Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: BKA - Paysafe Virus, Windows 7 gesperrt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.05.2013, 16:15   #1
Houshmand
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Hallo,
Bei meinem Rechner hat sich heute ein Virus eingeschlichen.
Es kam eine Paysave aufforderung von 100€. Nun lässt sich Windows 7 nicht mehr Hochfahren.
Bevor ich euch gefunden habe, habe ich eine Systemwiederherstellung durchgeführt. Win 7 fährt wieder danach hoch, aber bin mir sicher, dass der Rechner noch infiziert ist.

Habe mir auf meinem Laptop folgende Programme runtergeladen (Frst64, OTL, Defogger und GMER) und habe sie dann via USB-Stick auf Descktop gezogen.

Folgende Logfiles sind schon vorhanden und durchgefürt:
-FRST.txt
-defogger_disable.log
-OTL.txt
-EXTRAS.txt
-Gmer.txt


Ich hoffe sehr ihr könnt mir helfen meinen Rechner zu befreien.
Ich bedanke mich im Voraaus für eure Mühe und Hilfsberetschaft.

LG
Houshmand

Alt 16.05.2013, 16:19   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 16.05.2013, 16:44   #3
Houshmand
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Hallo,
vielen Dank für die schnelle Rückmeldung.
Malwarebytes ist fündig geworden. Bei allen anderen kann ich nicht erkennen ob eine Infizierung vorliegt. Ich kenne mich leider damit nicht aus.
Wenn du es für richtig hälst, schicke ich sie dir.
Aber erstmal logfile von Malwarebytes:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.16.06

Windows 7 Service Pack 1 x64 FAT32
Internet Explorer 10.0.9200.16540
Ramin :: RAMIN-PC [Administrator]

Schutz: Aktiviert

16.05.2013 20:25:33
MBAM-log-2013-05-16 (20-33-16).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 227558
Laufzeit: 6 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Ramin\AppData\Local\Temp\L3dOkBHE.exe.part (Trojan.FakeAlert) -> Keine Aktion durchgeführt.

(Ende)
         
Danke
Houshmand
__________________

Alt 16.05.2013, 17:01   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.05.2013, 19:07   #5
Houshmand
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Code:
ATTFilter
OTL logfile created on: 16.05.2013 22:58:34 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ramin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 80,69% Memory free
15,96 Gb Paging File | 13,42 Gb Available in Paging File | 84,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,71 Gb Total Space | 839,06 Gb Free Space | 91,33% Space Free | Partition Type: NTFS
 
Computer Name: RAMIN-PC | User Name: Ramin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ramin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (vToolbarUpdater14.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()
SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (LVPrcS64) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\drivers\ss_mdm.sys (MCCI Corporation)
DRV:64bit: - (ss_bus) -- C:\Windows\SysNative\drivers\ss_bus.sys (MCCI Corporation)
DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\drivers\ss_mdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={5A0851DD-5008-499C-8FA4-0C5B3D0E1CE8}&mid=258cd79f5fe147d198e805f79f71b07a-923b70218b06e37ef0e1ff6913dafe87bf528edc&lang=de&ds=AVG&pr=pr&d=2012-03-09 13:34:29&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:14.2.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.14 22:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.10 13:31:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2013.05.16 16:47:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 20:17:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.16 16:41:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.10 13:31:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 20:17:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.16 16:41:24 | 000,000,000 | ---D | M]
 
[2012.03.09 15:38:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ramin\AppData\Roaming\mozilla\Extensions
[2012.10.25 08:22:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ramin\AppData\Roaming\mozilla\Firefox\Profiles\qanjj3gk.default\extensions
[2013.04.15 20:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.14 22:59:26 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.2.0.1
[2013.04.15 20:17:26 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.14 22:59:27 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.09.11 09:49:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08217365-C02E-466C-AA83-54BAA48E15B8}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAD85BA9-1DD7-4949-99CE-A702F9E0A694}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.16 20:24:45 | 000,000,000 | ---D | C] -- C:\Users\Ramin\AppData\Roaming\Malwarebytes
[2013.05.16 20:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.05.16 20:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.16 20:24:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.05.16 20:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.05.16 20:24:23 | 000,000,000 | ---D | C] -- C:\Users\Ramin\AppData\Local\Programs
[2013.05.16 20:24:04 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Ramin\Desktop\mbam-setup-1.75.0.1300.exe
[2013.05.16 19:03:21 | 000,000,000 | ---D | C] -- C:\FRST
[2013.05.16 18:22:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ramin\Desktop\OTL.exe
[2013.05.16 16:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.05.16 10:54:41 | 000,128,000 | ---- | C] (Hilgraeve, Inc.) -- C:\ProgramData\hr0lo.dat
[2013.05.06 16:39:28 | 000,000,000 | ---D | C] -- C:\Users\Ramin\Desktop\ROTOCONSULTA_PDF.rtfd
[2013.04.29 07:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.16 22:38:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.16 22:37:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.16 20:36:51 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.16 20:36:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.16 20:36:39 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.16 20:36:39 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.16 20:36:39 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.16 20:36:39 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.16 20:36:38 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.16 20:24:39 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.16 20:24:14 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Ramin\Desktop\mbam-setup-1.75.0.1300.exe
[2013.05.16 19:16:44 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.16 19:16:44 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.16 19:09:25 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013.05.16 19:09:19 | 648,425,393 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.05.16 19:09:19 | 2133,684,223 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.16 18:32:17 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013.05.16 18:22:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ramin\Desktop\OTL.exe
[2013.05.16 18:19:17 | 000,000,000 | ---- | M] () -- C:\Users\Ramin\defogger_reenable
[2013.05.16 16:47:46 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2013.05.16 16:41:34 | 119,828,980 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2013.05.16 16:41:25 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013.05.16 14:42:16 | 000,377,856 | ---- | M] () -- C:\Users\Ramin\Desktop\gmer_2.1.19163.exe
[2013.05.16 14:15:10 | 000,050,477 | ---- | M] () -- C:\Users\Ramin\Desktop\Defogger.exe
[2013.05.16 11:02:09 | 095,023,320 | ---- | M] () -- C:\ProgramData\ol0rh.pad
[2013.05.16 10:54:41 | 000,128,000 | ---- | M] (Hilgraeve, Inc.) -- C:\ProgramData\hr0lo.dat
[2013.05.08 22:32:58 | 008,274,797 | ---- | M] () -- C:\Users\Ramin\Desktop\Simple-Sixpack.pdf
[2013.05.08 14:25:50 | 000,285,752 | ---- | M] () -- C:\Users\Ramin\Desktop\Transition piece 01.pdf
[2013.05.06 10:19:59 | 000,108,273 | ---- | M] () -- C:\Users\Ramin\Desktop\1.jpg
[2013.05.05 16:22:48 | 000,424,153 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2013.05.02 05:06:05 | 000,060,884 | ---- | M] () -- C:\Users\Ramin\Documents\RTJ -flange.jpg
 
========== Files Created - No Company Name ==========
 
[2013.05.16 20:24:39 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.16 18:45:14 | 000,050,477 | ---- | C] () -- C:\Users\Ramin\Desktop\Defogger.exe
[2013.05.16 18:43:57 | 000,377,856 | ---- | C] () -- C:\Users\Ramin\Desktop\gmer_2.1.19163.exe
[2013.05.16 18:16:26 | 000,000,000 | ---- | C] () -- C:\Users\Ramin\defogger_reenable
[2013.05.16 10:54:41 | 095,023,320 | ---- | C] () -- C:\ProgramData\ol0rh.pad
[2013.05.08 22:32:56 | 008,274,797 | ---- | C] () -- C:\Users\Ramin\Desktop\Simple-Sixpack.pdf
[2013.05.08 14:25:50 | 000,285,752 | ---- | C] () -- C:\Users\Ramin\Desktop\Transition piece 01.pdf
[2013.05.06 10:19:59 | 000,108,273 | ---- | C] () -- C:\Users\Ramin\Desktop\1.jpg
[2013.05.02 05:06:05 | 000,060,884 | ---- | C] () -- C:\Users\Ramin\Documents\RTJ -flange.jpg
[2012.12.03 12:48:44 | 000,622,934 | ---- | C] () -- C:\Users\Ramin\Page_2.jpg
[2012.12.03 12:48:44 | 000,621,218 | ---- | C] () -- C:\Users\Ramin\Page_4.jpg
[2012.12.03 12:48:44 | 000,502,709 | ---- | C] () -- C:\Users\Ramin\Page_3.jpg
[2012.05.15 08:39:40 | 001,577,750 | ---- | C] () -- C:\Users\Ramin\IMG_1842.jpg
[2012.05.15 08:39:40 | 001,294,768 | ---- | C] () -- C:\Users\Ramin\IMG_1846.jpg
[2012.05.15 08:39:40 | 001,275,518 | ---- | C] () -- C:\Users\Ramin\IMG_1844.jpg
[2012.05.15 08:39:40 | 001,262,471 | ---- | C] () -- C:\Users\Ramin\IMG_1843.jpg
[2012.03.19 16:54:16 | 000,081,408 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2012.03.13 15:01:18 | 000,007,057 | ---- | C] () -- C:\Users\Ramin\AppData\Roaming\e120300059.prf
[2012.03.13 15:01:13 | 000,000,417 | ---- | C] () -- C:\Users\Ramin\AppData\Roaming\redirect.xml
[2012.03.10 13:29:26 | 000,245,255 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.03.10 13:29:26 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.02.24 18:48:24 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.02.24 10:03:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.06.29 01:32:24 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.02.03 19:33:31 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.02.03 19:33:31 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013.04.02 20:22:56 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\Avery
[2012.03.09 14:34:37 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\AVG2012
[2012.03.19 16:54:24 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\CAD-KAS
[2012.05.06 13:24:36 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\Leadertech
[2013.02.24 10:19:20 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\Spotify
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2013.01.20 22:27:16 | 000,020,400 | ---- | M] ()(C:\Users\Ramin\Desktop\?? ???? ???? ???? ????? ???? ???.docx) -- C:\Users\Ramin\Desktop\با سلام خدمت دوست عزیزم امیر جان.docx
[2013.01.20 22:27:16 | 000,020,400 | ---- | C] ()(C:\Users\Ramin\Desktop\?? ???? ???? ???? ????? ???? ???.docx) -- C:\Users\Ramin\Desktop\با سلام خدمت دوست عزیزم امیر جان.docx

< End of report >
         




Code:
ATTFilter
OTL Extras logfile created on: 16.05.2013 22:58:34 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ramin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 80,69% Memory free
15,96 Gb Paging File | 13,42 Gb Available in Paging File | 84,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,71 Gb Total Space | 839,06 Gb Free Space | 91,33% Space Free | Partition Type: NTFS
 
