Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Habe ich einen Virus ?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.05.2013, 20:45   #1
joerg69
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Hallo,

leider hat meine Freundin aus dem Netz eine Datei video.exe angeklickt.
Die Seite war nicht wirklich vertrauenswürdig.
Wir haben auf Ihrem PC zwar noch keine Probleme, jedoch würde ich euch bitten, mal einen Blick auf die Logs zu werfen.

Ich danke schon mal im Voraus

LG

Jörg
Angehängte Dateien
Dateityp: log gmer_log.log (555 Bytes, 122x aufgerufen)
Dateityp: txt Extras.Txt (84,8 KB, 135x aufgerufen)

Alt 16.05.2013, 22:22   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Hallo,

Zitat:
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Warum hast du eine Professional-Edition von Windows, brauchst du das als Heimanwender?
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?
__________________

__________________

Alt 17.05.2013, 06:13   #3
joerg69
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Hallo,

war auf dem Acer Laptop installiert. Wir haben zu Hause aber auch ein kleines Netzwerk.

LG

Jörg
__________________

Alt 17.05.2013, 06:54   #4
joerg69
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Malewarebytes hat etwas gefunden. Die Datei video.exe, unt diese wurde entfernt.

Siehe Log

Ist der PC jetz wieder sauber ?

Danke!

Lg

Jörg
Angehängte Dateien
Dateityp: txt mbam-log-2013-05-16 (22-49-42).txt (2,2 KB, 131x aufgerufen)

Alt 17.05.2013, 10:40   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.05.2013, 12:44   #6
joerg69
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Hier das Log:

