6908  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:34:01.0310 6908  SkypeUpdate - ok
18:34:01.0334 6908  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:34:01.0337 6908  Smb - ok
18:34:01.0387 6908  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:34:01.0393 6908  SNMPTRAP - ok
18:34:01.0403 6908  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:34:01.0405 6908  spldr - ok
18:34:01.0436 6908  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:34:01.0445 6908  Spooler - ok
18:34:01.0511 6908  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:34:01.0568 6908  sppsvc - ok
18:34:01.0593 6908  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:34:01.0595 6908  sppuinotify - ok
18:34:01.0610 6908  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:34:01.0615 6908  srv - ok
18:34:01.0621 6908  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:34:01.0625 6908  srv2 - ok
18:34:01.0629 6908  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:34:01.0631 6908  srvnet - ok
18:34:01.0659 6908  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:34:01.0663 6908  SSDPSRV - ok
18:34:01.0666 6908  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:34:01.0669 6908  SstpSvc - ok
18:34:01.0690 6908  Steam Client Service - ok
18:34:01.0739 6908  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:34:01.0744 6908  Stereo Service - ok
18:34:01.0759 6908  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:34:01.0760 6908  stexstor - ok
18:34:01.0788 6908  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:34:01.0802 6908  stisvc - ok
18:34:01.0820 6908  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:34:01.0821 6908  swenum - ok
18:34:01.0839 6908  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:34:01.0848 6908  swprv - ok
18:34:01.0890 6908  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:34:01.0923 6908  SysMain - ok
18:34:01.0940 6908  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:34:01.0944 6908  TabletInputService - ok
18:34:01.0960 6908  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:34:01.0967 6908  TapiSrv - ok
18:34:01.0979 6908  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:34:01.0983 6908  TBS - ok
18:34:02.0038 6908  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:34:02.0082 6908  Tcpip - ok
18:34:02.0122 6908  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:34:02.0140 6908  TCPIP6 - ok
18:34:02.0182 6908  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:34:02.0183 6908  tcpipreg - ok
18:34:02.0196 6908  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:34:02.0197 6908  TDPIPE - ok
18:34:02.0227 6908  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:34:02.0229 6908  TDTCP - ok
18:34:02.0244 6908  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:34:02.0245 6908  tdx - ok
18:34:02.0267 6908  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:34:02.0268 6908  TermDD - ok
18:34:02.0289 6908  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:34:02.0300 6908  TermService - ok
18:34:02.0328 6908  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:34:02.0333 6908  Themes - ok
18:34:02.0348 6908  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:34:02.0351 6908  THREADORDER - ok
18:34:02.0362 6908  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:34:02.0368 6908  TrkWks - ok
18:34:02.0394 6908  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:34:02.0397 6908  TrustedInstaller - ok
18:34:02.0426 6908  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:02.0427 6908  tssecsrv - ok
18:34:02.0484 6908  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:34:02.0486 6908  TsUsbFlt - ok
18:34:02.0575 6908  [ D27430FD0EFD8CE745CCF6F179A5C4F2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
18:34:02.0652 6908  TuneUp.UtilitiesSvc - ok
18:34:02.0686 6908  [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
18:34:02.0687 6908  TuneUpUtilitiesDrv - ok
18:34:02.0713 6908  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:34:02.0716 6908  tunnel - ok
18:34:02.0727 6908  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:34:02.0729 6908  uagp35 - ok
18:34:02.0745 6908  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:34:02.0750 6908  udfs - ok
18:34:02.0765 6908  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:34:02.0772 6908  UI0Detect - ok
18:34:02.0780 6908  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:34:02.0782 6908  uliagpkx - ok
18:34:02.0809 6908  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:34:02.0811 6908  umbus - ok
18:34:02.0827 6908  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:34:02.0829 6908  UmPass - ok
18:34:02.0850 6908  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:34:02.0861 6908  upnphost - ok
18:34:02.0898 6908  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:34:02.0900 6908  USBAAPL64 - ok
18:34:02.0927 6908  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:34:02.0930 6908  usbaudio - ok
18:34:02.0939 6908  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:02.0942 6908  usbccgp - ok
18:34:02.0954 6908  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:34:02.0956 6908  usbcir - ok
18:34:02.0973 6908  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:34:02.0975 6908  usbehci - ok
18:34:02.0991 6908  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:34:02.0996 6908  usbhub - ok
18:34:03.0012 6908  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:34:03.0014 6908  usbohci - ok
18:34:03.0035 6908  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:34:03.0036 6908  usbprint - ok
18:34:03.0072 6908  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:34:03.0074 6908  usbscan - ok
18:34:03.0102 6908  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:34:03.0104 6908  USBSTOR - ok
18:34:03.0110 6908  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:34:03.0111 6908  usbuhci - ok
18:34:03.0120 6908  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:34:03.0127 6908  UxSms - ok
18:34:03.0162 6908  [ 9366DA7E69065E314E3FBB1DE4C84CEC ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
18:34:03.0168 6908  UxTuneUp - ok
18:34:03.0181 6908  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:34:03.0185 6908  VaultSvc - ok
18:34:03.0201 6908  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:34:03.0202 6908  vdrvroot - ok
18:34:03.0223 6908  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:34:03.0237 6908  vds - ok
18:34:03.0252 6908  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:03.0254 6908  vga - ok
18:34:03.0259 6908  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:34:03.0261 6908  VgaSave - ok
18:34:03.0277 6908  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:34:03.0281 6908  vhdmp - ok
18:34:03.0305 6908  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:34:03.0306 6908  viaide - ok
18:34:03.0312 6908  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:34:03.0314 6908  volmgr - ok
18:34:03.0331 6908  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:34:03.0337 6908  volmgrx - ok
18:34:03.0359 6908  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:34:03.0364 6908  volsnap - ok
18:34:03.0384 6908  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:34:03.0387 6908  vsmraid - ok
18:34:03.0429 6908  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:34:03.0475 6908  VSS - ok
18:34:03.0490 6908  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:34:03.0491 6908  vwifibus - ok
18:34:03.0518 6908  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:34:03.0519 6908  vwififlt - ok
18:34:03.0549 6908  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:34:03.0557 6908  W32Time - ok
18:34:03.0568 6908  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:34:03.0569 6908  WacomPen - ok
18:34:03.0584 6908  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:34:03.0586 6908  WANARP - ok
18:34:03.0590 6908  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:34:03.0591 6908  Wanarpv6 - ok
18:34:03.0623 6908  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:34:03.0650 6908  wbengine - ok
18:34:03.0667 6908  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:34:03.0673 6908  WbioSrvc - ok