Computer Name: RAMIN-PC | User Name: Ramin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1275714784-1295010817-233862344-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [+ Add to separate archive(s)] -- "C:\Program Files (x86)\PeaZip\PEAZIP.EXE" "-add2archive" "%1" (Giorgio Tani)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [+ Add to separate archive(s)] -- "C:\Program Files (x86)\PeaZip\PEAZIP.EXE" "-add2archive" "%1" (Giorgio Tani)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016F2585-84FE-4B89-8F34-8DB507FCF296}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{04E9EAFE-6A75-4D3F-9F4C-E0453AA65115}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{088F3D63-C919-4912-A724-499565BE140B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{10077B1E-F3D6-43BA-B838-51771EE677B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{149E70E3-E5C4-4EAA-9D41-4A0A320DDF58}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3B6464D1-78A8-447F-BB9E-EFA77F2D8EA5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{3D516E32-9C75-47D4-AC20-8C854F0F77BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{42E836DC-5D59-4A88-9595-899782DDAFAE}" = rport=139 | protocol=6 | dir=out | app=system | 
"{439EE0F0-1C60-4D4E-8DB7-2B249F0D4B90}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{4C58101D-84FF-48CC-9CA6-52DCCE1579BF}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5F666350-1B8D-4F3E-9A15-1A4BDE0149BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{647EEE0B-FAF9-449B-8739-1664C86D78D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7DBAB101-A0D1-455F-8640-E090D7334107}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{942E665B-A60A-4B91-A431-D7B55F4791B4}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9D6ED79E-D09D-4C61-AC20-DBAD9CD7283B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{C5322A45-3A9A-43C9-B485-927C5868DA89}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C7D29C5E-0B00-4687-9355-DD5FFADC4BC4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D24B15C7-BB56-4D15-B235-81E40E9A4780}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{D30DB36C-C07B-421B-9CB1-3C0710F34157}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{DBE6BC3F-B493-4831-9CA2-8398793E3FAE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DC09210D-AC54-43C8-A9F8-5EF72A8762F5}" = lport=138 | protocol=17 | dir=in | app=system | 
"{DCB16E2F-8BAC-47EE-BC47-940721E355DA}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{E0E9B3C6-BA4D-49F7-B040-EE555DAA66D9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E192DA1D-A888-4C21-89BA-BE36BD263695}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E54C8B6A-B574-465D-85F0-D768254D81B8}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F496DBC7-4007-474D-97A0-0FF5DE66F557}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C1F17C-25B3-46E5-BB9A-089622B5A4F9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{087AF494-A455-41A0-B2BF-24967BF4C6BA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{0BE48113-7FDB-40A0-9831-BED7769BE7E0}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | 
"{0E4C1882-393F-459D-B2FE-FD3654F0FB68}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{0F773C82-D227-4F14-B201-0A4537C493ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{108F8670-7D7F-4296-AA38-D755C7250F28}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{10FD0457-A293-4DFE-A90C-0D53BBE58624}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{12BFE582-B50A-4C8A-A08A-AFA57FB76A81}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1308709E-738D-4FCE-BA0F-4C19A1139792}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{139E3BA5-DE27-4F7A-A7CD-340758FE8B4F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{14D5BC0B-C314-4A00-BD83-C1B34DD16E08}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{170F6318-D7CF-459B-9974-D3F6408CE495}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{1791D8D5-2858-4F23-BD8B-7FD981454B78}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{19AC00FE-945E-4DA3-82BA-2535A4012C77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{1B586527-5237-414A-BAA2-268BEAA55E00}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{1B8B727C-DB42-4642-97DA-3F456767B310}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{20017D42-DE20-4D18-8A0C-7031F28CCBFA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{24C1737E-503B-496C-B2C1-4AE25E7DAED3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{2B580F1A-6119-432D-AF30-851B0161EC6E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{2EE81236-2427-41C8-8C98-2E1594258990}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{2F2BA672-2177-4CCB-A824-EA1CE04930AF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2FE30045-9193-468E-BE6E-EC9115BA4520}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{3776577B-CF6C-4285-AD6F-55E30E513507}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{38E64D63-35BE-41AF-8D0F-62EF09ACC189}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{4C4FA2AE-81DF-4B48-87F7-13BEAEC4AB3E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4D689577-C151-4DCA-B7F8-22129707283A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{4E0FCA56-3F46-47A8-BEA1-0EAFC32B7152}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{500A1297-4D3E-492F-BD48-96F4B279E10B}" = protocol=6 | dir=out | app=system | 
"{5025366B-D70A-4B66-8162-2F1141D060D1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{5978C63C-47B4-4B42-909D-A3192AE8CB9F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6561D666-31E2-4DA4-AC8B-DD42B91828DF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{6F605829-6478-4585-9738-0B577623AF0C}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{77226B0D-2754-469F-96AE-6E9C02C52BFE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{788063B8-33BB-4973-8ADE-0F84381318D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7E06C933-34D1-44B0-93AE-B1B71916270C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{7F28CE70-E8D6-4F3A-9501-B047BC44FC8F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{845DEBC6-D2AD-46AE-94BE-266A46077762}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{85A870D8-1B4C-41CA-96EB-F0007A20F142}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{868C5ADF-E5CF-4831-885D-6DFEE7AA3BE5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{87621621-20E2-4E93-BD17-9765D8020A69}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{94E66AC2-F8EA-4E56-85A6-52B856FF630B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"{A2C724A9-83DE-4C25-B5A7-3D0C4CB4630D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A4657C4F-E3EA-4A20-A9E4-E592080501BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A96E8BAA-1F51-4CB8-8953-3243DEAE699B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{AF10FDB2-6C0C-4B49-80D9-553BDFEE95A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | 
"{AFFDC0FC-EFBA-423F-BD44-E1CEA7DC68C6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B9E9A863-A489-4DAA-B4C1-2BE5979D5316}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{BACC5A21-6186-41B7-B128-08DBCC49E0FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{BD835470-5F54-403C-9600-F11244721C00}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | 
"{BDC852EF-4F5F-4F83-9AF5-CEC681A8453A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{C56AE811-4DC7-4300-8569-8EDAAD65BB5E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{CB221C3E-CCD8-4D6D-B5A9-A27DFEF2DAC0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{CBA77567-B5F0-43A7-AFD5-5E08ED42F320}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{D1B05C68-AE00-4661-B3E3-D3F57205D7B7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{D9CEB3E8-7CAC-4A90-AD20-E911D362E4CC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{DD011AEB-2A80-493E-A8AA-DF938AECF0EC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{E5F03D44-BCB7-479F-AB43-2B6231975555}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | 
"{E8994A1D-8169-4D72-B986-7D4D6AA0AF97}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{EC863A98-C6F9-4B4C-BA07-DE0AB58CA6A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{ECB03963-4F8D-46F7-A2DA-5C7938D7C804}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{ECD4ABA6-B5D6-471F-802C-47AB1DB855AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EDBAFB81-50BF-4E01-93BB-ACE168144F6F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{EEC9F273-D0A6-4577-BC2D-B5F641A8D01C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F04E99A6-9F1B-4012-B6FD-7A9B9E8D9221}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | 
"{F1E187A5-12EA-46CD-8613-2DC5FBFFB3E9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{F4582078-0702-48E5-B1F7-5C14730606B3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{FB93B67F-24DE-4BFC-9896-4DD5BCD1D47A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | 
"{FEA9A1B0-519E-4C83-9C00-DD2E743C1D80}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{094A1E1C-F6F9-9BC1-4F0D-8EC94A9F118D}" = ccc-utility64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{262325FE-E6AA-7D56-9071-453A374086C9}" = ATI AVIVO64 Codecs
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{41410F2F-118B-4641-BDA9-47C3CEDE8A6A}" = AVG 2012
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{82AB13D7-BDE1-D24C-B245-1A3F0C29022C}" = ATI Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}" = AVG 2012
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2012
"Dell Support Center" = Dell Support Center
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00082694-C740-753D-0E17-FAB8B7DFF52F}" = CCC Help Thai
"{066EA6E0-1152-714C-F2B3-10457072F542}" = CCC Help Czech
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12F9B590-7ED9-6ED7-B41E-CB69E4147A7B}" = Catalyst Control Center Localization All
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19DD3392-63F3-5F8B-BAFE-EF362F797E9E}" = CCC Help Hungarian
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E98D5E9-1E56-CE9B-4198-24D185F71B8C}" = CCC Help Polish
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2B9F83AE-EA8C-7FFB-6BA3-A81BCA9AE4DC}" = CCC Help Japanese
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{382F1842-0E6C-4782-B920-D96ED5165F03}" = Catalyst Control Center - Branding
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{458039D4-0096-9DCF-A752-70D02227F616}" = CCC Help Italian
"{46ABF416-F6DC-C213-0356-E52C0C751E03}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50218CA0-C05D-C4CE-035C-27A735750666}" = Catalyst Control Center
"{52FBC497-0796-D089-BBE1-1C0642678E8C}" = CCC Help Danish
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5DFC378F-28C5-A5B7-0798-2E2A1D60EC28}" = CCC Help Spanish
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B818622-DB95-B03F-E081-2796BBFA150C}" = CCC Help Chinese Standard
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D01A923-5A28-53ED-EB3C-FB6C8D80964B}" = CCC Help English
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90FA9C66-5810-AE21-8598-704E8C299DE6}" = CCC Help Korean
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{975C9422-4A8E-82DE-238D-604778B4B431}" = CCC Help Finnish
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A3A529DA-F910-6768-EF19-A795C26FE102}" = CCC Help Chinese Traditional
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B9AB5A97-9C85-B607-B61B-90C129BC2C6F}" = CCC Help Dutch
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE6505D6-9355-D51A-D36E-85E51AD89554}" = CCC Help Greek
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC1D9CCB-B4E6-1575-14AE-BF0F7774A6C8}" = CCC Help French
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2DB85DC-6582-251E-FA93-EB2CF6870EF1}" = CCC Help Portuguese
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D571FEBA-938F-BCCF-FC0C-8BA4E9C06D83}" = CCC Help Norwegian
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DCC41203-3F8B-9C4D-19E6-59B72E4FFB5F}" = CCC Help Russian
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECE8F1BD-62BA-A6BB-D351-2980ECE35976}" = CCC Help German
"{ED2DFB39-FED4-83A9-92B0-EDF04CD27D2B}" = Catalyst Control Center InstallProxy
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0E84DC-7A7F-9A73-9632-0F00FC89C421}" = CCC Help Turkish
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG Secure Search" = AVG Security Toolbar
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PDF Editor 3" = PDF Editor 3
"PeaZip_is1" = PeaZip 2.2
"Sweet Home 3D_is1" = Sweet Home 3D version 3.5
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1275714784-1295010817-233862344-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 18.12.2012 04:34:49 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.12.2012 16:27:46 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 19.12.2012 03:32:58 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.12.2012 04:30:06 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.12.2012 11:54:01 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.12.2012 17:33:21 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.12.2012 05:01:27 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.12.2012 04:35:21 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.12.2012 14:42:48 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.12.2012 06:31:58 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 16.05.2013 10:57:24 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
 
Error - 16.05.2013 10:57:25 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
 
Error - 16.05.2013 10:58:40 | Computer Name = Ramin-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 16.05.2013 12:11:06 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 16.05.2013 12:11:07 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 16.05.2013 12:11:07 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 16.05.2013 12:11:08 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 16.05.2013 12:11:08 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 16.05.2013 12:53:40 | Computer Name = Ramin-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 16.05.2013 13:09:24 | Computer Name = Ramin-PC | Source = BugCheck | ID = 1001
Description = 
 
 
< End of report >
         


Alt 16.05.2013, 22:09   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> BKA - Paysafe Virus, Windows 7 gesperrt

Alt 17.05.2013, 09:18   #7
Houshmand
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Code:
ATTFilter
ComboFix 13-05-16.02 - Ramin 17.05.2013   9:05.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8174.5945 [GMT 2:00]
ausgeführt von:: c:\users\Ramin\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\hr0lo.dat
c:\programdata\ol0rh.pad
c:\users\Ramin\AppData\Roaming\e120300059.prf
c:\users\Ramin\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Ramin\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-17 bis 2013-05-17  ))))))))))))))))))))))))))))))
.
.
2013-05-17 07:08 . 2013-05-17 07:08	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-16 18:24 . 2013-05-16 18:24	--------	d-----w-	c:\users\Ramin\AppData\Roaming\Malwarebytes
2013-05-16 18:24 . 2013-05-16 18:24	--------	d-----w-	c:\programdata\Malwarebytes
2013-05-16 18:24 . 2013-05-16 18:24	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-16 18:24 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-05-16 18:24 . 2013-05-16 18:24	--------	d-----w-	c:\users\Ramin\AppData\Local\Programs
2013-05-16 17:03 . 2013-05-16 17:03	--------	d-----w-	C:\FRST
2013-05-16 14:46 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 14:46 . 2013-04-10 06:01	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 14:46 . 2011-02-03 11:25	144384	----a-w-	c:\windows\system32\cdd.dll
2013-05-16 14:45 . 2013-02-27 05:52	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-05-16 14:45 . 2013-02-27 05:52	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-05-16 14:45 . 2013-02-27 05:48	1930752	----a-w-	c:\windows\system32\authui.dll
2013-05-16 14:45 . 2013-02-27 06:02	111448	----a-w-	c:\windows\system32\consent.exe
2013-05-16 14:45 . 2013-02-27 04:49	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2013-05-16 14:45 . 2013-02-27 05:47	70144	----a-w-	c:\windows\system32\appinfo.dll
2013-05-16 14:45 . 2013-03-19 05:53	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-05-16 14:45 . 2013-03-19 05:53	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-05-16 14:45 . 2013-04-10 03:30	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-05-10 07:57 . 2013-05-10 07:57	187456	----a-w-	c:\program files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
2013-04-29 05:27 . 2013-04-29 05:27	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-04-23 17:55 . 2013-04-12 14:45	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 06:56 . 2010-06-24 11:33	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-16 18:37 . 2012-03-10 10:08	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-16 18:36 . 2012-03-31 09:42	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 18:36 . 2012-02-24 09:08	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-13 05:49 . 2013-05-16 14:46	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 14:46	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 14:46	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 14:46	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 14:46	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 14:46	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-11 01:18 . 2013-04-11 01:18	384800	----a-w-	c:\windows\system32\drivers\avgtdia.sys
2013-03-19 06:04 . 2013-04-10 09:43	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 09:43	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 09:43	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 09:43	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 09:43	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 09:43	112640	----a-w-	c:\windows\system32\smss.exe
2013-03-15 20:38 . 2013-03-15 20:38	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-15 20:38 . 2013-03-15 20:38	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-03-15 20:38 . 2013-03-15 20:38	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-03-15 20:38 . 2013-03-15 20:38	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-03-15 20:38 . 2013-03-15 20:38	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-03-15 20:38 . 2013-03-15 20:38	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-03-15 20:38 . 2013-03-15 20:38	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-03-15 20:38 . 2013-03-15 20:38	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-03-15 20:38 . 2013-03-15 20:38	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-03-15 20:38 . 2013-03-15 20:38	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-03-15 20:38 . 2013-03-15 20:38	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-03-15 20:38 . 2013-03-15 20:38	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-03-15 20:38 . 2013-03-15 20:38	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-03-15 20:38 . 2013-03-15 20:38	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-03-15 20:38 . 2013-03-15 20:38	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-03-15 20:38 . 2013-03-15 20:38	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-15 20:38 . 2013-03-15 20:38	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-03-15 20:38 . 2013-03-15 20:38	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-03-15 20:38 . 2013-03-15 20:38	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-03-15 20:38 . 2013-03-15 20:38	81408	----a-w-	c:\windows\system32\icardie.dll
2013-03-15 20:38 . 2013-03-15 20:38	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-03-15 20:38 . 2013-03-15 20:38	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-03-15 20:38 . 2013-03-15 20:38	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-03-15 20:38 . 2013-03-15 20:38	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-03-15 20:38 . 2013-03-15 20:38	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-03-15 20:38 . 2013-03-15 20:38	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-03-15 20:38 . 2013-03-15 20:38	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-03-15 20:38 . 2013-03-15 20:38	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-03-15 20:38 . 2013-03-15 20:38	441856	----a-w-	c:\windows\system32\html.iec
2013-03-15 20:38 . 2013-03-15 20:38	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-03-15 20:38 . 2013-03-15 20:38	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-03-15 20:38 . 2013-03-15 20:38	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-03-15 20:38 . 2013-03-15 20:38	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-03-15 20:38 . 2013-03-15 20:38	235008	----a-w-	c:\windows\system32\url.dll
2013-03-15 20:38 . 2013-03-15 20:38	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-03-15 20:38 . 2013-03-15 20:38	216064	----a-w-	c:\windows\system32\msls31.dll
2013-03-15 20:38 . 2013-03-15 20:38	197120	----a-w-	c:\windows\system32\msrating.dll
2013-03-15 20:38 . 2013-03-15 20:38	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-03-15 20:38 . 2013-03-15 20:38	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-03-15 20:38 . 2013-03-15 20:38	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-03-15 20:38 . 2013-03-15 20:38	149504	----a-w-	c:\windows\system32\occache.dll
2013-03-15 20:38 . 2013-03-15 20:38	144896	----a-w-	c:\windows\system32\wextract.exe
2013-03-15 20:38 . 2013-03-15 20:38	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-03-15 20:38 . 2013-03-15 20:38	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-03-15 20:38 . 2013-03-15 20:38	13824	----a-w-	c:\windows\system32\mshta.exe
2013-03-15 20:38 . 2013-03-15 20:38	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-03-15 20:38 . 2013-03-15 20:38	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-03-15 20:38 . 2013-03-15 20:38	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-03-15 20:38 . 2013-03-15 20:38	102912	----a-w-	c:\windows\system32\inseng.dll
2013-03-05 06:58 . 2013-03-05 06:58	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-05 06:57 . 2012-03-25 13:17	861088	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-03-05 06:57 . 2012-02-24 09:19	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-14 20:59	1929392	----a-w-	c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-14 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-28 336384]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-05-10 37960]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-02-14 1151152]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
R3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-12-14 25072]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-04-11 384800]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-14 39768]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-10 204288]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-12-05 2321560]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-14 968880]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-08-10 231440]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:36]
.
2012-03-09 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
2013-05-17 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files (x86)\AVG Secure Search\PostInstall\ROC.exe [2013-01-24 19:30]
.
2013-05-16 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2011-12-14 04:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Ramin\AppData\Roaming\Mozilla\Firefox\Profiles\qanjj3gk.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2012-03-10 12:31; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-17  09:10:46
ComboFix-quarantined-files.txt  2013-05-17 07:10
.
Vor Suchlauf: 12 Verzeichnis(se), 901.871.988.736 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 909.498.376.192 Bytes frei
.
- - End Of File - - 9331AEF81E1D457F6FE2E8553C59D9A8
         
herzlichen Dank

Alt 17.05.2013, 11:50   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Zitat:
Microsoft Windows 7 Professional
Warum hast du eine Professional-Edition von Windows, brauchst du das als Heimanwender?
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.05.2013, 15:28   #9
Houshmand
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Das sollte zuerst ein Firmen-PC werden. Dann habe ich das doch für Zuhasuse genommen.
Also das ist kein Firmen-PC oder Uni-Rechner.