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-05-16.02 - Sandra 17.05.2013  13:21:26.1.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.2973.1542 [GMT 2:00]
ausgeführt von:: c:\users\Sandra\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\Sandra\AppData\Roaming\MfKLNPvLp.exe
c:\users\Sandra\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Sandra\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\windows\security\Database\tmp.edb
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-17 bis 2013-05-17  ))))))))))))))))))))))))))))))
.
.
2013-05-17 11:28 . 2013-05-17 11:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-17 11:16 . 2013-05-17 11:16	29904	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys
2013-05-17 09:51 . 2012-06-11 16:53	770384	----a-w-	c:\program files\Mozilla Firefox\updated\msvcr100.dll
2013-05-17 09:51 . 2012-06-11 16:53	421200	----a-w-	c:\program files\Mozilla Firefox\updated\msvcp100.dll
2013-05-17 09:51 . 2013-05-17 09:52	920472	----a-w-	c:\program files\Mozilla Firefox\updated\firefox.exe
2013-05-17 09:51 . 2013-05-17 09:52	74136	----a-w-	c:\program files\Mozilla Firefox\updated\breakpadinjector.dll
2013-05-17 09:51 . 2013-05-17 09:52	279448	----a-w-	c:\program files\Mozilla Firefox\updated\freebl3.dll
2013-05-17 09:51 . 2013-05-17 09:52	19352	----a-w-	c:\program files\Mozilla Firefox\updated\AccessibleMarshal.dll
2013-05-17 09:51 . 2013-05-17 09:52	116120	----a-w-	c:\program files\Mozilla Firefox\updated\crashreporter.exe
2013-05-17 09:51 . 2012-03-28 12:46	2106216	----a-w-	c:\program files\Mozilla Firefox\updated\D3DCompiler_43.dll
2013-05-17 09:51 . 2012-01-23 14:17	143360	----a-w-	c:\program files\Mozilla Firefox\updated\BabyFox.dll
2013-05-17 05:50 . 2013-05-17 05:50	--------	d-----w-	c:\program files\Common Files\Java
2013-05-17 05:19 . 2013-04-04 03:35	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-05-16 14:24 . 2013-05-13 06:19	7016152	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\mpengine.dll
2013-05-15 13:57 . 2013-05-05 19:12	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2013-05-15 11:28 . 2013-04-10 03:14	2347520	----a-w-	c:\windows\system32\win32k.sys
2013-05-15 11:28 . 2013-04-10 05:18	728424	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 11:28 . 2013-03-19 04:53	186368	----a-w-	c:\windows\system32\wwansvc.dll
2013-05-15 11:28 . 2013-03-19 03:33	40960	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-05-15 11:28 . 2013-04-10 05:18	218984	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 11:27 . 2013-02-27 05:05	101720	----a-w-	c:\windows\system32\consent.exe
2013-05-15 11:27 . 2013-02-27 04:49	1796096	----a-w-	c:\windows\system32\authui.dll
2013-05-15 11:27 . 2013-02-27 04:49	47104	----a-w-	c:\windows\system32\appinfo.dll
2013-05-14 19:58 . 2013-05-13 06:19	7016152	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-29 18:06 . 2013-04-29 18:06	--------	d-----w-	c:\windows\system32\SupportAppXL
2013-04-29 18:06 . 2013-04-29 18:12	--------	d-----w-	c:\program files\MODEM Mobiler Anschluss
2013-04-24 12:28 . 2013-04-24 12:27	706640	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{951A51F1-628D-4EFA-887F-0E28A1C4EC9C}\gapaengine.dll
2013-04-24 12:22 . 2013-04-12 13:45	1211752	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-18 20:13 . 2013-04-10 03:08	6906960	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine(2).dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-14 19:56 . 2012-05-18 19:16	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-05-14 19:56 . 2012-01-20 19:51	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-06 15:57 . 2013-01-17 14:02	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-05-02 15:28 . 2011-11-05 10:01	238872	------w-	c:\windows\system32\MpSigStub.exe
2013-04-25 08:50 . 2012-11-14 13:06	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-04-13 04:45 . 2013-05-15 11:28	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 11:28	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-04 12:50 . 2013-03-08 14:59	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-03-19 05:04 . 2013-04-10 09:18	3968856	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 09:18	3913560	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 09:18	38912	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 09:18	69632	----a-w-	c:\windows\system32\smss.exe
2013-03-08 18:21 . 2012-11-09 20:16	861088	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-03-08 18:21 . 2012-11-09 20:16	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-02-18 16:33 . 2013-02-18 16:33	53248	----a-r-	c:\users\Sandra\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-04-12 16:40 . 2013-04-12 16:39	263064	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="c:\program files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe" [2009-12-31 110592]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-10 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2009-07-20 484920]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-09-24 825864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-17 1565992]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-26 698912]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-09-15 206208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"DataCardMonitor"="c:\program files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe" [2012-01-06 253952]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2010-4-10 704032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 KinoniSvc;Kinoni Service;c:\program files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\McSACore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 MpKslf7f30ce2;MpKslf7f30ce2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NETw5s32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 32-Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSLF7F30CE2
*Deregistered* - BMLoad
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 23:36	1642448	----a-w-	c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-18 19:56]
.
2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-05 10:12]
.
2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-05 10:12]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=extensa_5635&r=27051111d506l0473z2i5i5741u495
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.10
TCP: Interfaces\{0055F8EE-D9A6-4CD6-986E-2B6E60A99052}: NameServer = 213.162.69.169 213.162.69.170
TCP: Interfaces\{5A8D70E7-C4E4-44C2-A11D-61244551D09F}: NameServer = 8.8.8.8,208.67.222.222
FF - ProfilePath - c:\users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\wla9cndx.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SiteRanker - c:\program files\SiteRanker\SiteRankTray.exe
AddRemove-{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1 - c:\program files\SiteRanker\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-17  13:30:09
ComboFix-quarantined-files.txt  2013-05-17 11:30
.
Vor Suchlauf: 9 Verzeichnis(se), 98.124.234.752 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 102.007.644.160 Bytes frei
.
- - End Of File - - F5805D7B99E8DC67C7E414532978B4DC
         
--- --- ---

Danke!