18:34:03.0687 6908  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:34:03.0694 6908  wcncsvc - ok
18:34:03.0705 6908  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:34:03.0709 6908  WcsPlugInService - ok
18:34:03.0721 6908  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:34:03.0722 6908  Wd - ok
18:34:03.0755 6908  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:34:03.0763 6908  Wdf01000 - ok
18:34:03.0774 6908  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:34:03.0778 6908  WdiServiceHost - ok
18:34:03.0782 6908  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:34:03.0786 6908  WdiSystemHost - ok
18:34:03.0797 6908  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:34:03.0804 6908  WebClient - ok
18:34:03.0818 6908  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:34:03.0824 6908  Wecsvc - ok
18:34:03.0834 6908  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:34:03.0839 6908  wercplsupport - ok
18:34:03.0849 6908  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:34:03.0854 6908  WerSvc - ok
18:34:03.0865 6908  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:34:03.0866 6908  WfpLwf - ok
18:34:03.0875 6908  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:34:03.0877 6908  WIMMount - ok
18:34:03.0884 6908  WinDefend - ok
18:34:03.0897 6908  WinHttpAutoProxySvc - ok
18:34:03.0933 6908  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:34:03.0936 6908  Winmgmt - ok
18:34:03.0978 6908  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:34:04.0021 6908  WinRM - ok
18:34:04.0070 6908  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:34:04.0071 6908  WinUsb - ok
18:34:04.0108 6908  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:34:04.0134 6908  Wlansvc - ok
18:34:04.0241 6908  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:34:04.0284 6908  wlidsvc - ok
18:34:04.0290 6908  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:34:04.0292 6908  WmiAcpi - ok
18:34:04.0308 6908  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:34:04.0311 6908  wmiApSrv - ok
18:34:04.0330 6908  WMPNetworkSvc - ok
18:34:04.0350 6908  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:34:04.0354 6908  WPCSvc - ok
18:34:04.0374 6908  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:34:04.0379 6908  WPDBusEnum - ok
18:34:04.0388 6908  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:34:04.0389 6908  ws2ifsl - ok
18:34:04.0400 6908  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:34:04.0405 6908  wscsvc - ok
18:34:04.0409 6908  WSearch - ok
18:34:04.0469 6908  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:34:04.0530 6908  wuauserv - ok
18:34:04.0566 6908  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:34:04.0567 6908  WudfPf - ok
18:34:04.0608 6908  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:34:04.0612 6908  WUDFRd - ok
18:34:04.0645 6908  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:34:04.0652 6908  wudfsvc - ok
18:34:04.0664 6908  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:34:04.0674 6908  WwanSvc - ok
18:34:04.0694 6908  ================ Scan global ===============================
18:34:04.0715 6908  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:34:04.0757 6908  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:34:04.0772 6908  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:34:04.0826 6908  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:34:04.0862 6908  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:34:04.0872 6908  [Global] - ok
18:34:04.0872 6908  ================ Scan MBR ==================================
18:34:04.0887 6908  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:34:05.0099 6908  \Device\Harddisk0\DR0 - ok
18:34:05.0105 6908  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk5\DR5
18:34:05.0155 6908  \Device\Harddisk5\DR5 - ok
18:34:05.0156 6908  ================ Scan VBR ==================================
18:34:05.0159 6908  [ 8FC7486FF94FD6FBE84BB89702437BD7 ] \Device\Harddisk0\DR0\Partition1
18:34:05.0162 6908  \Device\Harddisk0\DR0\Partition1 - ok
18:34:05.0180 6908  [ 61DFB193D6FD34A493390610355B70BF ] \Device\Harddisk0\DR0\Partition2
18:34:05.0183 6908  \Device\Harddisk0\DR0\Partition2 - ok
18:34:05.0207 6908  [ CA17BB78C4E0E30855A9148E82962D80 ] \Device\Harddisk5\DR5\Partition1
18:34:05.0211 6908  \Device\Harddisk5\DR5\Partition1 - ok
18:34:05.0211 6908  ============================================================
18:34:05.0211 6908  Scan finished
18:34:05.0211 6908  ============================================================
18:34:05.0225 4324  Detected object count: 0
18:34:05.0225 4324  Actual detected object count: 0
18:34:14.0896 5964  Deinitialize success
         

Alt 14.05.2013, 10:01   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Zitat:
18:33:51.0642 6908 Scan started
18:33:51.0642 6908 Mode: Manual;
Du hast den TDSS-Killer vor dem Scannen falsch eingestellt, mach es bitte richtig
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.05.2013, 16:17   #13
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Entschuldigung..

Code:
ATTFilter
17:15:14.0406 3244  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:15:14.0715 3244  ============================================================
17:15:14.0715 3244  Current date / time: 2013/05/16 17:15:14.0715
17:15:14.0715 3244  SystemInfo:
17:15:14.0715 3244  
17:15:14.0715 3244  OS Version: 6.1.7601 ServicePack: 1.0
17:15:14.0715 3244  Product type: Workstation
17:15:14.0715 3244  ComputerName: *********
17:15:14.0715 3244  UserName: *********
17:15:14.0715 3244  Windows directory: C:\Windows
17:15:14.0715 3244  System windows directory: C:\Windows
17:15:14.0715 3244  Running under WOW64
17:15:14.0715 3244  Processor architecture: Intel x64
17:15:14.0715 3244  Number of processors: 8
17:15:14.0715 3244  Page size: 0x1000
17:15:14.0715 3244  Boot type: Normal boot
17:15:14.0715 3244  ============================================================
17:15:15.0682 3244  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:15:15.0702 3244  Drive \Device\Harddisk5\DR5 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:15:19.0496 3244  ============================================================
17:15:19.0496 3244  \Device\Harddisk0\DR0:
17:15:19.0497 3244  MBR partitions:
17:15:19.0497 3244  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x15C3000
17:15:19.0497 3244  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15F2800, BlocksNum 0x73113800
17:15:19.0497 3244  \Device\Harddisk5\DR5:
17:15:19.0509 3244  MBR partitions:
17:15:19.0509 3244  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
17:15:19.0509 3244  ============================================================
17:15:19.0534 3244  C: <-> \Device\Harddisk0\DR0\Partition2
17:15:19.0546 3244  I: <-> \Device\Harddisk5\DR5\Partition1
17:15:19.0546 3244  ============================================================
17:15:19.0547 3244  Initialize success
17:15:19.0547 3244  ============================================================
17:15:33.0520 4948  ============================================================
17:15:33.0520 4948  Scan started
17:15:33.0520 4948  Mode: Manual; SigCheck; TDLFS; 
17:15:33.0520 4948  ============================================================
17:15:33.0835 4948  ================ Scan system memory ========================
17:15:33.0835 4948  System memory - ok
17:15:33.0836 4948  ================ Scan services =============================
17:15:33.0942 4948  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:15:34.0072 4948  1394ohci - ok
17:15:34.0104 4948  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:15:34.0121 4948  ACPI - ok
17:15:34.0130 4948  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:15:34.0186 4948  AcpiPmi - ok
17:15:34.0279 4948  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:15:34.0304 4948  AdobeARMservice - ok
17:15:34.0391 4948  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:15:34.0414 4948  AdobeFlashPlayerUpdateSvc - ok
17:15:34.0437 4948  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:15:34.0462 4948  adp94xx - ok
17:15:34.0473 4948  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:15:34.0487 4948  adpahci - ok