Alt 17.05.2013, 16:04   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Ok, danke für die Erklärung

Rootkitscan mit GMER

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.


Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.05.2013, 01:39   #11
Houshmand
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Danke für die schnelle Hilfe.

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-17 20:47:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST310005 rev.JC4A 931,51GB
Running: y6epvsr2.exe; Driver: C:\Users\Ramin\AppData\Local\Temp\pglorpod.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\AVG\AVG2012\avgfws.exe[1792] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69        0000000075411465 2 bytes [41, 75]
.text  C:\Program Files (x86)\AVG\AVG2012\avgfws.exe[1792] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155       00000000754114bb 2 bytes [41, 75]
.text  ...                                                                                                                * 2
.text  C:\Program Files (x86)\AVG Secure Search\vprot.exe[4004] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69   0000000075411465 2 bytes [41, 75]
.text  C:\Program Files (x86)\AVG Secure Search\vprot.exe[4004] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155  00000000754114bb 2 bytes [41, 75]
.text  ...                                                                                                                * 2

---- EOF - GMER 2.1 ----
         
1. Scann

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.17.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Ramin :: RAMIN-PC [administrator]

17.05.2013 21:00:05
mbar-log-2013-05-17 (21-00-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 29389
Time elapsed: 7 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Beim Neustart ist Win abgestürtz. Fast 8-9 Stunden hat PC nicht reagiert und in der Anfangphase stehengeblieben.
Ich musste das System neustarten.
Danach 2. Scann

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.17.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Ramin :: RAMIN-PC [administrator]

17.05.2013 23:27:22
mbar-log-2013-05-17 (23-27-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 29375
Time elapsed: 12 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Vielen Dank

Alt 18.05.2013, 02:19   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.05.2013, 11:23   #13
Houshmand
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Vielen Dank für die Anweisung,
AVAST ist abgestürtzt der Vorgang wurde abgebrochen.
unter AV Scan die Einstellung (none) gewählt.

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-18 10:56:19
-----------------------------
10:56:19.902    OS Version: Windows x64 6.1.7601 Service Pack 1
10:56:19.902    Number of processors: 4 586 0x2A07
10:56:19.903    ComputerName: RAMIN-PC  UserName: Ramin
10:56:33.810    Initialize success
10:56:40.792    AVAST engine defs: 13051701
10:57:19.205    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:57:19.206    Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
10:57:19.348    Disk 0 MBR read successfully
10:57:19.350    Disk 0 MBR scan
10:57:19.354    Disk 0 Windows VISTA default MBR code
10:57:19.413    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63
10:57:19.449    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        13068 MB offset 81920
10:57:19.502    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       940760 MB offset 26845184
10:57:19.586    Disk 0 scanning C:\Windows\system32\drivers
10:57:37.302    Service scanning
10:57:54.353    Modules scanning
10:57:54.361    Disk 0 trace - called modules:
10:57:54.385    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
10:57:54.391    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009d13060]
10:57:54.396    3 CLASSPNP.SYS[fffff88000c0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007496050]
10:57:54.401    Scan finished successfully
10:58:20.951    Disk 0 MBR has been saved successfully to "C:\Users\Ramin\Desktop\MBR.dat"
10:58:20.954    The log file has been saved successfully to "C:\Users\Ramin\Desktop\aswMBR.txt"
         
TDSS-Killer ausgeführt

Code:
ATTFilter
11:14:20.0628 6272  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:14:21.0881 6272  ============================================================
11:14:21.0881 6272  Current date / time: 2013/05/18 11:14:21.0881
11:14:21.0881 6272  SystemInfo:
11:14:21.0881 6272  
11:14:21.0881 6272  OS Version: 6.1.7601 ServicePack: 1.0
11:14:21.0881 6272  Product type: Workstation
11:14:21.0881 6272  ComputerName: RAMIN-PC
11:14:21.0881 6272  UserName: Ramin
11:14:21.0881 6272  Windows directory: C:\Windows
11:14:21.0881 6272  System windows directory: C:\Windows
11:14:21.0881 6272  Running under WOW64
11:14:21.0881 6272  Processor architecture: Intel x64
11:14:21.0882 6272  Number of processors: 4
11:14:21.0882 6272  Page size: 0x1000
11:14:21.0882 6272  Boot type: Normal boot
11:14:21.0882 6272  ============================================================
11:14:22.0426 6272  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:14:22.0440 6272  Drive \Device\Harddisk1\DR1 - Size: 0x393180000 (14.30 Gb), SectorSize: 0x200, Cylinders: 0x74A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:14:22.0453 6272  ============================================================
11:14:22.0453 6272  \Device\Harddisk0\DR0:
11:14:22.0453 6272  MBR partitions:
11:14:22.0453 6272  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1986000
11:14:22.0453 6272  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x199A000, BlocksNum 0x72D6C000
11:14:22.0453 6272  \Device\Harddisk1\DR1:
11:14:22.0454 6272  MBR partitions:
11:14:22.0454 6272  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1C96C80
11:14:22.0454 6272  ============================================================
11:14:22.0496 6272  C: <-> \Device\Harddisk0\DR0\Partition2
11:14:22.0496 6272  ============================================================
11:14:22.0497 6272  Initialize success
11:14:22.0497 6272  ============================================================
11:14:45.0753 6360  ============================================================
11:14:45.0753 6360  Scan started
11:14:45.0753 6360  Mode: Manual; 
11:14:45.0753 6360  ============================================================
11:14:45.0958 6360  ================ Scan system memory ========================
11:14:45.0958 6360  System memory - ok
11:14:45.0958 6360  ================ Scan services =============================
11:14:46.0134 6360  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:14:46.0137 6360  1394ohci - ok
11:14:46.0161 6360  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:14:46.0193 6360  ACPI - ok
11:14:46.0208 6360  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:14:46.0209 6360  AcpiPmi - ok
11:14:46.0289 6360  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:14:46.0292 6360  AdobeARMservice - ok
11:14:46.0387 6360  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:14:46.0390 6360  AdobeFlashPlayerUpdateSvc - ok
11:14:46.0435 6360  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:14:46.0441 6360  adp94xx - ok
11:14:46.0455 6360  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:14:46.0459 6360  adpahci - ok
11:14:46.0477 6360  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:14:46.0480 6360  adpu320 - ok
11:14:46.0498 6360  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:14:46.0501 6360  AeLookupSvc - ok
11:14:46.0553 6360  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:14:46.0556 6360  AERTFilters - ok
11:14:46.0588 6360  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:14:46.0594 6360  AFD - ok
11:14:46.0608 6360  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:14:46.0610 6360  agp440 - ok
11:14:46.0636 6360  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:14:46.0638 6360  ALG - ok
11:14:46.0641 6360  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:14:46.0642 6360  aliide - ok
11:14:46.0674 6360  [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:14:46.0677 6360  AMD External Events Utility - ok
11:14:46.0682 6360  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:14:46.0683 6360  amdide - ok
11:14:46.0696 6360  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:14:46.0698 6360  AmdK8 - ok
11:14:46.0833 6360  [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:14:46.0978 6360  amdkmdag - ok
11:14:46.0999 6360  [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:14:47.0001 6360  amdkmdap - ok
11:14:47.0015 6360  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:14:47.0016 6360  AmdPPM - ok
11:14:47.0039 6360  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:14:47.0047 6360  amdsata - ok
11:14:47.0078 6360  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:14:47.0081 6360  amdsbs - ok
11:14:47.0092 6360  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:14:47.0094 6360  amdxata - ok
11:14:47.0119 6360  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:14:47.0121 6360  AppID - ok
11:14:47.0131 6360  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:14:47.0133 6360  AppIDSvc - ok
11:14:47.0168 6360  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:14:47.0170 6360  Appinfo - ok
11:14:47.0198 6360  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:14:47.0200 6360  AppMgmt - ok
11:14:47.0204 6360  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
11:14:47.0205 6360  arc - ok
11:14:47.0216 6360  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:14:47.0218 6360  arcsas - ok
11:14:47.0564 6360  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:14:47.0565 6360  aspnet_state - ok
11:14:47.0584 6360  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:14:47.0586 6360  AsyncMac - ok
11:14:47.0611 6360  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:14:47.0613 6360  atapi - ok
11:14:47.0666 6360  [ 96ABF88241F90FF647E55C934C55C2F1 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
11:14:47.0701 6360  athr - ok
11:14:47.0752 6360  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:14:47.0755 6360  AtiHDAudioService - ok
11:14:47.0772 6360  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:14:47.0780 6360  AudioEndpointBuilder - ok
11:14:47.0789 6360  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:14:47.0794 6360  AudioSrv - ok
11:14:47.0809 6360  [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
11:14:47.0811 6360  Avgfwfd - ok
11:14:47.0881 6360  [ 6C469E3CB15CF33AD3E757096E6C7026 ] avgfws          C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
11:14:47.0895 6360  avgfws - ok
11:14:48.0016 6360  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:14:48.0034 6360  AVGIDSAgent - ok
11:14:48.0068 6360  [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:14:48.0070 6360  AVGIDSDriver - ok
11:14:48.0088 6360  [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:14:48.0090 6360  AVGIDSFilter - ok
11:14:48.0123 6360  [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
11:14:48.0124 6360  AVGIDSHA - ok
11:14:48.0140 6360  [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
11:14:48.0144 6360  Avgldx64 - ok
11:14:48.0178 6360  [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
11:14:48.0180 6360  Avgmfx64 - ok
11:14:48.0201 6360  [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
11:14:48.0203 6360  Avgrkx64 - ok
11:14:48.0235 6360  [ A441A655D6D9DDDDBA11994530F84981 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
11:14:48.0240 6360  Avgtdia - ok
11:14:48.0273 6360  [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
11:14:48.0275 6360  avgtp - ok
11:14:48.0299 6360  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:14:48.0302 6360  avgwd - ok
11:14:48.0335 6360  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:14:48.0338 6360  AxInstSV - ok
11:14:48.0385 6360  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:14:48.0401 6360  b06bdrv - ok
11:14:48.0423 6360  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:14:48.0427 6360  b57nd60a - ok
11:14:48.0495 6360  [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
11:14:48.0497 6360  BBSvc - ok
11:14:48.0514 6360  [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
11:14:48.0516 6360  BBUpdate - ok
11:14:48.0528 6360  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:14:48.0531 6360  BDESVC - ok
11:14:48.0539 6360  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:14:48.0541 6360  Beep - ok
11:14:48.0572 6360  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:14:48.0580 6360  BFE - ok
11:14:48.0618 6360  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
11:14:48.0628 6360  BITS - ok
11:14:48.0641 6360  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:14:48.0643 6360  blbdrive - ok
11:14:48.0669 6360  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:14:48.0671 6360  bowser - ok
11:14:48.0675 6360  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:14:48.0676 6360  BrFiltLo - ok
11:14:48.0679 6360  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:14:48.0680 6360  BrFiltUp - ok
11:14:48.0721 6360  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:14:48.0723 6360  BridgeMP - ok
11:14:48.0758 6360  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:14:48.0760 6360  Browser - ok
11:14:48.0773 6360  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:14:48.0777 6360  Brserid - ok
11:14:48.0781 6360  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:14:48.0783 6360  BrSerWdm - ok
11:14:48.0786 6360  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:14:48.0787 6360  BrUsbMdm - ok
11:14:48.0791 6360  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:14:48.0792 6360  BrUsbSer - ok
11:14:48.0794 6360  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:14:48.0795 6360  BTHMODEM - ok
11:14:48.0819 6360  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:14:48.0821 6360  bthserv - ok
11:14:48.0832 6360  catchme - ok
11:14:48.0847 6360  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:14:48.0849 6360  cdfs - ok
11:14:48.0865 6360  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:14:48.0867 6360  cdrom - ok
11:14:48.0877 6360  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:14:48.0880 6360  CertPropSvc - ok
11:14:48.0893 6360  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
11:14:48.0895 6360  circlass - ok
11:14:48.0910 6360  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:14:48.0915 6360  CLFS - ok
11:14:48.0955 6360  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:14:48.0956 6360  clr_optimization_v2.0.50727_32 - ok
11:14:48.0978 6360  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:14:48.0980 6360  clr_optimization_v2.0.50727_64 - ok
11:14:49.0038 6360  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:14:49.0040 6360  clr_optimization_v4.0.30319_32 - ok
11:14:49.0068 6360  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:14:49.0070 6360  clr_optimization_v4.0.30319_64 - ok
11:14:49.0077 6360  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:14:49.0079 6360  CmBatt - ok
11:14:49.0083 6360  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:14:49.0084 6360  cmdide - ok
11:14:49.0127 6360  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:14:49.0132 6360  CNG - ok
11:14:49.0144 6360  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:14:49.0146 6360  Compbatt - ok
11:14:49.0155 6360  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:14:49.0156 6360  CompositeBus - ok
11:14:49.0160 6360  COMSysApp - ok
11:14:49.0203 6360  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:14:49.0205 6360  crcdisk - ok
11:14:49.0229 6360  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:14:49.0232 6360  CryptSvc - ok
11:14:49.0251 6360  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
11:14:49.0258 6360  CSC - ok
11:14:49.0280 6360  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
11:14:49.0314 6360  CscService - ok
11:14:49.0342 6360  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:14:49.0348 6360  DcomLaunch - ok
11:14:49.0382 6360  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:14:49.0386 6360  defragsvc - ok
11:14:49.0399 6360  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:14:49.0407 6360  DfsC - ok
11:14:49.0453 6360  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:14:49.0457 6360  Dhcp - ok
11:14:49.0469 6360  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:14:49.0470 6360  discache - ok
11:14:49.0474 6360  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
11:14:49.0476 6360  Disk - ok
11:14:49.0494 6360  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:14:49.0496 6360  dmvsc - ok
11:14:49.0524 6360  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:14:49.0527 6360  Dnscache - ok
11:14:49.0538 6360  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:14:49.0541 6360  dot3svc - ok
11:14:49.0581 6360  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:14:49.0584 6360  Dot4 - ok
11:14:49.0608 6360  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:14:49.0610 6360  Dot4Print - ok
11:14:49.0618 6360  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:14:49.0620 6360  dot4usb - ok
11:14:49.0625 6360  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:14:49.0627 6360  DPS - ok
11:14:49.0652 6360  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:14:49.0653 6360  drmkaud - ok
11:14:49.0688 6360  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:14:49.0698 6360  DXGKrnl - ok
11:14:49.0711 6360  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:14:49.0714 6360  EapHost - ok
11:14:49.0775 6360  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:14:49.0835 6360  ebdrv - ok
11:14:49.0856 6360  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:14:49.0859 6360  EFS - ok
11:14:49.0918 6360  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:14:49.0926 6360  ehRecvr - ok
11:14:49.0939 6360  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:14:49.0942 6360  ehSched - ok
11:14:49.0965 6360  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:14:49.0972 6360  elxstor - ok
11:14:49.0975 6360  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:14:49.0976 6360  ErrDev - ok
11:14:50.0001 6360  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:14:50.0007 6360  EventSystem - ok
11:14:50.0013 6360  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:14:50.0015 6360  exfat - ok
11:14:50.0027 6360  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:14:50.0029 6360  fastfat - ok
11:14:50.0058 6360  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:14:50.0066 6360  Fax - ok
11:14:50.0070 6360  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
11:14:50.0071 6360  fdc - ok
11:14:50.0102 6360  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:14:50.0104 6360  fdPHost - ok
11:14:50.0108 6360  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:14:50.0109 6360  FDResPub - ok
11:14:50.0113 6360  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:14:50.0115 6360  FileInfo - ok
11:14:50.0127 6360  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:14:50.0129 6360  Filetrace - ok
11:14:50.0133 6360  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:14:50.0134 6360  flpydisk - ok
11:14:50.0148 6360  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:14:50.0151 6360  FltMgr - ok
11:14:50.0200 6360  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:14:50.0212 6360  FontCache - ok
11:14:50.0253 6360  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:14:50.0254 6360  FontCache3.0.0.0 - ok
11:14:50.0268 6360  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:14:50.0270 6360  FsDepends - ok
11:14:50.0292 6360  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:14:50.0294 6360  Fs_Rec - ok
11:14:50.0330 6360  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:14:50.0333 6360  fvevol - ok
11:14:50.0349 6360  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:14:50.0351 6360  gagp30kx - ok
11:14:50.0373 6360  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:14:50.0382 6360  gpsvc - ok
11:14:50.0395 6360  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:14:50.0396 6360  hcw85cir - ok
11:14:50.0415 6360  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:14:50.0417 6360  HDAudBus - ok
11:14:50.0430 6360  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:14:50.0432 6360  HidBatt - ok
11:14:50.0441 6360  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:14:50.0443 6360  HidBth - ok
11:14:50.0459 6360  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:14:50.0461 6360  HidIr - ok
11:14:50.0473 6360  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
11:14:50.0475 6360  hidserv - ok
11:14:50.0488 6360  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:14:50.0489 6360  HidUsb - ok
11:14:50.0499 6360  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:14:50.0502 6360  hkmsvc - ok
11:14:50.0540 6360  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:14:50.0543 6360  HomeGroupListener - ok
11:14:50.0560 6360  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:14:50.0564 6360  HomeGroupProvider - ok
11:14:50.0646 6360  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:14:50.0650 6360  hpqcxs08 - ok
11:14:50.0662 6360  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:14:50.0664 6360  hpqddsvc - ok
11:14:50.0669 6360  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:14:50.0671 6360  HpSAMD - ok
11:14:50.0704 6360  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:14:50.0715 6360  HPSLPSVC - ok
11:14:50.0756 6360  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:14:50.0765 6360  HTTP - ok
11:14:50.0776 6360  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:14:50.0777 6360  hwpolicy - ok
11:14:50.0795 6360  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:14:50.0797 6360  i8042prt - ok
11:14:50.0822 6360  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:14:50.0827 6360  iaStor - ok
11:14:50.0873 6360  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:14:50.0874 6360  IAStorDataMgrSvc - ok
11:14:50.0897 6360  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:14:50.0902 6360  iaStorV - ok
11:14:50.0958 6360  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:14:50.0965 6360  idsvc - ok
11:14:50.0983 6360  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:14:50.0984 6360  iirsp - ok
11:14:51.0018 6360  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:14:51.0027 6360  IKEEXT - ok
11:14:51.0074 6360  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:14:51.0118 6360  IntcAzAudAddService - ok
11:14:51.0168 6360  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:14:51.0172 6360  IntcDAud - ok
11:14:51.0186 6360  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:14:51.0188 6360  intelide - ok
11:14:51.0211 6360  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:14:51.0213 6360  intelppm - ok
11:14:51.0227 6360  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:14:51.0230 6360  IPBusEnum - ok
11:14:51.0243 6360  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:14:51.0245 6360  IpFilterDriver - ok
11:14:51.0292 6360  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:14:51.0300 6360  iphlpsvc - ok
11:14:51.0312 6360  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:14:51.0315 6360  IPMIDRV - ok
11:14:51.0319 6360  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:14:51.0321 6360  IPNAT - ok
11:14:51.0332 6360  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:14:51.0334 6360  IRENUM - ok
11:14:51.0347 6360  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:14:51.0349 6360  isapnp - ok
11:14:51.0366 6360  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:14:51.0369 6360  iScsiPrt - ok
11:14:51.0385 6360  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
11:14:51.0390 6360  k57nd60a - ok
11:14:51.0403 6360  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:14:51.0404 6360  kbdclass - ok
11:14:51.0416 6360  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:14:51.0418 6360  kbdhid - ok
11:14:51.0430 6360  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:14:51.0431 6360  KeyIso - ok
11:14:51.0472 6360  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:14:51.0475 6360  KSecDD - ok
11:14:51.0491 6360  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:14:51.0494 6360  KSecPkg - ok
11:14:51.0508 6360  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:14:51.0510 6360  ksthunk - ok
11:14:51.0525 6360  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:14:51.0529 6360  KtmRm - ok
11:14:51.0570 6360  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:14:51.0574 6360  LanmanServer - ok
11:14:51.0597 6360  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:14:51.0600 6360  LanmanWorkstation - ok
11:14:51.0626 6360  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:14:51.0628 6360  lltdio - ok
11:14:51.0643 6360  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:14:51.0647 6360  lltdsvc - ok
11:14:51.0661 6360  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:14:51.0663 6360  lmhosts - ok
11:14:51.0692 6360  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:14:51.0695 6360  LSI_FC - ok
11:14:51.0699 6360  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:14:51.0701 6360  LSI_SAS - ok
11:14:51.0711 6360  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:14:51.0713 6360  LSI_SAS2 - ok
11:14:51.0723 6360  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:14:51.0725 6360  LSI_SCSI - ok
11:14:51.0740 6360  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:14:51.0742 6360  luafv - ok
11:14:51.0790 6360  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:14:51.0798 6360  LVPr2M64 - ok
11:14:51.0825 6360  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:14:51.0826 6360  LVPr2Mon - ok
11:14:51.0885 6360  [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:14:51.0887 6360  LVPrcS64 - ok
11:14:51.0903 6360  [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
11:14:51.0907 6360  LVRS64 - ok
11:14:52.0006 6360  [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
11:14:52.0120 6360  LVUVC64 - ok
11:14:52.0155 6360  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:14:52.0157 6360  MBAMProtector - ok
11:14:52.0211 6360  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:14:52.0215 6360  MBAMScheduler - ok
11:14:52.0239 6360  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:14:52.0244 6360  MBAMService - ok
11:14:52.0263 6360  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:14:52.0266 6360  Mcx2Svc - ok
11:14:52.0282 6360  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:14:52.0284 6360  megasas - ok
11:14:52.0305 6360  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:14:52.0338 6360  MegaSR - ok
11:14:52.0368 6360  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:14:52.0370 6360  MEIx64 - ok
11:14:52.0421 6360  Microsoft SharePoint Workspace Audit Service - ok
11:14:52.0436 6360  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:14:52.0439 6360  MMCSS - ok
11:14:52.0443 6360  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:14:52.0444 6360  Modem - ok
11:14:52.0453 6360  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:14:52.0454 6360  monitor - ok
11:14:52.0474 6360  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:14:52.0476 6360  mouclass - ok
11:14:52.0483 6360  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:14:52.0485 6360  mouhid - ok
11:14:52.0495 6360  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:14:52.0497 6360  mountmgr - ok
11:14:52.0559 6360  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:14:52.0562 6360  MozillaMaintenance - ok
11:14:52.0577 6360  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:14:52.0580 6360  mpio - ok
11:14:52.0591 6360  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:14:52.0593 6360  mpsdrv - ok
11:14:52.0616 6360  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:14:52.0626 6360  MpsSvc - ok
11:14:52.0641 6360  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:14:52.0644 6360  MRxDAV - ok
11:14:52.0671 6360  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:14:52.0674 6360  mrxsmb - ok
11:14:52.0685 6360  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:14:52.0689 6360  mrxsmb10 - ok
11:14:52.0698 6360  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:14:52.0701 6360  mrxsmb20 - ok
11:14:52.0722 6360  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:14:52.0724 6360  msahci - ok
11:14:52.0736 6360  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:14:52.0738 6360  msdsm - ok
11:14:52.0753 6360  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:14:52.0756 6360  MSDTC - ok
11:14:52.0772 6360  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:14:52.0773 6360  Msfs - ok
11:14:52.0783 6360  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:14:52.0784 6360  mshidkmdf - ok
11:14:52.0793 6360  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:14:52.0795 6360  msisadrv - ok
11:14:52.0824 6360  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:14:52.0827 6360  MSiSCSI - ok
11:14:52.0830 6360  msiserver - ok
11:14:52.0850 6360  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:14:52.0852 6360  MSKSSRV - ok
11:14:52.0856 6360  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:14:52.0857 6360  MSPCLOCK - ok
11:14:52.0869 6360  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:14:52.0871 6360  MSPQM - ok
11:14:52.0890 6360  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:14:52.0895 6360  MsRPC - ok
11:14:52.0912 6360  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:14:52.0913 6360  mssmbios - ok