17:15:34.0500 4948  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:15:34.0513 4948  adpu320 - ok
17:15:34.0529 4948  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:15:34.0585 4948  AeLookupSvc - ok
17:15:34.0637 4948  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:15:34.0703 4948  AFD - ok
17:15:34.0736 4948  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:15:34.0760 4948  agp440 - ok
17:15:34.0777 4948  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:15:34.0824 4948  ALG - ok
17:15:34.0854 4948  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:15:34.0871 4948  aliide - ok
17:15:34.0879 4948  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:15:34.0896 4948  amdide - ok
17:15:34.0906 4948  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:15:34.0955 4948  AmdK8 - ok
17:15:34.0986 4948  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:15:35.0047 4948  AmdPPM - ok
17:15:35.0077 4948  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:15:35.0100 4948  amdsata - ok
17:15:35.0105 4948  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:15:35.0120 4948  amdsbs - ok
17:15:35.0128 4948  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:15:35.0138 4948  amdxata - ok
17:15:35.0159 4948  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:15:35.0250 4948  AppID - ok
17:15:35.0280 4948  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:15:35.0349 4948  AppIDSvc - ok
17:15:35.0391 4948  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
17:15:35.0443 4948  Appinfo - ok
17:15:35.0514 4948  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:15:35.0538 4948  Apple Mobile Device - ok
17:15:35.0547 4948  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:15:35.0563 4948  arc - ok
17:15:35.0570 4948  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:15:35.0585 4948  arcsas - ok
17:15:35.0612 4948  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
17:15:35.0641 4948  aswFsBlk - ok
17:15:35.0666 4948  [ 36949EB7E71C5779C5163AF6AFB2A161 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
17:15:35.0680 4948  aswKbd - ok
17:15:35.0701 4948  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
17:15:35.0715 4948  aswMonFlt - ok
17:15:35.0721 4948  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
17:15:35.0734 4948  aswRdr - ok
17:15:35.0865 4948  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
17:15:35.0887 4948  aswRvrt - ok
17:15:35.0979 4948  [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
17:15:36.0011 4948  aswSnx - ok
17:15:36.0029 4948  [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP           C:\Windows\system32\drivers\aswSP.sys
17:15:36.0043 4948  aswSP - ok
17:15:36.0057 4948  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
17:15:36.0067 4948  aswTdi - ok
17:15:36.0077 4948  [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
17:15:36.0090 4948  aswVmm - ok
17:15:36.0092 4948  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:15:36.0169 4948  AsyncMac - ok
17:15:36.0207 4948  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:15:36.0231 4948  atapi - ok
17:15:36.0258 4948  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:15:36.0355 4948  AudioEndpointBuilder - ok
17:15:36.0365 4948  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:15:36.0398 4948  AudioSrv - ok
17:15:36.0480 4948  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:15:36.0501 4948  avast! Antivirus - ok
17:15:36.0524 4948  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:15:36.0585 4948  AxInstSV - ok
17:15:36.0637 4948  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:15:36.0702 4948  b06bdrv - ok
17:15:36.0756 4948  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:15:36.0818 4948  b57nd60a - ok
17:15:36.0859 4948  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:15:36.0887 4948  BDESVC - ok
17:15:36.0907 4948  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:15:36.0994 4948  Beep - ok
17:15:37.0068 4948  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:15:37.0125 4948  BFE - ok
17:15:37.0143 4948  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:15:37.0215 4948  BITS - ok
17:15:37.0246 4948  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:15:37.0295 4948  blbdrive - ok
17:15:37.0353 4948  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:15:37.0383 4948  Bonjour Service - ok
17:15:37.0399 4948  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:15:37.0432 4948  bowser - ok
17:15:37.0448 4948  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:15:37.0477 4948  BrFiltLo - ok
17:15:37.0491 4948  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:15:37.0514 4948  BrFiltUp - ok
17:15:37.0535 4948  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:15:37.0560 4948  Browser - ok
17:15:37.0583 4948  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:15:37.0640 4948  Brserid - ok
17:15:37.0673 4948  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:15:37.0730 4948  BrSerWdm - ok
17:15:37.0762 4948  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:15:37.0830 4948  BrUsbMdm - ok
17:15:37.0863 4948  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:15:37.0878 4948  BrUsbSer - ok
17:15:37.0889 4948  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:15:37.0945 4948  BTHMODEM - ok
17:15:37.0979 4948  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:15:38.0061 4948  bthserv - ok
17:15:38.0092 4948  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:15:38.0148 4948  cdfs - ok
17:15:38.0174 4948  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:15:38.0222 4948  cdrom - ok
17:15:38.0265 4948  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:15:38.0332 4948  CertPropSvc - ok
17:15:38.0349 4948  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:15:38.0402 4948  circlass - ok
17:15:38.0436 4948  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:15:38.0463 4948  CLFS - ok
17:15:38.0508 4948  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:15:38.0523 4948  clr_optimization_v2.0.50727_32 - ok
17:15:38.0547 4948  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:15:38.0561 4948  clr_optimization_v2.0.50727_64 - ok
17:15:38.0606 4948  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:15:38.0622 4948  clr_optimization_v4.0.30319_32 - ok
17:15:38.0649 4948  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:15:38.0659 4948  clr_optimization_v4.0.30319_64 - ok
17:15:38.0673 4948  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:15:38.0724 4948  CmBatt - ok
17:15:38.0754 4948  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:15:38.0776 4948  cmdide - ok
17:15:38.0810 4948  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
17:15:38.0837 4948  CNG - ok
17:15:38.0845 4948  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:15:38.0857 4948  Compbatt - ok
17:15:38.0869 4948  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:15:38.0910 4948  CompositeBus - ok
17:15:38.0913 4948  COMSysApp - ok
17:15:38.0947 4948  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:15:38.0959 4948  crcdisk - ok
17:15:38.0983 4948  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:15:39.0030 4948  CryptSvc - ok
17:15:39.0082 4948  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:15:39.0175 4948  DcomLaunch - ok
17:15:39.0213 4948  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:15:39.0262 4948  defragsvc - ok
17:15:39.0295 4948  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:15:39.0369 4948  DfsC - ok
17:15:39.0411 4948  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:15:39.0462 4948  Dhcp - ok
17:15:39.0468 4948  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:15:39.0508 4948  discache - ok
17:15:39.0544 4948  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:15:39.0569 4948  Disk - ok
17:15:39.0591 4948  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:15:39.0646 4948  Dnscache - ok
17:15:39.0691 4948  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:15:39.0781 4948  dot3svc - ok
17:15:39.0836 4948  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
17:15:39.0895 4948  Dot4 - ok
17:15:39.0900 4948  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:15:39.0927 4948  Dot4Print - ok