11:14:52.0923 6360  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:14:52.0924 6360  MSTEE - ok
11:14:52.0928 6360  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:14:52.0929 6360  MTConfig - ok
11:14:52.0938 6360  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:14:52.0940 6360  Mup - ok
11:14:52.0979 6360  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:14:52.0985 6360  napagent - ok
11:14:53.0003 6360  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:14:53.0007 6360  NativeWifiP - ok
11:14:53.0048 6360  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:14:53.0058 6360  NDIS - ok
11:14:53.0081 6360  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:14:53.0083 6360  NdisCap - ok
11:14:53.0093 6360  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:14:53.0095 6360  NdisTapi - ok
11:14:53.0108 6360  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:14:53.0110 6360  Ndisuio - ok
11:14:53.0125 6360  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:14:53.0128 6360  NdisWan - ok
11:14:53.0145 6360  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:14:53.0147 6360  NDProxy - ok
11:14:53.0199 6360  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:14:53.0201 6360  Net Driver HPZ12 - ok
11:14:53.0214 6360  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:14:53.0216 6360  NetBIOS - ok
11:14:53.0232 6360  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:14:53.0236 6360  NetBT - ok
11:14:53.0244 6360  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:14:53.0246 6360  Netlogon - ok
11:14:53.0261 6360  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:14:53.0267 6360  Netman - ok
11:14:53.0299 6360  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:14:53.0301 6360  NetMsmqActivator - ok
11:14:53.0306 6360  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:14:53.0308 6360  NetPipeActivator - ok
11:14:53.0330 6360  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:14:53.0337 6360  netprofm - ok
11:14:53.0342 6360  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:14:53.0344 6360  NetTcpActivator - ok
11:14:53.0347 6360  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:14:53.0349 6360  NetTcpPortSharing - ok
11:14:53.0373 6360  [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
11:14:53.0377 6360  netvsc - ok
11:14:53.0404 6360  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:14:53.0406 6360  nfrd960 - ok
11:14:53.0422 6360  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:14:53.0427 6360  NlaSvc - ok
11:14:53.0439 6360  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:14:53.0441 6360  Npfs - ok
11:14:53.0451 6360  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:14:53.0454 6360  nsi - ok
11:14:53.0466 6360  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:14:53.0468 6360  nsiproxy - ok
11:14:53.0529 6360  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:14:53.0563 6360  Ntfs - ok
11:14:53.0575 6360  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:14:53.0576 6360  Null - ok
11:14:53.0606 6360  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:14:53.0609 6360  nvraid - ok
11:14:53.0622 6360  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:14:53.0625 6360  nvstor - ok
11:14:53.0656 6360  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:14:53.0658 6360  nv_agp - ok
11:14:53.0667 6360  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:14:53.0669 6360  ohci1394 - ok
11:14:53.0745 6360  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:14:53.0748 6360  ose - ok
11:14:53.0886 6360  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:14:53.0963 6360  osppsvc - ok
11:14:53.0995 6360  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:14:54.0000 6360  p2pimsvc - ok
11:14:54.0048 6360  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:14:54.0065 6360  p2psvc - ok
11:14:54.0079 6360  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
11:14:54.0082 6360  Parport - ok
11:14:54.0119 6360  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:14:54.0121 6360  partmgr - ok
11:14:54.0127 6360  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:14:54.0131 6360  PcaSvc - ok
11:14:54.0197 6360  [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
11:14:54.0219 6360  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
11:14:54.0238 6360  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:14:54.0240 6360  pci - ok
11:14:54.0256 6360  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:14:54.0257 6360  pciide - ok
11:14:54.0270 6360  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:14:54.0274 6360  pcmcia - ok
11:14:54.0284 6360  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:14:54.0286 6360  pcw - ok
11:14:54.0303 6360  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:14:54.0311 6360  PEAUTH - ok
11:14:54.0351 6360  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:14:54.0377 6360  PeerDistSvc - ok
11:14:54.0415 6360  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:14:54.0417 6360  PerfHost - ok
11:14:54.0449 6360  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:14:54.0475 6360  pla - ok
11:14:54.0504 6360  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:14:54.0510 6360  PlugPlay - ok
11:14:54.0518 6360  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:14:54.0521 6360  Pml Driver HPZ12 - ok
11:14:54.0533 6360  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:14:54.0535 6360  PNRPAutoReg - ok
11:14:54.0553 6360  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:14:54.0557 6360  PNRPsvc - ok
11:14:54.0581 6360  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:14:54.0587 6360  PolicyAgent - ok
11:14:54.0609 6360  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
11:14:54.0613 6360  Power - ok
11:14:54.0636 6360  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:14:54.0638 6360  PptpMiniport - ok
11:14:54.0642 6360  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
11:14:54.0644 6360  Processor - ok
11:14:54.0696 6360  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:14:54.0699 6360  ProfSvc - ok
11:14:54.0709 6360  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:14:54.0711 6360  ProtectedStorage - ok
11:14:54.0745 6360  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:14:54.0747 6360  Psched - ok
11:14:54.0774 6360  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
11:14:54.0776 6360  PxHlpa64 - ok
11:14:54.0817 6360  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:14:54.0843 6360  ql2300 - ok
11:14:54.0848 6360  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:14:54.0850 6360  ql40xx - ok
11:14:54.0868 6360  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:14:54.0870 6360  QWAVE - ok
11:14:54.0879 6360  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:14:54.0887 6360  QWAVEdrv - ok
11:14:54.0890 6360  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:14:54.0891 6360  RasAcd - ok
11:14:54.0931 6360  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:14:54.0933 6360  RasAgileVpn - ok
11:14:54.0944 6360  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:14:54.0946 6360  RasAuto - ok
11:14:54.0960 6360  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:14:54.0963 6360  Rasl2tp - ok
11:14:54.0975 6360  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:14:54.0979 6360  RasMan - ok
11:14:54.0991 6360  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:14:54.0993 6360  RasPppoe - ok
11:14:55.0002 6360  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:14:55.0004 6360  RasSstp - ok
11:14:55.0019 6360  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:14:55.0022 6360  rdbss - ok
11:14:55.0030 6360  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:14:55.0031 6360  rdpbus - ok
11:14:55.0050 6360  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:14:55.0051 6360  RDPCDD - ok
11:14:55.0071 6360  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:14:55.0073 6360  RDPDR - ok
11:14:55.0076 6360  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:14:55.0077 6360  RDPENCDD - ok
11:14:55.0095 6360  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:14:55.0096 6360  RDPREFMP - ok
11:14:55.0136 6360  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:14:55.0139 6360  RDPWD - ok
11:14:55.0154 6360  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:14:55.0157 6360  rdyboost - ok
11:14:55.0180 6360  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:14:55.0181 6360  RemoteAccess - ok
11:14:55.0202 6360  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:14:55.0206 6360  RemoteRegistry - ok
11:14:55.0241 6360  [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:14:55.0242 6360  RimUsb - ok
11:14:55.0351 6360  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:14:55.0364 6360  RoxMediaDB12OEM - ok
11:14:55.0390 6360  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:14:55.0393 6360  RoxWatch12 - ok
11:14:55.0413 6360  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:14:55.0416 6360  RpcEptMapper - ok
11:14:55.0427 6360  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:14:55.0428 6360  RpcLocator - ok
11:14:55.0443 6360  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:14:55.0448 6360  RpcSs - ok
11:14:55.0461 6360  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:14:55.0463 6360  rspndr - ok
11:14:55.0483 6360  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:14:55.0485 6360  s3cap - ok
11:14:55.0500 6360  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:14:55.0502 6360  SamSs - ok
11:14:55.0514 6360  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:14:55.0516 6360  sbp2port - ok
11:14:55.0545 6360  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:14:55.0553 6360  SCardSvr - ok
11:14:55.0567 6360  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:14:55.0569 6360  scfilter - ok
11:14:55.0598 6360  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:14:55.0624 6360  Schedule - ok
11:14:55.0645 6360  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:14:55.0646 6360  SCPolicySvc - ok
11:14:55.0654 6360  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:14:55.0658 6360  SDRSVC - ok
11:14:55.0676 6360  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:14:55.0678 6360  secdrv - ok
11:14:55.0686 6360  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:14:55.0689 6360  seclogon - ok
11:14:55.0698 6360  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:14:55.0701 6360  SENS - ok
11:14:55.0705 6360  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:14:55.0707 6360  SensrSvc - ok
11:14:55.0733 6360  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:14:55.0735 6360  Serenum - ok
11:14:55.0785 6360  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
11:14:55.0788 6360  Serial - ok
11:14:55.0808 6360  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:14:55.0810 6360  sermouse - ok
11:14:55.0827 6360  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:14:55.0831 6360  SessionEnv - ok
11:14:55.0834 6360  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:14:55.0835 6360  sffdisk - ok
11:14:55.0839 6360  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:14:55.0840 6360  sffp_mmc - ok
11:14:55.0843 6360  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:14:55.0844 6360  sffp_sd - ok
11:14:55.0867 6360  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:14:55.0869 6360  sfloppy - ok
11:14:55.0923 6360  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:14:55.0934 6360  SftService - ok
11:14:55.0960 6360  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:14:55.0964 6360  SharedAccess - ok
11:14:56.0004 6360  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:14:56.0008 6360  ShellHWDetection - ok
11:14:56.0021 6360  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:14:56.0023 6360  SiSRaid2 - ok
11:14:56.0031 6360  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:14:56.0033 6360  SiSRaid4 - ok
11:14:56.0112 6360  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:14:56.0114 6360  SkypeUpdate - ok
11:14:56.0135 6360  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:14:56.0137 6360  Smb - ok
11:14:56.0158 6360  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:14:56.0160 6360  SNMPTRAP - ok
11:14:56.0167 6360  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:14:56.0169 6360  spldr - ok
11:14:56.0208 6360  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:14:56.0215 6360  Spooler - ok
11:14:56.0279 6360  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:14:56.0331 6360  sppsvc - ok
11:14:56.0346 6360  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:14:56.0349 6360  sppuinotify - ok
11:14:56.0368 6360  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:14:56.0371 6360  srv - ok
11:14:56.0412 6360  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:14:56.0420 6360  srv2 - ok
11:14:56.0433 6360  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:14:56.0436 6360  srvnet - ok
11:14:56.0466 6360  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:14:56.0470 6360  SSDPSRV - ok
11:14:56.0479 6360  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:14:56.0482 6360  SstpSvc - ok
11:14:56.0512 6360  [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
11:14:56.0514 6360  ss_bus - ok
11:14:56.0532 6360  [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl         C:\Windows\system32\DRIVERS\ss_mdfl.sys
11:14:56.0534 6360  ss_mdfl - ok
11:14:56.0551 6360  [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
11:14:56.0554 6360  ss_mdm - ok
11:14:56.0571 6360  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:14:56.0572 6360  stexstor - ok
11:14:56.0635 6360  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:14:56.0652 6360  stisvc - ok
11:14:56.0689 6360  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:14:56.0691 6360  stllssvr - ok
11:14:56.0707 6360  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
11:14:56.0710 6360  StorSvc - ok
11:14:56.0731 6360  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:14:56.0733 6360  storvsc - ok
11:14:56.0749 6360  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:14:56.0751 6360  swenum - ok
11:14:56.0765 6360  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:14:56.0772 6360  swprv - ok
11:14:56.0788 6360  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
11:14:56.0790 6360  SynthVid - ok
11:14:56.0852 6360  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:14:56.0887 6360  SysMain - ok
11:14:56.0901 6360  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:14:56.0903 6360  TabletInputService - ok
11:14:56.0919 6360  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:14:56.0925 6360  TapiSrv - ok
11:14:56.0937 6360  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:14:56.0940 6360  TBS - ok
11:14:57.0005 6360  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:14:57.0039 6360  Tcpip - ok
11:14:57.0092 6360  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:14:57.0104 6360  TCPIP6 - ok
11:14:57.0161 6360  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:14:57.0162 6360  tcpipreg - ok
11:14:57.0179 6360  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:14:57.0187 6360  TDPIPE - ok
11:14:57.0257 6360  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:14:57.0270 6360  TDTCP - ok
11:14:57.0304 6360  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:14:57.0307 6360  tdx - ok
11:14:57.0327 6360  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:14:57.0329 6360  TermDD - ok
11:14:57.0340 6360  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:14:57.0347 6360  TermService - ok
11:14:57.0358 6360  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:14:57.0360 6360  Themes - ok
11:14:57.0380 6360  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:14:57.0382 6360  THREADORDER - ok
11:14:57.0389 6360  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:14:57.0393 6360  TrkWks - ok
11:14:57.0416 6360  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:14:57.0418 6360  TrustedInstaller - ok
11:14:57.0428 6360  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:14:57.0429 6360  tssecsrv - ok
11:14:57.0438 6360  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:14:57.0439 6360  TsUsbFlt - ok
11:14:57.0443 6360  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:14:57.0444 6360  TsUsbGD - ok
11:14:57.0462 6360  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:14:57.0464 6360  tunnel - ok
11:14:57.0477 6360  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:14:57.0479 6360  uagp35 - ok
11:14:57.0496 6360  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:14:57.0510 6360  udfs - ok
11:14:57.0531 6360  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:14:57.0533 6360  UI0Detect - ok
11:14:57.0537 6360  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:14:57.0539 6360  uliagpkx - ok
11:14:57.0559 6360  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:14:57.0561 6360  umbus - ok
11:14:57.0565 6360  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:14:57.0566 6360  UmPass - ok
11:14:57.0587 6360  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
11:14:57.0591 6360  UmRdpService - ok
11:14:57.0608 6360  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:14:57.0614 6360  upnphost - ok
11:14:57.0644 6360  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:14:57.0647 6360  usbaudio - ok
11:14:57.0680 6360  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:14:57.0683 6360  usbccgp - ok
11:14:57.0687 6360  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:14:57.0689 6360  usbcir - ok
11:14:57.0698 6360  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:14:57.0700 6360  usbehci - ok
11:14:57.0737 6360  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:14:57.0742 6360  usbhub - ok
11:14:57.0757 6360  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:14:57.0759 6360  usbohci - ok
11:14:57.0771 6360  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:14:57.0772 6360  usbprint - ok
11:14:57.0796 6360  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:14:57.0798 6360  usbscan - ok
11:14:57.0805 6360  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:14:57.0807 6360  USBSTOR - ok
11:14:57.0829 6360  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:14:57.0831 6360  usbuhci - ok
11:14:57.0845 6360  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:14:57.0848 6360  UxSms - ok
11:14:57.0856 6360  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:14:57.0857 6360  VaultSvc - ok
11:14:57.0861 6360  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:14:57.0863 6360  vdrvroot - ok
11:14:57.0876 6360  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:14:57.0882 6360  vds - ok
11:14:57.0889 6360  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:14:57.0891 6360  vga - ok
11:14:57.0893 6360  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:14:57.0893 6360  VgaSave - ok
11:14:57.0898 6360  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:14:57.0900 6360  vhdmp - ok
11:14:57.0902 6360  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:14:57.0903 6360  viaide - ok
11:14:57.0909 6360  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:14:57.0910 6360  VMBusHID - ok
11:14:57.0924 6360  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:14:57.0933 6360  volmgr - ok
11:14:57.0948 6360  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:14:57.0953 6360  volmgrx - ok
11:14:57.0965 6360  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:14:57.0970 6360  volsnap - ok
11:14:57.0985 6360  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:14:57.0987 6360  vsmraid - ok
11:14:58.0020 6360  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:14:58.0055 6360  VSS - ok
11:14:58.0177 6360  [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
11:14:58.0203 6360  vToolbarUpdater14.2.0 - ok
11:14:58.0211 6360  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:14:58.0212 6360  vwifibus - ok
11:14:58.0224 6360  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:14:58.0227 6360  vwififlt - ok
11:14:58.0239 6360  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:14:58.0244 6360  W32Time - ok
11:14:58.0250 6360  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:14:58.0251 6360  WacomPen - ok
11:14:58.0262 6360  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:14:58.0264 6360  WANARP - ok
11:14:58.0267 6360  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:14:58.0268 6360  Wanarpv6 - ok
11:14:58.0315 6360  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:14:58.0339 6360  wbengine - ok
11:14:58.0352 6360  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:14:58.0356 6360  WbioSrvc - ok
11:14:58.0373 6360  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:14:58.0376 6360  wcncsvc - ok
11:14:58.0383 6360  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:14:58.0385 6360  WcsPlugInService - ok
11:14:58.0387 6360  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
11:14:58.0388 6360  Wd - ok
11:14:58.0414 6360  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:14:58.0419 6360  Wdf01000 - ok
11:14:58.0429 6360  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:14:58.0433 6360  WdiServiceHost - ok
11:14:58.0437 6360  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:14:58.0439 6360  WdiSystemHost - ok
11:14:58.0452 6360  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:14:58.0456 6360  WebClient - ok
11:14:58.0470 6360  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:14:58.0473 6360  Wecsvc - ok
11:14:58.0486 6360  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:14:58.0489 6360  wercplsupport - ok
11:14:58.0509 6360  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:14:58.0513 6360  WerSvc - ok
11:14:58.0520 6360  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:14:58.0521 6360  WfpLwf - ok
11:14:58.0550 6360  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
11:14:58.0553 6360  WimFltr - ok
11:14:58.0561 6360  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:14:58.0563 6360  WIMMount - ok
11:14:58.0587 6360  WinDefend - ok
11:14:58.0600 6360  WinHttpAutoProxySvc - ok
11:14:58.0648 6360  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:14:58.0651 6360  Winmgmt - ok
11:14:58.0688 6360  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:14:58.0715 6360  WinRM - ok
11:14:58.0742 6360  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:14:58.0743 6360  WinUsb - ok
11:14:58.0773 6360  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:14:58.0785 6360  Wlansvc - ok
11:14:58.0842 6360  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:14:58.0844 6360  wlcrasvc - ok
11:14:58.0916 6360  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:14:58.0959 6360  wlidsvc - ok
11:14:58.0963 6360  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:14:58.0964 6360  WmiAcpi - ok
11:14:58.0973 6360  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:14:58.0975 6360  wmiApSrv - ok
11:14:58.0994 6360  WMPNetworkSvc - ok
11:14:59.0022 6360  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:14:59.0025 6360  WPCSvc - ok
11:14:59.0037 6360  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:14:59.0040 6360  WPDBusEnum - ok
11:14:59.0052 6360  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:14:59.0053 6360  ws2ifsl - ok
11:14:59.0064 6360  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:14:59.0068 6360  wscsvc - ok
11:14:59.0071 6360  WSearch - ok
11:14:59.0136 6360  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:14:59.0170 6360  wuauserv - ok
11:14:59.0210 6360  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:14:59.0215 6360  WudfPf - ok
11:14:59.0241 6360  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:14:59.0244 6360  WUDFRd - ok
11:14:59.0263 6360  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:14:59.0266 6360  wudfsvc - ok
11:14:59.0307 6360  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:14:59.0311 6360  WwanSvc - ok
11:14:59.0342 6360  ================ Scan global ===============================
11:14:59.0374 6360  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:14:59.0406 6360  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:14:59.0414 6360  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:14:59.0459 6360  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:14:59.0475 6360  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:14:59.0480 6360  [Global] - ok
11:14:59.0481 6360  ================ Scan MBR ==================================
11:14:59.0497 6360  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:14:59.0698 6360  \Device\Harddisk0\DR0 - ok
11:14:59.0702 6360  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
11:14:59.0708 6360  \Device\Harddisk1\DR1 - ok
11:14:59.0708 6360  ================ Scan VBR ==================================
11:14:59.0711 6360  [ 09902DB6AAF6FC129F0D66A8AF3DB3A9 ] \Device\Harddisk0\DR0\Partition1
11:14:59.0713 6360  \Device\Harddisk0\DR0\Partition1 - ok
11:14:59.0736 6360  [ A60809C4F5D49DA5FB41B63DFFBA5BE1 ] \Device\Harddisk0\DR0\Partition2
11:14:59.0738 6360  \Device\Harddisk0\DR0\Partition2 - ok
11:14:59.0742 6360  [ 9EF86E395D1230C6140FD15EFE0B7948 ] \Device\Harddisk1\DR1\Partition1
11:14:59.0743 6360  \Device\Harddisk1\DR1\Partition1 - ok
11:14:59.0744 6360  ============================================================
11:14:59.0744 6360  Scan finished
11:14:59.0744 6360  ============================================================
11:14:59.0754 5920  Detected object count: 0
11:14:59.0754 5920  Actual detected object count: 0
         
vielen Dank

Alt 19.05.2013, 02:56   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Zitat:
11:14:45.0753 6360 Scan started
11:14:45.0753 6360 Mode: Manual;
Du hast den tdsskiller leider falsch eingestellt, bitte nochmal richtig machen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.05.2013, 11:22   #15
Houshmand
 
BKA - Paysafe Virus, Windows 7 gesperrt - Standard

BKA - Paysafe Virus, Windows 7 gesperrt



Sorry.
Jetzt habe ich das Programm richtig eingestellt.

Code:
ATTFilter
11:17:11.0459 6020  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:17:11.0599 6020  ============================================================
11:17:11.0599 6020  Current date / time: 2013/05/19 11:17:11.0599
11:17:11.0599 6020  SystemInfo:
11:17:11.0599 6020  
11:17:11.0599 6020  OS Version: 6.1.7601 ServicePack: 1.0
11:17:11.0599 6020  Product type: Workstation
11:17:11.0599 6020  ComputerName: RAMIN-PC
11:17:11.0599 6020  UserName: Ramin
11:17:11.0599 6020  Windows directory: C:\Windows
11:17:11.0599 6020  System windows directory: C:\Windows
11:17:11.0599 6020  Running under WOW64
11:17:11.0599 6020  Processor architecture: Intel x64
11:17:11.0599 6020  Number of processors: 4
11:17:11.0599 6020  Page size: 0x1000
11:17:11.0599 6020  Boot type: Normal boot
11:17:11.0599 6020  ============================================================
11:17:12.0199 6020  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:12.0209 6020  Drive \Device\Harddisk1\DR1 - Size: 0x393180000 (14.30 Gb), SectorSize: 0x200, Cylinders: 0x74A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:17:12.0229 6020  ============================================================
11:17:12.0229 6020  \Device\Harddisk0\DR0:
11:17:12.0229 6020  MBR partitions:
11:17:12.0229 6020  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1986000
11:17:12.0229 6020  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x199A000, BlocksNum 0x72D6C000
11:17:12.0229 6020  \Device\Harddisk1\DR1:
11:17:12.0229 6020  MBR partitions:
11:17:12.0229 6020  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1C96C80
11:17:12.0229 6020  ============================================================
11:17:12.0319 6020  C: <-> \Device\Harddisk0\DR0\Partition2
11:17:12.0319 6020  ============================================================
11:17:12.0319 6020  Initialize success
11:17:12.0319 6020  ============================================================
11:19:06.0082 7236  ============================================================
11:19:06.0082 7236  Scan started
11:19:06.0082 7236  Mode: Manual; SigCheck; TDLFS; 
11:19:06.0082 7236  ============================================================
11:19:06.0412 7236  ================ Scan system memory ========================
11:19:06.0412 7236  System memory - ok
11:19:06.0412 7236  ================ Scan services =============================
11:19:06.0532 7236  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:19:06.0672 7236  1394ohci - ok
11:19:06.0692 7236  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:19:06.0702 7236  ACPI - ok
11:19:06.0712 7236  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:19:06.0732 7236  AcpiPmi - ok
11:19:06.0822 7236  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:19:06.0832 7236  AdobeARMservice - ok
11:19:06.0932 7236  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:19:06.0952 7236  AdobeFlashPlayerUpdateSvc - ok
11:19:07.0002 7236  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:19:07.0022 7236  adp94xx - ok
11:19:07.0052 7236  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:19:07.0092 7236  adpahci - ok
11:19:07.0112 7236  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:19:07.0122 7236  adpu320 - ok
11:19:07.0142 7236  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:19:07.0162 7236  AeLookupSvc - ok
11:19:07.0232 7236  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:19:07.0242 7236  AERTFilters - ok
11:19:07.0292 7236  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:19:07.0332 7236  AFD - ok
11:19:07.0362 7236  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:19:07.0382 7236  agp440 - ok
11:19:07.0392 7236  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:19:07.0422 7236  ALG - ok
11:19:07.0442 7236  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:19:07.0452 7236  aliide - ok
11:19:07.0492 7236  [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:19:07.0532 7236  AMD External Events Utility - ok
11:19:07.0532 7236  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:19:07.0552 7236  amdide - ok
11:19:07.0562 7236  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:19:07.0572 7236  AmdK8 - ok
11:19:07.0702 7236  [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:19:07.0882 7236  amdkmdag - ok
11:19:07.0902 7236  [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:19:07.0942 7236  amdkmdap - ok
11:19:07.0952 7236  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:19:07.0992 7236  AmdPPM - ok
11:19:08.0022 7236  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:19:08.0032 7236  amdsata - ok
11:19:08.0052 7236  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:19:08.0062 7236  amdsbs - ok
11:19:08.0072 7236  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:19:08.0082 7236  amdxata - ok
11:19:08.0102 7236  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:19:08.0152 7236  AppID - ok
11:19:08.0202 7236  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:19:08.0262 7236  AppIDSvc - ok
11:19:08.0332 7236  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:19:08.0352 7236  Appinfo - ok
11:19:08.0392 7236  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:19:08.0402 7236  AppMgmt - ok
11:19:08.0422 7236  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
11:19:08.0432 7236  arc - ok
11:19:08.0442 7236  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:19:08.0452 7236  arcsas - ok
11:19:08.0512 7236  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:19:08.0522 7236  aspnet_state - ok
11:19:08.0562 7236  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:19:08.0612 7236  AsyncMac - ok
11:19:08.0672 7236  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:19:08.0682 7236  atapi - ok
11:19:08.0752 7236  [ 96ABF88241F90FF647E55C934C55C2F1 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
11:19:08.0832 7236  athr - ok
11:19:08.0872 7236  [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:19:08.0902 7236  AtiHDAudioService - ok
11:19:08.0942 7236  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:19:08.0982 7236  AudioEndpointBuilder - ok
11:19:08.0992 7236  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:19:09.0012 7236  AudioSrv - ok
11:19:09.0052 7236  [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
11:19:09.0062 7236  Avgfwfd - ok
11:19:09.0142 7236  [ 6C469E3CB15CF33AD3E757096E6C7026 ] avgfws          C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
11:19:09.0182 7236  avgfws - ok
11:19:09.0292 7236  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:19:09.0342 7236  AVGIDSAgent - ok
11:19:09.0362 7236  [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:19:09.0372 7236  AVGIDSDriver - ok
11:19:09.0382 7236  [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:19:09.0402 7236  AVGIDSFilter - ok
11:19:09.0442 7236  [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
11:19:09.0452 7236  AVGIDSHA - ok
11:19:09.0462 7236  [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
11:19:09.0472 7236  Avgldx64 - ok
11:19:09.0492 7236  [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
11:19:09.0492 7236  Avgmfx64 - ok
11:19:09.0512 7236  [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
11:19:09.0522 7236  Avgrkx64 - ok
11:19:09.0572 7236  [ A441A655D6D9DDDDBA11994530F84981 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
11:19:09.0592 7236  Avgtdia - ok
11:19:09.0622 7236  [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
11:19:09.0632 7236  avgtp - ok
11:19:09.0682 7236  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:19:09.0692 7236  avgwd - ok
11:19:09.0752 7236  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:19:09.0802 7236  AxInstSV - ok
11:19:09.0842 7236  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:19:09.0872 7236  b06bdrv - ok
11:19:09.0902 7236  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:19:09.0942 7236  b57nd60a - ok
11:19:10.0052 7236  [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
11:19:10.0072 7236  BBSvc - ok
11:19:10.0082 7236  [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
11:19:10.0092 7236  BBUpdate - ok
11:19:10.0102 7236  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:19:10.0112 7236  BDESVC - ok
11:19:10.0122 7236  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:19:10.0142 7236  Beep - ok
11:19:10.0192 7236  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:19:10.0242 7236  BFE - ok
11:19:10.0282 7236  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
11:19:10.0342 7236  BITS - ok
11:19:10.0372 7236  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:19:10.0402 7236  blbdrive - ok
11:19:10.0442 7236  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:19:10.0472 7236  bowser - ok
11:19:10.0492 7236  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:19:10.0532 7236  BrFiltLo - ok
11:19:10.0532 7236  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:19:10.0552 7236  BrFiltUp - ok
11:19:10.0612 7236  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:19:10.0642 7236  BridgeMP - ok
11:19:10.0682 7236  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:19:10.0712 7236  Browser - ok
11:19:10.0712 7236  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:19:10.0752 7236  Brserid - ok
11:19:10.0752 7236  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:19:10.0802 7236  BrSerWdm - ok
11:19:10.0802 7236  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:19:10.0822 7236  BrUsbMdm - ok
11:19:10.0822 7236  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:19:10.0832 7236  BrUsbSer - ok
11:19:10.0832 7236  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:19:10.0842 7236  BTHMODEM - ok
11:19:10.0872 7236  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:19:10.0892 7236  bthserv - ok
11:19:10.0902 7236  catchme - ok
11:19:10.0912 7236  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:19:10.0932 7236  cdfs - ok
11:19:10.0952 7236  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:19:10.0962 7236  cdrom - ok
11:19:10.0982 7236  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:19:11.0012 7236  CertPropSvc - ok
11:19:11.0022 7236  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
11:19:11.0032 7236  circlass - ok
11:19:11.0052 7236  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:19:11.0062 7236  CLFS - ok
11:19:11.0102 7236  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:19:11.0112 7236  clr_optimization_v2.0.50727_32 - ok
11:19:11.0142 7236  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:19:11.0152 7236  clr_optimization_v2.0.50727_64 - ok
11:19:11.0212 7236  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:19:11.0222 7236  clr_optimization_v4.0.30319_32 - ok
11:19:11.0252 7236  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:19:11.0252 7236  clr_optimization_v4.0.30319_64 - ok
11:19:11.0262 7236  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:19:11.0302 7236  CmBatt - ok
11:19:11.0302 7236  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:19:11.0312 7236  cmdide - ok
11:19:11.0352 7236  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:19:11.0382 7236  CNG - ok
11:19:11.0392 7236  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:19:11.0392 7236  Compbatt - ok
11:19:11.0402 7236  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:19:11.0422 7236  CompositeBus - ok
11:19:11.0422 7236  COMSysApp - ok
11:19:11.0442 7236  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:19:11.0452 7236  crcdisk - ok
11:19:11.0472 7236  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:19:11.0502 7236  CryptSvc - ok
11:19:11.0542 7236  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
11:19:11.0582 7236  CSC - ok
11:19:11.0612 7236  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
11:19:11.0642 7236  CscService - ok
11:19:11.0682 7236  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:19:11.0732 7236  DcomLaunch - ok
11:19:11.0762 7236  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:19:11.0792 7236  defragsvc - ok
11:19:11.0792 7236  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:19:11.0832 7236  DfsC - ok
11:19:11.0872 7236  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:19:11.0922 7236  Dhcp - ok
11:19:11.0942 7236  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:19:11.0992 7236  discache - ok
11:19:12.0012 7236  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
11:19:12.0012 7236  Disk - ok
11:19:12.0042 7236  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:19:12.0052 7236  dmvsc - ok
11:19:12.0082 7236  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:19:12.0112 7236  Dnscache - ok
11:19:12.0128 7236  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:19:12.0174 7236  dot3svc - ok
11:19:12.0206 7236  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:19:12.0252 7236  Dot4 - ok
11:19:12.0268 7236  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:19:12.0284 7236  Dot4Print - ok
11:19:12.0299 7236  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:19:12.0330 7236  dot4usb - ok
11:19:12.0330 7236  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:19:12.0362 7236  DPS - ok
11:19:12.0393 7236  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:19:12.0424 7236  drmkaud - ok
11:19:12.0455 7236  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:19:12.0486 7236  DXGKrnl - ok
11:19:12.0518 7236  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:19:12.0564 7236  EapHost - ok
11:19:12.0658 7236  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:19:12.0736 7236  ebdrv - ok
11:19:12.0783 7236  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:19:12.0798 7236  EFS - ok
11:19:12.0861 7236  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:19:12.0876 7236  ehRecvr - ok
11:19:12.0892 7236  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:19:12.0923 7236  ehSched - ok
11:19:12.0954 7236  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:19:12.0986 7236  elxstor - ok
11:19:12.0986 7236  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:19:13.0001 7236  ErrDev - ok
11:19:13.0048 7236  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:19:13.0110 7236  EventSystem - ok
11:19:13.0126 7236  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:19:13.0157 7236  exfat - ok
11:19:13.0173 7236  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:19:13.0204 7236  fastfat - ok
11:19:13.0235 7236  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:19:13.0266 7236  Fax - ok
11:19:13.0282 7236  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
11:19:13.0298 7236  fdc - ok
11:19:13.0313 7236  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:19:13.0360 7236  fdPHost - ok
11:19:13.0360 7236  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:19:13.0391 7236  FDResPub - ok
11:19:13.0391 7236  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:19:13.0407 7236  FileInfo - ok
11:19:13.0422 7236  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:19:13.0500 7236  Filetrace - ok
11:19:13.0516 7236  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:19:13.0532 7236  flpydisk - ok
11:19:13.0532 7236  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:19:13.0547 7236  FltMgr - ok
11:19:13.0578 7236  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:19:13.0610 7236  FontCache - ok
11:19:13.0641 7236  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:19:13.0656 7236  FontCache3.0.0.0 - ok
11:19:13.0672 7236  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:19:13.0688 7236  FsDepends - ok
11:19:13.0688 7236  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:19:13.0703 7236  Fs_Rec - ok
11:19:13.0719 7236  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:19:13.0734 7236  fvevol - ok
11:19:13.0750 7236  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:19:13.0766 7236  gagp30kx - ok
11:19:13.0797 7236  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:19:13.0844 7236  gpsvc - ok
11:19:13.0859 7236  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:19:13.0875 7236  hcw85cir - ok
11:19:13.0906 7236  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:19:13.0953 7236  HDAudBus - ok
11:19:13.0968 7236  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:19:14.0015 7236  HidBatt - ok
11:19:14.0031 7236  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:19:14.0046 7236  HidBth - ok
11:19:14.0078 7236  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:19:14.0093 7236  HidIr - ok
11:19:14.0093 7236  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
11:19:14.0124 7236  hidserv - ok
11:19:14.0140 7236  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:19:14.0156 7236  HidUsb - ok
11:19:14.0171 7236  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:19:14.0202 7236  hkmsvc - ok
11:19:14.0218 7236  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:19:14.0234 7236  HomeGroupListener - ok
11:19:14.0249 7236  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:19:14.0280 7236  HomeGroupProvider - ok
11:19:14.0358 7236  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:19:14.0390 7236  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
11:19:14.0390 7236  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
11:19:14.0421 7236  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:19:14.0421 7236  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
11:19:14.0421 7236  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
11:19:14.0436 7236  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:19:14.0452 7236  HpSAMD - ok
11:19:14.0530 7236  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:19:14.0561 7236  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
11:19:14.0561 7236  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
11:19:14.0592 7236  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:19:14.0670 7236  HTTP - ok
11:19:14.0686 7236  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:19:14.0702 7236  hwpolicy - ok
11:19:14.0733 7236  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:19:14.0748 7236  i8042prt - ok
11:19:14.0780 7236  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:19:14.0795 7236  iaStor - ok
11:19:14.0842 7236  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:19:14.0858 7236  IAStorDataMgrSvc - ok
11:19:14.0889 7236  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:19:14.0920 7236  iaStorV - ok
11:19:14.0951 7236  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:19:14.0982 7236  idsvc - ok
11:19:14.0982 7236  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:19:14.0998 7236  iirsp - ok
11:19:15.0014 7236  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:19:15.0076 7236  IKEEXT - ok
11:19:15.0123 7236  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:19:15.0154 7236  IntcAzAudAddService - ok
11:19:15.0170 7236  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:19:15.0185 7236  IntcDAud - ok
11:19:15.0201 7236  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:19:15.0201 7236  intelide - ok
11:19:15.0232 7236  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:19:15.0263 7236  intelppm - ok
11:19:15.0294 7236  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:19:15.0326 7236  IPBusEnum - ok
11:19:15.0341 7236  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:19:15.0388 7236  IpFilterDriver - ok
11:19:15.0466 7236  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:19:15.0482 7236  iphlpsvc - ok
11:19:15.0497 7236  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:19:15.0513 7236  IPMIDRV - ok
11:19:15.0528 7236  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:19:15.0560 7236  IPNAT - ok
11:19:15.0575 7236  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:19:15.0606 7236  IRENUM - ok
11:19:15.0622 7236  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:19:15.0622 7236  isapnp - ok
11:19:15.0638 7236  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:19:15.0653 7236  iScsiPrt - ok
11:19:15.0653 7236  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
11:19:15.0669 7236  k57nd60a - ok
11:19:15.0684 7236  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:19:15.0684 7236  kbdclass - ok
11:19:15.0700 7236  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:19:15.0700 7236  kbdhid - ok
11:19:15.0716 7236  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:19:15.0731 7236  KeyIso - ok
11:19:15.0778 7236  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:19:15.0794 7236  KSecDD - ok
11:19:15.0794 7236  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:19:15.0809 7236  KSecPkg - ok
11:19:15.0825 7236  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:19:15.0856 7236  ksthunk - ok
11:19:15.0887 7236  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:19:15.0918 7236  KtmRm - ok
11:19:15.0950 7236  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:19:16.0012 7236  LanmanServer - ok
11:19:16.0028 7236  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:19:16.0074 7236  LanmanWorkstation - ok
11:19:16.0090 7236  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:19:16.0137 7236  lltdio - ok
11:19:16.0168 7236  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:19:16.0199 7236  lltdsvc - ok
11:19:16.0215 7236  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:19:16.0277 7236  lmhosts - ok
11:19:16.0308 7236  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:19:16.0324 7236  LSI_FC - ok
11:19:16.0324 7236  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:19:16.0340 7236  LSI_SAS - ok
11:19:16.0340 7236  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:19:16.0355 7236  LSI_SAS2 - ok
11:19:16.0371 7236  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:19:16.0371 7236  LSI_SCSI - ok
11:19:16.0386 7236  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:19:16.0418 7236  luafv - ok
11:19:16.0480 7236  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:19:16.0480 7236  LVPr2M64 - ok
11:19:16.0511 7236  [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:19:16.0527 7236  LVPr2Mon - ok
11:19:16.0589 7236  [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:19:16.0605 7236  LVPrcS64 - ok
11:19:16.0620 7236  [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
11:19:16.0636 7236  LVRS64 - ok
11:19:16.0730 7236  [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
11:19:16.0870 7236  LVUVC64 - ok
11:19:16.0886 7236  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:19:16.0901 7236  MBAMProtector - ok
11:19:16.0948 7236  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:19:16.0979 7236  MBAMScheduler - ok
11:19:16.0995 7236  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:19:17.0010 7236  MBAMService - ok
11:19:17.0026 7236  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:19:17.0057 7236  Mcx2Svc - ok
11:19:17.0073 7236  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:19:17.0073 7236  megasas - ok
11:19:17.0088 7236  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:19:17.0104 7236  MegaSR - ok
11:19:17.0135 7236  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:19:17.0151 7236  MEIx64 - ok
11:19:17.0182 7236  Microsoft SharePoint Workspace Audit Service - ok
11:19:17.0213 7236  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:19:17.0276 7236  MMCSS - ok
11:19:17.0276 7236  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:19:17.0322 7236  Modem - ok
11:19:17.0338 7236  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:19:17.0369 7236  monitor - ok
11:19:17.0385 7236  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:19:17.0400 7236  mouclass - ok
11:19:17.0432 7236  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:19:17.0447 7236  mouhid - ok
11:19:17.0478 7236  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:19:17.0478 7236  mountmgr - ok
11:19:17.0525 7236  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:19:17.0541 7236  MozillaMaintenance - ok
11:19:17.0541 7236  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:19:17.0556 7236  mpio - ok
11:19:17.0572 7236  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:19:17.0603 7236  mpsdrv - ok
11:19:17.0619 7236  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:19:17.0650 7236  MpsSvc - ok
11:19:17.0666 7236  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:19:17.0697 7236  MRxDAV - ok
11:19:17.0728 7236  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:19:17.0744 7236  mrxsmb - ok
11:19:17.0759 7236  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:19:17.0790 7236  mrxsmb10 - ok
11:19:17.0806 7236  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:19:17.0822 7236  mrxsmb20 - ok
11:19:17.0837 7236  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:19:17.0853 7236  msahci - ok
11:19:17.0868 7236  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:19:17.0884 7236  msdsm - ok
11:19:17.0900 7236  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:19:17.0931 7236  MSDTC - ok
11:19:17.0962 7236  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:19:18.0024 7236  Msfs - ok
11:19:18.0040 7236  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:19:18.0087 7236  mshidkmdf - ok
11:19:18.0102 7236  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:19:18.0102 7236  msisadrv - ok
11:19:18.0134 7236  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:19:18.0180 7236  MSiSCSI - ok
11:19:18.0180 7236  msiserver - ok
11:19:18.0212 7236  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:19:18.0258 7236  MSKSSRV - ok
11:19:18.0274 7236  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:19:18.0321 7236  MSPCLOCK - ok
11:19:18.0321 7236  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:19:18.0352 7236  MSPQM - ok
11:19:18.0368 7236  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:19:18.0368 7236  MsRPC - ok
11:19:18.0383 7236  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:19:18.0399 7236  mssmbios - ok
11:19:18.0399 7236  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:19:18.0430 7236  MSTEE - ok