17:15:39.0957 4948  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
17:15:40.0015 4948  dot4usb - ok
17:15:40.0046 4948  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:15:40.0122 4948  DPS - ok
17:15:40.0165 4948  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:15:40.0224 4948  drmkaud - ok
17:15:40.0279 4948  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:15:40.0321 4948  DXGKrnl - ok
17:15:40.0350 4948  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:15:40.0409 4948  EapHost - ok
17:15:40.0459 4948  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:15:40.0545 4948  ebdrv - ok
17:15:40.0567 4948  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:15:40.0581 4948  EFS - ok
17:15:40.0624 4948  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:15:40.0691 4948  ehRecvr - ok
17:15:40.0739 4948  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:15:40.0767 4948  ehSched - ok
17:15:40.0778 4948  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:15:40.0798 4948  elxstor - ok
17:15:40.0815 4948  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:15:40.0865 4948  ErrDev - ok
17:15:40.0904 4948  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:15:40.0956 4948  EventSystem - ok
17:15:40.0967 4948  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:15:41.0002 4948  exfat - ok
17:15:41.0076 4948  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:15:41.0172 4948  fastfat - ok
17:15:41.0302 4948  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:15:41.0349 4948  Fax - ok
17:15:41.0364 4948  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:15:41.0389 4948  fdc - ok
17:15:41.0405 4948  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:15:41.0467 4948  fdPHost - ok
17:15:41.0493 4948  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:15:41.0520 4948  FDResPub - ok
17:15:41.0525 4948  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:15:41.0536 4948  FileInfo - ok
17:15:41.0543 4948  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:15:41.0645 4948  Filetrace - ok
17:15:41.0659 4948  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:15:41.0671 4948  flpydisk - ok
17:15:41.0686 4948  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:15:41.0699 4948  FltMgr - ok
17:15:41.0738 4948  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
17:15:41.0790 4948  FontCache - ok
17:15:41.0827 4948  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:15:41.0847 4948  FontCache3.0.0.0 - ok
17:15:41.0858 4948  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:15:41.0871 4948  FsDepends - ok
17:15:41.0887 4948  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:15:41.0899 4948  Fs_Rec - ok
17:15:41.0927 4948  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:15:41.0946 4948  fvevol - ok
17:15:41.0949 4948  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:15:41.0964 4948  gagp30kx - ok
17:15:42.0005 4948  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:15:42.0023 4948  GEARAspiWDM - ok
17:15:42.0059 4948  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:15:42.0156 4948  gpsvc - ok
17:15:42.0197 4948  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
17:15:42.0206 4948  hamachi - ok
17:15:42.0262 4948  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:15:42.0336 4948  Hamachi2Svc - ok
17:15:42.0351 4948  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:15:42.0396 4948  hcw85cir - ok
17:15:42.0451 4948  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:15:42.0508 4948  HdAudAddService - ok
17:15:42.0561 4948  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:15:42.0577 4948  HDAudBus - ok
17:15:42.0594 4948  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
17:15:42.0603 4948  HECIx64 - ok
17:15:42.0618 4948  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:15:42.0657 4948  HidBatt - ok
17:15:42.0689 4948  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:15:42.0708 4948  HidBth - ok
17:15:42.0746 4948  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:15:42.0803 4948  HidIr - ok
17:15:42.0850 4948  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:15:42.0933 4948  hidserv - ok
17:15:42.0968 4948  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:15:42.0981 4948  HidUsb - ok
17:15:42.0999 4948  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:15:43.0062 4948  hkmsvc - ok
17:15:43.0101 4948  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:15:43.0152 4948  HomeGroupListener - ok
17:15:43.0194 4948  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:15:43.0246 4948  HomeGroupProvider - ok
17:15:43.0346 4948  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:15:43.0356 4948  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:15:43.0356 4948  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:15:43.0373 4948  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:15:43.0382 4948  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:15:43.0382 4948  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:15:43.0396 4948  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:15:43.0415 4948  HpSAMD - ok
17:15:43.0451 4948  [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:15:43.0470 4948  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:15:43.0470 4948  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:15:43.0504 4948  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:15:43.0596 4948  HTTP - ok
17:15:43.0634 4948  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:15:43.0645 4948  hwpolicy - ok
17:15:43.0671 4948  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:15:43.0685 4948  i8042prt - ok
17:15:43.0692 4948  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:15:43.0708 4948  iaStorV - ok
17:15:43.0736 4948  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:15:43.0771 4948  idsvc - ok
17:15:43.0785 4948  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:15:43.0797 4948  iirsp - ok
17:15:43.0813 4948  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:15:43.0897 4948  IKEEXT - ok
17:15:43.0975 4948  [ 13089F31AA37CDE1CE3784EE01A48484 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:15:44.0021 4948  IntcAzAudAddService - ok
17:15:44.0030 4948  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:15:44.0041 4948  intelide - ok
17:15:44.0056 4948  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:15:44.0069 4948  intelppm - ok
17:15:44.0085 4948  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:15:44.0112 4948  IPBusEnum - ok
17:15:44.0136 4948  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:15:44.0213 4948  IpFilterDriver - ok
17:15:44.0259 4948  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:15:44.0298 4948  iphlpsvc - ok
17:15:44.0309 4948  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:15:44.0325 4948  IPMIDRV - ok
17:15:44.0336 4948  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:15:44.0399 4948  IPNAT - ok
17:15:44.0461 4948  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:15:44.0481 4948  iPod Service - ok
17:15:44.0504 4948  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:15:44.0555 4948  IRENUM - ok
17:15:44.0585 4948  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:15:44.0601 4948  isapnp - ok
17:15:44.0618 4948  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:15:44.0632 4948  iScsiPrt - ok
17:15:44.0666 4948  [ B2B34FD7372E6E01A26E9AE22CC8F1EC ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
17:15:44.0682 4948  k57nd60a - ok
17:15:44.0692 4948  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:15:44.0704 4948  kbdclass - ok
17:15:44.0729 4948  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:15:44.0769 4948  kbdhid - ok
17:15:44.0772 4948  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:15:44.0786 4948  KeyIso - ok
17:15:44.0829 4948  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:15:44.0854 4948  KSecDD - ok
17:15:44.0881 4948  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:15:44.0903 4948  KSecPkg - ok
17:15:44.0917 4948  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:15:44.0947 4948  ksthunk - ok
17:15:44.0966 4948  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:15:45.0037 4948  KtmRm - ok
17:15:45.0068 4948  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:15:45.0100 4948  LanmanServer - ok
17:15:45.0123 4948  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:15:45.0214 4948  LanmanWorkstation - ok
17:15:45.0250 4948  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
17:15:45.0260 4948  LGBusEnum - ok
17:15:45.0279 4948  [ F705A641C18DF31B48B5DBDA94B425E4 ] LGPBTDD         C:\Windows\system32\Drivers\LGPBTDD.sys
17:15:45.0288 4948  LGPBTDD - ok
17:15:45.0308 4948  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
17:15:45.0318 4948  LGVirHid - ok
17:15:45.0338 4948  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:15:45.0372 4948  lltdio - ok
17:15:45.0388 4948  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:15:45.0427 4948  lltdsvc - ok
17:15:45.0436 4948  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:15:45.0462 4948  lmhosts - ok
17:15:45.0482 4948  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:15:45.0493 4948  LSI_FC - ok
17:15:45.0499 4948  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:15:45.0511 4948  LSI_SAS - ok
17:15:45.0523 4948  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:15:45.0534 4948  LSI_SAS2 - ok
17:15:45.0547 4948  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:15:45.0560 4948  LSI_SCSI - ok
17:15:45.0573 4948  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:15:45.0601 4948  luafv - ok
17:15:45.0650 4948  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:15:45.0662 4948  MBAMProtector - ok
17:15:45.0701 4948  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:15:45.0715 4948  MBAMScheduler - ok
17:15:45.0731 4948  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:15:45.0748 4948  MBAMService - ok
17:15:45.0777 4948  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:15:45.0816 4948  Mcx2Svc - ok
17:15:45.0850 4948  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:15:45.0862 4948  megasas - ok
17:15:45.0874 4948  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:15:45.0890 4948  MegaSR - ok
17:15:45.0898 4948  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:15:45.0958 4948  MMCSS - ok
17:15:45.0991 4948  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:15:46.0050 4948  Modem - ok
17:15:46.0078 4948  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:15:46.0148 4948  monitor - ok
17:15:46.0207 4948  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:15:46.0219 4948  mouclass - ok
17:15:46.0234 4948  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:15:46.0275 4948  mouhid - ok
17:15:46.0311 4948  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:15:46.0326 4948  mountmgr - ok
17:15:46.0359 4948  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:15:46.0374 4948  MozillaMaintenance - ok
17:15:46.0397 4948  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:15:46.0410 4948  mpio - ok
17:15:46.0422 4948  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:15:46.0448 4948  mpsdrv - ok
17:15:46.0466 4948  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:15:46.0535 4948  MpsSvc - ok
17:15:46.0570 4948  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:15:46.0587 4948  MRxDAV - ok
17:15:46.0603 4948  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:15:46.0617 4948  mrxsmb - ok
17:15:46.0630 4948  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:15:46.0668 4948  mrxsmb10 - ok
17:15:46.0703 4948  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:15:46.0715 4948  mrxsmb20 - ok
17:15:46.0725 4948  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:15:46.0736 4948  msahci - ok
17:15:46.0746 4948  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:15:46.0757 4948  msdsm - ok
17:15:46.0771 4948  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:15:46.0819 4948  MSDTC - ok
17:15:46.0824 4948  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:15:46.0851 4948  Msfs - ok
17:15:46.0890 4948  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:15:46.0942 4948  mshidkmdf - ok
17:15:46.0945 4948  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:15:46.0956 4948  msisadrv - ok
17:15:46.0996 4948  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:15:47.0056 4948  MSiSCSI - ok
17:15:47.0058 4948  msiserver - ok
17:15:47.0103 4948  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:15:47.0132 4948  MSKSSRV - ok
17:15:47.0135 4948  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:15:47.0190 4948  MSPCLOCK - ok
17:15:47.0196 4948  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:15:47.0228 4948  MSPQM - ok
17:15:47.0257 4948  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:15:47.0271 4948  MsRPC - ok
17:15:47.0279 4948  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:15:47.0290 4948  mssmbios - ok
17:15:47.0307 4948  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:15:47.0364 4948  MSTEE - ok
17:15:47.0398 4948  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:15:47.0410 4948  MTConfig - ok
17:15:47.0420 4948  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:15:47.0431 4948  Mup - ok
17:15:47.0446 4948  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:15:47.0479 4948  napagent - ok
17:15:47.0495 4948  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:15:47.0541 4948  NativeWifiP - ok
17:15:47.0595 4948  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:15:47.0618 4948  NDIS - ok
17:15:47.0632 4948  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:15:47.0661 4948  NdisCap - ok
17:15:47.0675 4948  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:15:47.0702 4948  NdisTapi - ok
17:15:47.0727 4948  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:15:47.0754 4948  Ndisuio - ok
17:15:47.0766 4948  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:15:47.0794 4948  NdisWan - ok
17:15:47.0840 4948  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:15:47.0936 4948  NDProxy - ok
17:15:48.0013 4948  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:15:48.0018 4948  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:15:48.0018 4948  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:15:48.0021 4948  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:15:48.0049 4948  NetBIOS - ok
17:15:48.0059 4948  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:15:48.0114 4948  NetBT - ok
17:15:48.0141 4948  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:15:48.0154 4948  Netlogon - ok
17:15:48.0182 4948  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:15:48.0239 4948  Netman - ok
17:15:48.0273 4948  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:15:48.0307 4948  netprofm - ok
17:15:48.0338 4948  [ C9E9017AC2291E96ED3376B72BC7CF8D ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
17:15:48.0357 4948  netr28ux - ok
17:15:48.0376 4948  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:15:48.0386 4948  NetTcpPortSharing - ok
17:15:48.0403 4948  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:15:48.0414 4948  nfrd960 - ok
17:15:48.0440 4948  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:15:48.0480 4948  NlaSvc - ok
17:15:48.0483 4948  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:15:48.0516 4948  Npfs - ok
17:15:48.0546 4948  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:15:48.0579 4948  nsi - ok
17:15:48.0591 4948  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:15:48.0648 4948  nsiproxy - ok
17:15:48.0709 4948  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:15:48.0744 4948  Ntfs - ok
17:15:48.0747 4948  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:15:48.0822 4948  Null - ok
17:15:49.0008 4948  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:15:49.0120 4948  nvlddmkm - ok
17:15:49.0137 4948  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:15:49.0148 4948  nvraid - ok
17:15:49.0170 4948  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:15:49.0182 4948  nvstor - ok
17:15:49.0219 4948  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:15:49.0237 4948  nvsvc - ok
17:15:49.0301 4948  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:15:49.0324 4948  nvUpdatusService - ok
17:15:49.0345 4948  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:15:49.0358 4948  nv_agp - ok