11:19:18.0430 7236  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:19:18.0430 7236  MTConfig - ok
11:19:18.0446 7236  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:19:18.0446 7236  Mup - ok
11:19:18.0477 7236  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:19:18.0508 7236  napagent - ok
11:19:18.0539 7236  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:19:18.0570 7236  NativeWifiP - ok
11:19:18.0617 7236  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:19:18.0648 7236  NDIS - ok
11:19:18.0664 7236  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:19:18.0680 7236  NdisCap - ok
11:19:18.0695 7236  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:19:18.0726 7236  NdisTapi - ok
11:19:18.0742 7236  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:19:18.0758 7236  Ndisuio - ok
11:19:18.0773 7236  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:19:18.0836 7236  NdisWan - ok
11:19:18.0851 7236  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:19:18.0867 7236  NDProxy - ok
11:19:18.0898 7236  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:19:18.0898 7236  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:19:18.0898 7236  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:19:18.0898 7236  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:19:18.0960 7236  NetBIOS - ok
11:19:19.0007 7236  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:19:19.0038 7236  NetBT - ok
11:19:19.0038 7236  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:19:19.0054 7236  Netlogon - ok
11:19:19.0085 7236  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:19:19.0132 7236  Netman - ok
11:19:19.0194 7236  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:19.0210 7236  NetMsmqActivator - ok
11:19:19.0210 7236  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:19.0226 7236  NetPipeActivator - ok
11:19:19.0241 7236  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:19:19.0288 7236  netprofm - ok
11:19:19.0288 7236  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:19.0288 7236  NetTcpActivator - ok
11:19:19.0304 7236  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:19.0304 7236  NetTcpPortSharing - ok
11:19:19.0350 7236  [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
11:19:19.0382 7236  netvsc - ok
11:19:19.0397 7236  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:19:19.0413 7236  nfrd960 - ok
11:19:19.0444 7236  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:19:19.0460 7236  NlaSvc - ok
11:19:19.0475 7236  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:19:19.0522 7236  Npfs - ok
11:19:19.0522 7236  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:19:19.0553 7236  nsi - ok
11:19:19.0569 7236  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:19:19.0631 7236  nsiproxy - ok
11:19:19.0694 7236  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:19:19.0725 7236  Ntfs - ok
11:19:19.0740 7236  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:19:19.0772 7236  Null - ok
11:19:19.0787 7236  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:19:19.0803 7236  nvraid - ok
11:19:19.0818 7236  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:19:19.0834 7236  nvstor - ok
11:19:19.0850 7236  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:19:19.0850 7236  nv_agp - ok
11:19:19.0865 7236  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:19:19.0881 7236  ohci1394 - ok
11:19:19.0912 7236  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:19:19.0928 7236  ose - ok
11:19:20.0068 7236  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:19:20.0115 7236  osppsvc - ok
11:19:20.0146 7236  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:19:20.0193 7236  p2pimsvc - ok
11:19:20.0224 7236  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:19:20.0255 7236  p2psvc - ok
11:19:20.0271 7236  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
11:19:20.0286 7236  Parport - ok
11:19:20.0333 7236  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:19:20.0349 7236  partmgr - ok
11:19:20.0349 7236  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:19:20.0380 7236  PcaSvc - ok
11:19:20.0458 7236  [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
11:19:20.0474 7236  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
11:19:20.0489 7236  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:19:20.0505 7236  pci - ok
11:19:20.0536 7236  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:19:20.0552 7236  pciide - ok
11:19:20.0583 7236  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:19:20.0598 7236  pcmcia - ok
11:19:20.0614 7236  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:19:20.0630 7236  pcw - ok
11:19:20.0630 7236  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:19:20.0692 7236  PEAUTH - ok
11:19:20.0739 7236  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:19:20.0801 7236  PeerDistSvc - ok
11:19:20.0864 7236  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:19:20.0895 7236  PerfHost - ok
11:19:20.0942 7236  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:19:20.0988 7236  pla - ok
11:19:21.0051 7236  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:19:21.0082 7236  PlugPlay - ok
11:19:21.0098 7236  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:19:21.0113 7236  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:19:21.0113 7236  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:19:21.0144 7236  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:19:21.0160 7236  PNRPAutoReg - ok
11:19:21.0191 7236  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:19:21.0207 7236  PNRPsvc - ok
11:19:21.0238 7236  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:19:21.0285 7236  PolicyAgent - ok
11:19:21.0332 7236  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
11:19:21.0347 7236  Power - ok
11:19:21.0378 7236  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:19:21.0394 7236  PptpMiniport - ok
11:19:21.0410 7236  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
11:19:21.0425 7236  Processor - ok
11:19:21.0472 7236  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:19:21.0488 7236  ProfSvc - ok
11:19:21.0503 7236  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:19:21.0519 7236  ProtectedStorage - ok
11:19:21.0534 7236  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:19:21.0581 7236  Psched - ok
11:19:21.0612 7236  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
11:19:21.0628 7236  PxHlpa64 - ok
11:19:21.0659 7236  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:19:21.0706 7236  ql2300 - ok
11:19:21.0706 7236  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:19:21.0706 7236  ql40xx - ok
11:19:21.0737 7236  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:19:21.0753 7236  QWAVE - ok
11:19:21.0753 7236  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:19:21.0768 7236  QWAVEdrv - ok
11:19:21.0768 7236  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:19:21.0784 7236  RasAcd - ok
11:19:21.0831 7236  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:19:21.0846 7236  RasAgileVpn - ok
11:19:21.0878 7236  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:19:21.0893 7236  RasAuto - ok
11:19:21.0909 7236  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:19:21.0940 7236  Rasl2tp - ok
11:19:21.0971 7236  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:19:22.0002 7236  RasMan - ok
11:19:22.0002 7236  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:19:22.0049 7236  RasPppoe - ok
11:19:22.0065 7236  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:19:22.0080 7236  RasSstp - ok
11:19:22.0112 7236  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:19:22.0127 7236  rdbss - ok
11:19:22.0143 7236  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:19:22.0158 7236  rdpbus - ok
11:19:22.0158 7236  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:19:22.0190 7236  RDPCDD - ok
11:19:22.0205 7236  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:19:22.0205 7236  RDPDR - ok
11:19:22.0221 7236  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:19:22.0268 7236  RDPENCDD - ok
11:19:22.0299 7236  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:19:22.0314 7236  RDPREFMP - ok
11:19:22.0346 7236  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:19:22.0361 7236  RDPWD - ok
11:19:22.0392 7236  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:19:22.0408 7236  rdyboost - ok
11:19:22.0424 7236  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:19:22.0439 7236  RemoteAccess - ok
11:19:22.0455 7236  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:19:22.0486 7236  RemoteRegistry - ok
11:19:22.0533 7236  [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:19:22.0548 7236  RimUsb - ok
11:19:22.0626 7236  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:19:22.0642 7236  RoxMediaDB12OEM - ok
11:19:22.0658 7236  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:19:22.0658 7236  RoxWatch12 - ok
11:19:22.0689 7236  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:19:22.0720 7236  RpcEptMapper - ok
11:19:22.0751 7236  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:19:22.0782 7236  RpcLocator - ok
11:19:22.0814 7236  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:19:22.0845 7236  RpcSs - ok
11:19:22.0860 7236  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:19:22.0876 7236  rspndr - ok
11:19:22.0907 7236  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:19:22.0938 7236  s3cap - ok
11:19:22.0954 7236  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:19:22.0970 7236  SamSs - ok
11:19:22.0985 7236  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:19:23.0001 7236  sbp2port - ok
11:19:23.0016 7236  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:19:23.0063 7236  SCardSvr - ok
11:19:23.0079 7236  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:19:23.0141 7236  scfilter - ok
11:19:23.0172 7236  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:19:23.0188 7236  Schedule - ok
11:19:23.0219 7236  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:19:23.0235 7236  SCPolicySvc - ok
11:19:23.0250 7236  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:19:23.0282 7236  SDRSVC - ok
11:19:23.0313 7236  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:19:23.0360 7236  secdrv - ok
11:19:23.0375 7236  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:19:23.0391 7236  seclogon - ok
11:19:23.0422 7236  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:19:23.0484 7236  SENS - ok
11:19:23.0484 7236  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:19:23.0500 7236  SensrSvc - ok
11:19:23.0531 7236  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:19:23.0562 7236  Serenum - ok
11:19:23.0562 7236  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
11:19:23.0578 7236  Serial - ok
11:19:23.0609 7236  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:19:23.0640 7236  sermouse - ok
11:19:23.0672 7236  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:19:23.0718 7236  SessionEnv - ok
11:19:23.0718 7236  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:19:23.0734 7236  sffdisk - ok
11:19:23.0734 7236  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:19:23.0750 7236  sffp_mmc - ok
11:19:23.0750 7236  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:19:23.0765 7236  sffp_sd - ok
11:19:23.0781 7236  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:19:23.0796 7236  sfloppy - ok
11:19:23.0843 7236  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:19:23.0874 7236  SftService - ok
11:19:23.0906 7236  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:19:23.0968 7236  SharedAccess - ok
11:19:23.0968 7236  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:19:23.0999 7236  ShellHWDetection - ok
11:19:23.0999 7236  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:19:24.0015 7236  SiSRaid2 - ok
11:19:24.0015 7236  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:19:24.0015 7236  SiSRaid4 - ok
11:19:24.0077 7236  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:19:24.0093 7236  SkypeUpdate - ok
11:19:24.0108 7236  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:19:24.0140 7236  Smb - ok
11:19:24.0171 7236  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:19:24.0202 7236  SNMPTRAP - ok
11:19:24.0218 7236  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:19:24.0233 7236  spldr - ok
11:19:24.0280 7236  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:19:24.0311 7236  Spooler - ok
11:19:24.0389 7236  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:19:24.0483 7236  sppsvc - ok
11:19:24.0498 7236  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:19:24.0514 7236  sppuinotify - ok
11:19:24.0545 7236  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:19:24.0576 7236  srv - ok
11:19:24.0592 7236  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:19:24.0623 7236  srv2 - ok
11:19:24.0654 7236  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:19:24.0670 7236  srvnet - ok
11:19:24.0701 7236  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:19:24.0717 7236  SSDPSRV - ok
11:19:24.0732 7236  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:19:24.0764 7236  SstpSvc - ok
11:19:24.0779 7236  [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
11:19:24.0795 7236  ss_bus - ok
11:19:24.0810 7236  [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl         C:\Windows\system32\DRIVERS\ss_mdfl.sys
11:19:24.0826 7236  ss_mdfl - ok
11:19:24.0842 7236  [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
11:19:24.0842 7236  ss_mdm - ok
11:19:24.0873 7236  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:19:24.0888 7236  stexstor - ok
11:19:24.0920 7236  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:19:24.0951 7236  stisvc - ok
11:19:24.0982 7236  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:19:24.0982 7236  stllssvr - ok
11:19:24.0998 7236  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
11:19:25.0013 7236  StorSvc - ok
11:19:25.0044 7236  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:19:25.0060 7236  storvsc - ok
11:19:25.0076 7236  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:19:25.0091 7236  swenum - ok
11:19:25.0107 7236  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:19:25.0154 7236  swprv - ok
11:19:25.0154 7236  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
11:19:25.0185 7236  SynthVid - ok
11:19:25.0232 7236  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:19:25.0278 7236  SysMain - ok
11:19:25.0294 7236  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:19:25.0310 7236  TabletInputService - ok
11:19:25.0310 7236  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:19:25.0372 7236  TapiSrv - ok
11:19:25.0388 7236  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:19:25.0403 7236  TBS - ok
11:19:25.0450 7236  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:19:25.0481 7236  Tcpip - ok
11:19:25.0528 7236  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:19:25.0559 7236  TCPIP6 - ok
11:19:25.0575 7236  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:19:25.0575 7236  tcpipreg - ok
11:19:25.0606 7236  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:19:25.0622 7236  TDPIPE - ok
11:19:25.0653 7236  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:19:25.0668 7236  TDTCP - ok
11:19:25.0684 7236  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:19:25.0731 7236  tdx - ok
11:19:25.0731 7236  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:19:25.0746 7236  TermDD - ok
11:19:25.0746 7236  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:19:25.0793 7236  TermService - ok
11:19:25.0809 7236  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:19:25.0840 7236  Themes - ok
11:19:25.0871 7236  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:19:25.0887 7236  THREADORDER - ok
11:19:25.0902 7236  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:19:25.0934 7236  TrkWks - ok
11:19:25.0980 7236  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:19:26.0012 7236  TrustedInstaller - ok
11:19:26.0012 7236  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:19:26.0043 7236  tssecsrv - ok
11:19:26.0058 7236  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:19:26.0058 7236  TsUsbFlt - ok
11:19:26.0058 7236  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:19:26.0074 7236  TsUsbGD - ok
11:19:26.0090 7236  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:19:26.0152 7236  tunnel - ok
11:19:26.0168 7236  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:19:26.0168 7236  uagp35 - ok
11:19:26.0183 7236  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:19:26.0246 7236  udfs - ok
11:19:26.0261 7236  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:19:26.0292 7236  UI0Detect - ok
11:19:26.0308 7236  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:19:26.0324 7236  uliagpkx - ok
11:19:26.0355 7236  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:19:26.0370 7236  umbus - ok
11:19:26.0386 7236  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:19:26.0417 7236  UmPass - ok
11:19:26.0464 7236  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
11:19:26.0495 7236  UmRdpService - ok
11:19:26.0511 7236  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:19:26.0573 7236  upnphost - ok
11:19:26.0604 7236  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:19:26.0651 7236  usbaudio - ok
11:19:26.0682 7236  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:19:26.0714 7236  usbccgp - ok
11:19:26.0714 7236  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:19:26.0729 7236  usbcir - ok
11:19:26.0745 7236  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:19:26.0776 7236  usbehci - ok
11:19:26.0807 7236  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:19:26.0838 7236  usbhub - ok
11:19:26.0870 7236  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:19:26.0885 7236  usbohci - ok
11:19:26.0916 7236  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:19:26.0948 7236  usbprint - ok
11:19:26.0994 7236  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:19:27.0026 7236  usbscan - ok
11:19:27.0026 7236  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:19:27.0057 7236  USBSTOR - ok
11:19:27.0088 7236  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:19:27.0119 7236  usbuhci - ok
11:19:27.0150 7236  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:19:27.0182 7236  UxSms - ok
11:19:27.0197 7236  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:19:27.0213 7236  VaultSvc - ok
11:19:27.0213 7236  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:19:27.0213 7236  vdrvroot - ok
11:19:27.0228 7236  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:19:27.0291 7236  vds - ok
11:19:27.0306 7236  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:19:27.0322 7236  vga - ok
11:19:27.0338 7236  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:19:27.0353 7236  VgaSave - ok
11:19:27.0369 7236  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:19:27.0369 7236  vhdmp - ok
11:19:27.0384 7236  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:19:27.0384 7236  viaide - ok
11:19:27.0400 7236  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:19:27.0416 7236  VMBusHID - ok
11:19:27.0431 7236  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:19:27.0431 7236  volmgr - ok
11:19:27.0447 7236  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:19:27.0462 7236  volmgrx - ok
11:19:27.0462 7236  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:19:27.0478 7236  volsnap - ok
11:19:27.0494 7236  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:19:27.0494 7236  vsmraid - ok
11:19:27.0525 7236  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:19:27.0603 7236  VSS - ok
11:19:27.0696 7236  [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
11:19:27.0728 7236  vToolbarUpdater14.2.0 - ok
11:19:27.0743 7236  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:19:27.0774 7236  vwifibus - ok
11:19:27.0790 7236  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:19:27.0837 7236  vwififlt - ok
11:19:27.0852 7236  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:19:27.0899 7236  W32Time - ok
11:19:27.0899 7236  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:19:27.0915 7236  WacomPen - ok
11:19:27.0946 7236  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:19:28.0008 7236  WANARP - ok
11:19:28.0024 7236  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:19:28.0071 7236  Wanarpv6 - ok
11:19:28.0102 7236  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:19:28.0164 7236  wbengine - ok
11:19:28.0196 7236  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:19:28.0211 7236  WbioSrvc - ok
11:19:28.0258 7236  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:19:28.0305 7236  wcncsvc - ok
11:19:28.0320 7236  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:19:28.0352 7236  WcsPlugInService - ok
11:19:28.0352 7236  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
11:19:28.0367 7236  Wd - ok
11:19:28.0398 7236  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:19:28.0430 7236  Wdf01000 - ok
11:19:28.0430 7236  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:19:28.0508 7236  WdiServiceHost - ok
11:19:28.0508 7236  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:19:28.0539 7236  WdiSystemHost - ok
11:19:28.0554 7236  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:19:28.0586 7236  WebClient - ok
11:19:28.0617 7236  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:19:28.0679 7236  Wecsvc - ok
11:19:28.0695 7236  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:19:28.0757 7236  wercplsupport - ok
11:19:28.0773 7236  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:19:28.0820 7236  WerSvc - ok
11:19:28.0835 7236  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:19:28.0851 7236  WfpLwf - ok
11:19:28.0882 7236  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
11:19:28.0882 7236  WimFltr - ok
11:19:28.0898 7236  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:19:28.0898 7236  WIMMount - ok
11:19:28.0929 7236  WinDefend - ok
11:19:28.0929 7236  WinHttpAutoProxySvc - ok
11:19:28.0976 7236  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:19:29.0007 7236  Winmgmt - ok
11:19:29.0054 7236  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:19:29.0116 7236  WinRM - ok
11:19:29.0147 7236  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:19:29.0163 7236  WinUsb - ok
11:19:29.0194 7236  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:19:29.0241 7236  Wlansvc - ok
11:19:29.0288 7236  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:19:29.0303 7236  wlcrasvc - ok
11:19:29.0381 7236  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:19:29.0412 7236  wlidsvc - ok
11:19:29.0428 7236  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:19:29.0444 7236  WmiAcpi - ok
11:19:29.0459 7236  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:19:29.0490 7236  wmiApSrv - ok
11:19:29.0522 7236  WMPNetworkSvc - ok
11:19:29.0537 7236  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:19:29.0553 7236  WPCSvc - ok
11:19:29.0568 7236  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:19:29.0584 7236  WPDBusEnum - ok
11:19:29.0600 7236  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:19:29.0615 7236  ws2ifsl - ok
11:19:29.0631 7236  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:19:29.0646 7236  wscsvc - ok
11:19:29.0662 7236  WSearch - ok
11:19:29.0740 7236  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:19:29.0818 7236  wuauserv - ok
11:19:29.0849 7236  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:19:29.0865 7236  WudfPf - ok
11:19:29.0896 7236  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:19:29.0927 7236  WUDFRd - ok
11:19:29.0958 7236  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:19:29.0990 7236  wudfsvc - ok
11:19:30.0036 7236  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:19:30.0052 7236  WwanSvc - ok
11:19:30.0083 7236  ================ Scan global ===============================
11:19:30.0114 7236  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:19:30.0146 7236  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:19:30.0146 7236  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:19:30.0177 7236  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:19:30.0192 7236  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:19:30.0192 7236  [Global] - ok
11:19:30.0192 7236  ================ Scan MBR ==================================
11:19:30.0208 7236  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:19:30.0473 7236  \Device\Harddisk0\DR0 - ok
11:19:30.0473 7236  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
11:19:30.0988 7236  \Device\Harddisk1\DR1 - ok
11:19:30.0988 7236  ================ Scan VBR ==================================
11:19:31.0004 7236  [ 09902DB6AAF6FC129F0D66A8AF3DB3A9 ] \Device\Harddisk0\DR0\Partition1
11:19:31.0004 7236  \Device\Harddisk0\DR0\Partition1 - ok
11:19:31.0019 7236  [ A60809C4F5D49DA5FB41B63DFFBA5BE1 ] \Device\Harddisk0\DR0\Partition2
11:19:31.0019 7236  \Device\Harddisk0\DR0\Partition2 - ok
11:19:31.0019 7236  [ 9EF86E395D1230C6140FD15EFE0B7948 ] \Device\Harddisk1\DR1\Partition1
11:19:31.0019 7236  \Device\Harddisk1\DR1\Partition1 - ok
11:19:31.0019 7236  ============================================================
11:19:31.0019 7236  Scan finished
11:19:31.0019 7236  ============================================================
11:19:31.0035 7508  Detected object count: 5
11:19:31.0035 7508  Actual detected object count: 5
11:20:12.0297 7508  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0297 7508  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:20:12.0297 7508  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0297 7508  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:20:12.0297 7508  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0297 7508  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:20:12.0312 7508  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0312 7508  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:20:12.0312 7508  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0312 7508  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Danke