17:15:49.0365 4948  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:15:49.0378 4948  ohci1394 - ok
17:15:49.0398 4948  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:15:49.0415 4948  p2pimsvc - ok
17:15:49.0422 4948  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:15:49.0440 4948  p2psvc - ok
17:15:49.0452 4948  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:15:49.0468 4948  Parport - ok
17:15:49.0486 4948  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:15:49.0499 4948  partmgr - ok
17:15:49.0507 4948  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:15:49.0529 4948  PcaSvc - ok
17:15:49.0534 4948  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:15:49.0549 4948  pci - ok
17:15:49.0556 4948  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:15:49.0569 4948  pciide - ok
17:15:49.0584 4948  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:15:49.0599 4948  pcmcia - ok
17:15:49.0602 4948  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:15:49.0615 4948  pcw - ok
17:15:49.0631 4948  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:15:49.0663 4948  PEAUTH - ok
17:15:49.0729 4948  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:15:49.0790 4948  PerfHost - ok
17:15:49.0855 4948  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:15:49.0936 4948  pla - ok
17:15:49.0967 4948  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:15:49.0984 4948  PlugPlay - ok
17:15:50.0033 4948  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:15:50.0039 4948  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:15:50.0039 4948  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:15:50.0051 4948  PnkBstrA - ok
17:15:50.0059 4948  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:15:50.0100 4948  PNRPAutoReg - ok
17:15:50.0133 4948  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:15:50.0162 4948  PNRPsvc - ok
17:15:50.0179 4948  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:15:50.0219 4948  PolicyAgent - ok
17:15:50.0239 4948  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:15:50.0319 4948  Power - ok
17:15:50.0355 4948  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:15:50.0381 4948  PptpMiniport - ok
17:15:50.0393 4948  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:15:50.0446 4948  Processor - ok
17:15:50.0494 4948  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:15:50.0523 4948  ProfSvc - ok
17:15:50.0534 4948  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:15:50.0549 4948  ProtectedStorage - ok
17:15:50.0577 4948  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:15:50.0653 4948  Psched - ok
17:15:50.0702 4948  [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
17:15:50.0721 4948  PSI - ok
17:15:50.0744 4948  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:15:50.0777 4948  ql2300 - ok
17:15:50.0784 4948  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:15:50.0796 4948  ql40xx - ok
17:15:50.0805 4948  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:15:50.0824 4948  QWAVE - ok
17:15:50.0837 4948  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:15:50.0888 4948  QWAVEdrv - ok
17:15:50.0955 4948  [ D319343661F7FEBFB6F43C453C26E779 ] RalinkRegistryWriter C:\Program Files (x86)\Hama\Common\RaRegistry.exe
17:15:50.0975 4948  RalinkRegistryWriter - ok
17:15:50.0988 4948  [ C0E618F5A0D643F71FDD96CDC0C561C3 ] RalinkRegistryWriter64 C:\Program Files (x86)\Hama\Common\RaRegistry64.exe
17:15:51.0004 4948  RalinkRegistryWriter64 - ok
17:15:51.0017 4948  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:15:51.0055 4948  RasAcd - ok
17:15:51.0079 4948  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:15:51.0104 4948  RasAgileVpn - ok
17:15:51.0116 4948  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:15:51.0196 4948  RasAuto - ok
17:15:51.0225 4948  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:15:51.0270 4948  Rasl2tp - ok
17:15:51.0283 4948  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:15:51.0316 4948  RasMan - ok
17:15:51.0319 4948  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:15:51.0346 4948  RasPppoe - ok
17:15:51.0349 4948  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:15:51.0377 4948  RasSstp - ok
17:15:51.0386 4948  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:15:51.0413 4948  rdbss - ok
17:15:51.0426 4948  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:15:51.0483 4948  rdpbus - ok
17:15:51.0523 4948  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:15:51.0569 4948  RDPCDD - ok
17:15:51.0573 4948  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:15:51.0632 4948  RDPENCDD - ok
17:15:51.0672 4948  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:15:51.0727 4948  RDPREFMP - ok
17:15:51.0777 4948  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:15:51.0789 4948  RdpVideoMiniport - ok
17:15:51.0822 4948  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:15:51.0838 4948  RDPWD - ok
17:15:51.0864 4948  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:15:51.0880 4948  rdyboost - ok
17:15:51.0899 4948  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:15:51.0963 4948  RemoteAccess - ok
17:15:51.0993 4948  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:15:52.0022 4948  RemoteRegistry - ok
17:15:52.0033 4948  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:15:52.0087 4948  RpcEptMapper - ok
17:15:52.0123 4948  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:15:52.0164 4948  RpcLocator - ok
17:15:52.0196 4948  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:15:52.0227 4948  RpcSs - ok
17:15:52.0235 4948  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:15:52.0276 4948  rspndr - ok
17:15:52.0284 4948  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:15:52.0296 4948  SamSs - ok
17:15:52.0318 4948  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:15:52.0330 4948  sbp2port - ok
17:15:52.0341 4948  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:15:52.0398 4948  SCardSvr - ok
17:15:52.0435 4948  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:15:52.0480 4948  scfilter - ok
17:15:52.0505 4948  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:15:52.0624 4948  Schedule - ok
17:15:52.0639 4948  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:15:52.0665 4948  SCPolicySvc - ok
17:15:52.0674 4948  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:15:52.0717 4948  SDRSVC - ok
17:15:52.0756 4948  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:15:52.0812 4948  secdrv - ok
17:15:52.0846 4948  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:15:52.0878 4948  seclogon - ok
17:15:52.0924 4948  [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:15:52.0944 4948  Secunia PSI Agent - ok
17:15:52.0966 4948  [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
17:15:52.0979 4948  Secunia Update Agent - ok
17:15:52.0990 4948  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:15:53.0055 4948  SENS - ok
17:15:53.0070 4948  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:15:53.0084 4948  SensrSvc - ok
17:15:53.0096 4948  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:15:53.0134 4948  Serenum - ok
17:15:53.0177 4948  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:15:53.0190 4948  Serial - ok
17:15:53.0211 4948  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:15:53.0257 4948  sermouse - ok
17:15:53.0293 4948  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:15:53.0323 4948  SessionEnv - ok
17:15:53.0331 4948  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:15:53.0375 4948  sffdisk - ok
17:15:53.0404 4948  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:15:53.0419 4948  sffp_mmc - ok
17:15:53.0434 4948  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:15:53.0473 4948  sffp_sd - ok
17:15:53.0505 4948  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:15:53.0519 4948  sfloppy - ok
17:15:53.0546 4948  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:15:53.0640 4948  SharedAccess - ok
17:15:53.0679 4948  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:15:53.0755 4948  ShellHWDetection - ok
17:15:53.0804 4948  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:15:53.0817 4948  SiSRaid2 - ok
17:15:53.0825 4948  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:15:53.0839 4948  SiSRaid4 - ok
17:15:53.0949 4948  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:15:53.0998 4948  Skype C2C Service - ok
17:15:54.0032 4948  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:15:54.0043 4948  SkypeUpdate - ok
17:15:54.0060 4948  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:15:54.0091 4948  Smb - ok
17:15:54.0130 4948  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:15:54.0146 4948  SNMPTRAP - ok
17:15:54.0155 4948  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:15:54.0166 4948  spldr - ok
17:15:54.0195 4948  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:15:54.0245 4948  Spooler - ok
17:15:54.0325 4948  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:15:54.0465 4948  sppsvc - ok
17:15:54.0494 4948  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:15:54.0575 4948  sppuinotify - ok
17:15:54.0612 4948  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:15:54.0631 4948  srv - ok
17:15:54.0639 4948  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:15:54.0674 4948  srv2 - ok
17:15:54.0684 4948  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:15:54.0740 4948  srvnet - ok
17:15:54.0779 4948  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:15:54.0873 4948  SSDPSRV - ok
17:15:54.0876 4948  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:15:54.0904 4948  SstpSvc - ok
17:15:54.0942 4948  Steam Client Service - ok
17:15:54.0983 4948  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:15:55.0012 4948  Stereo Service - ok
17:15:55.0028 4948  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:15:55.0040 4948  stexstor - ok
17:15:55.0071 4948  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:15:55.0123 4948  stisvc - ok
17:15:55.0166 4948  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:15:55.0187 4948  swenum - ok
17:15:55.0208 4948  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:15:55.0284 4948  swprv - ok
17:15:55.0341 4948  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:15:55.0415 4948  SysMain - ok
17:15:55.0450 4948  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:15:55.0474 4948  TabletInputService - ok
17:15:55.0488 4948  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:15:55.0567 4948  TapiSrv - ok
17:15:55.0598 4948  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:15:55.0627 4948  TBS - ok
17:15:55.0688 4948  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:15:55.0752 4948  Tcpip - ok
17:15:55.0775 4948  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:15:55.0800 4948  TCPIP6 - ok
17:15:55.0826 4948  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:15:55.0838 4948  tcpipreg - ok
17:15:55.0848 4948  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:15:55.0889 4948  TDPIPE - ok
17:15:55.0930 4948  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:15:55.0977 4948  TDTCP - ok
17:15:56.0021 4948  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:15:56.0048 4948  tdx - ok
17:15:56.0051 4948  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:15:56.0060 4948  TermDD - ok
17:15:56.0084 4948  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:15:56.0125 4948  TermService - ok
17:15:56.0139 4948  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:15:56.0183 4948  Themes - ok
17:15:56.0223 4948  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:15:56.0269 4948  THREADORDER - ok
17:15:56.0281 4948  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:15:56.0310 4948  TrkWks - ok
17:15:56.0338 4948  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:15:56.0397 4948  TrustedInstaller - ok
17:15:56.0436 4948  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:15:56.0462 4948  tssecsrv - ok
17:15:56.0503 4948  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:15:56.0516 4948  TsUsbFlt - ok
17:15:56.0583 4948  [ D27430FD0EFD8CE745CCF6F179A5C4F2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
17:15:56.0613 4948  TuneUp.UtilitiesSvc - ok
17:15:56.0638 4948  [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
17:15:56.0647 4948  TuneUpUtilitiesDrv - ok
17:15:56.0682 4948  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:15:56.0724 4948  tunnel - ok
17:15:56.0732 4948  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:15:56.0754 4948  uagp35 - ok
17:15:56.0779 4948  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:15:56.0845 4948  udfs - ok
17:15:56.0876 4948  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:15:56.0891 4948  UI0Detect - ok
17:15:56.0911 4948  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:15:56.0923 4948  uliagpkx - ok
17:15:56.0945 4948  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:15:56.0982 4948  umbus - ok
17:15:57.0012 4948  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:15:57.0023 4948  UmPass - ok
17:15:57.0034 4948  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:15:57.0066 4948  upnphost - ok
17:15:57.0100 4948  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:15:57.0112 4948  USBAAPL64 - ok
17:15:57.0166 4948  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:15:57.0208 4948  usbaudio - ok
17:15:57.0242 4948  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:15:57.0260 4948  usbccgp - ok
17:15:57.0279 4948  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:15:57.0328 4948  usbcir - ok
17:15:57.0359 4948  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:15:57.0375 4948  usbehci - ok
17:15:57.0384 4948  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:15:57.0428 4948  usbhub - ok
17:15:57.0431 4948  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:15:57.0447 4948  usbohci - ok
17:15:57.0488 4948  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:15:57.0514 4948  usbprint - ok
17:15:57.0533 4948  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:15:57.0576 4948  usbscan - ok
17:15:57.0620 4948  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:15:57.0668 4948  USBSTOR - ok
17:15:57.0671 4948  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:15:57.0693 4948  usbuhci - ok
17:15:57.0722 4948  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:15:57.0764 4948  UxSms - ok
17:15:57.0806 4948  [ 9366DA7E69065E314E3FBB1DE4C84CEC ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
17:15:57.0818 4948  UxTuneUp - ok
17:15:57.0825 4948  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:15:57.0840 4948  VaultSvc - ok
17:15:57.0853 4948  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:15:57.0864 4948  vdrvroot - ok
17:15:57.0890 4948  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:15:57.0921 4948  vds - ok
17:15:57.0929 4948  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:15:57.0943 4948  vga - ok
17:15:57.0953 4948  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:15:57.0979 4948  VgaSave - ok
17:15:57.0983 4948  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:15:57.0995 4948  vhdmp - ok
17:15:58.0015 4948  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:15:58.0027 4948  viaide - ok
17:15:58.0029 4948  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:15:58.0039 4948  volmgr - ok
17:15:58.0056 4948  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:15:58.0069 4948  volmgrx - ok
17:15:58.0085 4948  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:15:58.0098 4948  volsnap - ok
17:15:58.0127 4948  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:15:58.0139 4948  vsmraid - ok
17:15:58.0175 4948  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:15:58.0236 4948  VSS - ok
17:15:58.0250 4948  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:15:58.0294 4948  vwifibus - ok
17:15:58.0327 4948  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:15:58.0373 4948  vwififlt - ok
17:15:58.0417 4948  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:15:58.0453 4948  W32Time - ok
17:15:58.0465 4948  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:15:58.0521 4948  WacomPen - ok
17:15:58.0569 4948  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:15:58.0654 4948  WANARP - ok
17:15:58.0688 4948  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:15:58.0713 4948  Wanarpv6 - ok