Antwort

Themen zu BKA - Paysafe Virus, Windows 7 gesperrt
aufforderung, defogger, ellung, folge, folgende, gefunde, gesperrt, gmer, heute, hoffe, infiziert, laptop, logfiles, nicht mehr, programme, rechner, runtergeladen, schaf, systemwiederherstellung, usb-stick, virus, vorhanden, win 7, windows, windows 7



Ähnliche Themen: BKA - Paysafe Virus, Windows 7 gesperrt


  1. Paysafe Win 7, PC gesperrt
    Log-Analyse und Auswertung - 08.11.2014 (1)
  2. Trojaner/Virus, Firefoxfenster lässt sich nicht Schliessen "Ihr Browser hat gesperrt", Bundespolizei, Paysafe Card
    Log-Analyse und Auswertung - 07.01.2014 (10)
  3. Windows 7 Ultimate 64bit: Ihr Browser hat gesperrt...Paysafe usw.
    Log-Analyse und Auswertung - 25.10.2013 (9)
  4. Bundes Trojaner - 100 € PaySafe - PC gesperrt!
    Log-Analyse und Auswertung - 12.07.2013 (11)
  5. Bundesamt-Trojaner, Windows durch weißen Bildschirm gesperrt, 100€ Paysafe
    Log-Analyse und Auswertung - 22.04.2013 (1)
  6. BKA - Paysafe Virus, Windows 7 gesperrt
    Log-Analyse und Auswertung - 03.04.2013 (9)
  7. Computer gesperrt - Paysafe-Card Virus - keine Aktion möglich
    Plagegeister aller Art und deren Bekämpfung - 26.02.2013 (29)
  8. Virus: Rechner gesperrt 100 Euro via paysafe zahlen ...
    Plagegeister aller Art und deren Bekämpfung - 25.02.2013 (9)
  9. 100 Euro Paysafe Virus / Computer gesperrt
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (13)
  10. Computer gesperrt bei Netzverbindung 100EUR Paysafe
    Log-Analyse und Auswertung - 13.01.2013 (15)
  11. PC war gesperrt ucash und paysafe nachricht
    Log-Analyse und Auswertung - 29.12.2012 (5)
  12. paysafe-virus blockiert windows!
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (6)
  13. AKM/BMI €50 Paysafe-trojaner (PC-Zugriff gesperrt)
    Plagegeister aller Art und deren Bekämpfung - 22.03.2012 (11)
  14. Trojaner 50 € Paysafe // Windows gesperrt
    Log-Analyse und Auswertung - 21.03.2012 (3)
  15. Bildschirm gesperrt - Paysafe-Trojaner
    Log-Analyse und Auswertung - 02.02.2012 (3)
  16. Windows Security Center Virus, mit Zahlungsaufforderung von 100 Euro via U-Cash/Paysafe
    Log-Analyse und Auswertung - 02.02.2012 (5)
  17. Trojaner. System aus Sicherheitsgründen gesperrt. Paysafe
    Log-Analyse und Auswertung - 03.01.2012 (5)

Zum Thema BKA - Paysafe Virus, Windows 7 gesperrt - Hallo, Bei meinem Rechner hat sich heute ein Virus eingeschlichen. Es kam eine Paysave aufforderung von 100€. Nun lässt sich Windows 7 nicht mehr Hochfahren. Bevor ich euch gefunden habe, - BKA - Paysafe Virus, Windows 7 gesperrt...
Archiv
Du betrachtest: BKA - Paysafe Virus, Windows 7 gesperrt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.