17:15:58.0747 4948  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:15:58.0777 4948  wbengine - ok
17:15:58.0793 4948  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:15:58.0811 4948  WbioSrvc - ok
17:15:58.0821 4948  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:15:58.0867 4948  wcncsvc - ok
17:15:58.0898 4948  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:15:58.0913 4948  WcsPlugInService - ok
17:15:58.0922 4948  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:15:58.0933 4948  Wd - ok
17:15:59.0000 4948  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:15:59.0042 4948  Wdf01000 - ok
17:15:59.0050 4948  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:15:59.0101 4948  WdiServiceHost - ok
17:15:59.0104 4948  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:15:59.0127 4948  WdiSystemHost - ok
17:15:59.0223 4948  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:15:59.0339 4948  WebClient - ok
17:15:59.0403 4948  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:15:59.0517 4948  Wecsvc - ok
17:15:59.0552 4948  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:15:59.0599 4948  wercplsupport - ok
17:15:59.0609 4948  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:15:59.0636 4948  WerSvc - ok
17:15:59.0649 4948  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:15:59.0675 4948  WfpLwf - ok
17:15:59.0685 4948  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:15:59.0695 4948  WIMMount - ok
17:15:59.0702 4948  WinDefend - ok
17:15:59.0712 4948  WinHttpAutoProxySvc - ok
17:15:59.0750 4948  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:15:59.0778 4948  Winmgmt - ok
17:15:59.0816 4948  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:15:59.0874 4948  WinRM - ok
17:15:59.0913 4948  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:15:59.0928 4948  WinUsb - ok
17:15:59.0955 4948  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:15:59.0981 4948  Wlansvc - ok
17:16:00.0084 4948  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:16:00.0183 4948  wlidsvc - ok
17:16:00.0195 4948  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:16:00.0235 4948  WmiAcpi - ok
17:16:00.0267 4948  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:16:00.0324 4948  wmiApSrv - ok
17:16:00.0364 4948  WMPNetworkSvc - ok
17:16:00.0385 4948  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:16:00.0412 4948  WPCSvc - ok
17:16:00.0433 4948  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:16:00.0450 4948  WPDBusEnum - ok
17:16:00.0455 4948  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:16:00.0517 4948  ws2ifsl - ok
17:16:00.0551 4948  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:16:00.0602 4948  wscsvc - ok
17:16:00.0604 4948  WSearch - ok
17:16:00.0686 4948  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:16:00.0764 4948  wuauserv - ok
17:16:00.0792 4948  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:16:00.0805 4948  WudfPf - ok
17:16:00.0825 4948  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:16:00.0840 4948  WUDFRd - ok
17:16:00.0862 4948  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:16:00.0904 4948  wudfsvc - ok
17:16:00.0945 4948  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:16:00.0991 4948  WwanSvc - ok
17:16:01.0032 4948  ================ Scan global ===============================
17:16:01.0041 4948  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:16:01.0065 4948  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:16:01.0073 4948  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:16:01.0093 4948  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:16:01.0113 4948  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:16:01.0123 4948  [Global] - ok
17:16:01.0124 4948  ================ Scan MBR ==================================
17:16:01.0138 4948  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:16:01.0444 4948  \Device\Harddisk0\DR0 - ok
17:16:01.0449 4948  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk5\DR5
17:16:01.0602 4948  \Device\Harddisk5\DR5 - ok
17:16:01.0603 4948  ================ Scan VBR ==================================
17:16:01.0606 4948  [ 8FC7486FF94FD6FBE84BB89702437BD7 ] \Device\Harddisk0\DR0\Partition1
17:16:01.0608 4948  \Device\Harddisk0\DR0\Partition1 - ok
17:16:01.0623 4948  [ 61DFB193D6FD34A493390610355B70BF ] \Device\Harddisk0\DR0\Partition2
17:16:01.0625 4948  \Device\Harddisk0\DR0\Partition2 - ok
17:16:01.0629 4948  [ CA17BB78C4E0E30855A9148E82962D80 ] \Device\Harddisk5\DR5\Partition1
17:16:01.0633 4948  \Device\Harddisk5\DR5\Partition1 - ok
17:16:01.0633 4948  ============================================================
17:16:01.0633 4948  Scan finished
17:16:01.0633 4948  ============================================================
17:16:01.0644 4976  Detected object count: 5
17:16:01.0644 4976  Actual detected object count: 5
17:16:18.0874 4976  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0874 4976  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:16:18.0876 4976  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0876 4976  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:16:18.0878 4976  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0878 4976  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:16:18.0879 4976  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0879 4976  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:16:18.0881 4976  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0881 4976  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 16.05.2013, 16:22   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.05.2013, 16:31   #15
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick



Beim Junkware Removal Tool bekomme ich folgenden Fehler:
"7-Zip: Internal Error, code 105."
Schutzsoftware war aus, gestartet wurde mit Administrator.

Den Schritt überspringen?

Antwort

Themen zu LAP06-2.vbs auf USB-Stick
adobe reader xi, antivirus, aswrvrt.sys, bho, bonjour, converter, firefox, flash player, format, helper, home, homepage, iexplore.exe, install.exe, lap06-2.vbs, launch, logfile, mozilla, mp3, msvcrt, officejet, problem, realtek, registry, rundll, secunia psi, security, software, stick, svchost.exe, system, udp, usb, usb-stick



Ähnliche Themen: LAP06-2.vbs auf USB-Stick


  1. USB Stick defekt?
    Netzwerk und Hardware - 13.01.2015 (1)
  2. Immer, wenn ich den USB Stick vom Fernseher abziehe und mit dem PC wieder verbinde, erscheint auf dem Stick eine CM0013 Datei.
    Plagegeister aller Art und deren Bekämpfung - 08.09.2014 (7)
  3. USB Stick Bootfähig
    Alles rund um Windows - 11.01.2012 (2)
  4. WORM/Phorpiex.B.64 auf USB-Stick - Datenrettung vom USB-Stick?
    Plagegeister aller Art und deren Bekämpfung - 09.11.2011 (32)
  5. Virus auf USB-Stick? - USB-Stick wird beim Einstecken als Ordner angezeigt.
    Antiviren-, Firewall- und andere Schutzprogramme - 21.07.2010 (5)
  6. Virenscanner für USB Stick
    Plagegeister aller Art und deren Bekämpfung - 09.03.2010 (7)
  7. Conficker auf USB-Stick
    Log-Analyse und Auswertung - 15.02.2010 (18)
  8. bak.exe (mit autorun auf usb-stick)
    Plagegeister aller Art und deren Bekämpfung - 14.01.2010 (4)
  9. USB Stick booten
    Netzwerk und Hardware - 25.11.2009 (1)
  10. USB Stick
    Netzwerk und Hardware - 17.07.2009 (3)
  11. USB Stick
    Log-Analyse und Auswertung - 13.05.2009 (1)
  12. USB-Stick infiziert?
    Plagegeister aller Art und deren Bekämpfung - 24.03.2009 (36)
  13. virus via usb-stick?
    Plagegeister aller Art und deren Bekämpfung - 03.03.2009 (26)
  14. usb stick streigt
    Netzwerk und Hardware - 14.02.2009 (23)
  15. Conficker auf USB-Stick
    Plagegeister aller Art und deren Bekämpfung - 17.01.2009 (0)
  16. Trojaner auf USB-Stick
    Log-Analyse und Auswertung - 12.11.2008 (3)
  17. Hilfe für USB Stick
    Alles rund um Windows - 26.10.2008 (3)

Zum Thema LAP06-2.vbs auf USB-Stick - Hallo Community! Auf einem USB Stick meiner Freundin, welchen sie mir gab, schien sich die Datei "LAP06-2.vbs" versteckt zu haben, welche Avast als "VBS:AutoRun-gen [Wrm]" beschreibt. Da ich mir nun - LAP06-2.vbs auf USB-Stick...
Archiv
Du betrachtest: LAP06-2.vbs auf USB-Stick auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.