LG

Jörg

Alt 17.05.2013, 13:14   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten


MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.05.2013, 14:05   #8
joerg69
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



hier der Logfile von aswMBR:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-17 14:45:05
-----------------------------
14:45:05.431 OS Version: Windows 6.1.7601 Service Pack 1
14:45:05.432 Number of processors: 2 586 0x170A
14:45:05.434 ComputerName: SANDRA-PC UserName: Sandra
14:45:06.322 Initialize success
14:47:04.208 AVAST engine defs: 13051700
14:47:17.523 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:47:17.533 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
14:47:17.673 Disk 0 MBR read successfully
14:47:17.673 Disk 0 MBR scan
14:47:17.693 Disk 0 Windows 7 default MBR code
14:47:17.703 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 24576 MB offset 2048
14:47:17.733 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 50333696
14:47:17.763 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 142279 MB offset 50538496
14:47:17.803 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 138288 MB offset 341925888
14:47:17.823 Disk 0 scanning sectors +625139712
14:47:18.023 Disk 0 scanning C:\Windows\system32\drivers
14:47:38.716 Service scanning
14:48:02.006 Service MpKslf7f30ce2 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys **LOCKED** 32
14:48:40.735 Modules scanning
14:49:10.341 Disk 0 trace - called modules:
14:49:10.361 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
14:49:10.361 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86849030]
14:49:10.371 3 CLASSPNP.SYS[8b38c59e] -> nt!IofCallDriver -> [0x85e4e630]
14:49:10.371 5 ACPI.sys[8acb83d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85a1e028]
14:49:11.351 AVAST engine scan C:\Windows
14:49:16.465 AVAST engine scan C:\Windows\system32
14:54:32.277 AVAST engine scan C:\Windows\system32\drivers
14:55:01.574 AVAST engine scan C:\Users\Sandra
14:58:44.721 Disk 0 MBR has been saved successfully to "C:\Users\Sandra\Desktop\MBR.dat"
14:58:44.733 The log file has been saved successfully to "C:\Users\Sandra\Desktop\aswMBR.txt"


die anderen Beiden haben nichts gefunden.

Danke!

LG

Jörg

Alt 17.05.2013, 14:13   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Bitte meine Anleitungen richtig lesen!
Die Logs sollten immer gepostet werden und das auch in CODE-Tags!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.05.2013, 14:44   #10
joerg69
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



sorry ....
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.17.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Sandra :: SANDRA-PC [administrator]

17.05.2013 14:36:55
mbar-log-2013-05-17 (14-36-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 29360
Time elapsed: 11 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-17 14:45:05
-----------------------------
14:45:05.431    OS Version: Windows 6.1.7601 Service Pack 1
14:45:05.432    Number of processors: 2 586 0x170A
14:45:05.434    ComputerName: SANDRA-PC  UserName: Sandra
14:45:06.322    Initialize success
14:47:04.208    AVAST engine defs: 13051700
14:47:17.523    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:47:17.533    Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
14:47:17.673    Disk 0 MBR read successfully
14:47:17.673    Disk 0 MBR scan
14:47:17.693    Disk 0 Windows 7 default MBR code
14:47:17.703    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        24576 MB offset 2048
14:47:17.733    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 50333696
14:47:17.763    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       142279 MB offset 50538496
14:47:17.803    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       138288 MB offset 341925888
14:47:17.823    Disk 0 scanning sectors +625139712
14:47:18.023    Disk 0 scanning C:\Windows\system32\drivers
14:47:38.716    Service scanning
14:48:02.006    Service MpKslf7f30ce2 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys **LOCKED** 32
14:48:40.735    Modules scanning
14:49:10.341    Disk 0 trace - called modules:
14:49:10.361    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys 
14:49:10.361    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86849030]
14:49:10.371    3 CLASSPNP.SYS[8b38c59e] -> nt!IofCallDriver -> [0x85e4e630]
14:49:10.371    5 ACPI.sys[8acb83d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85a1e028]
14:49:11.351    AVAST engine scan C:\Windows
14:49:16.465    AVAST engine scan C:\Windows\system32
14:54:32.277    AVAST engine scan C:\Windows\system32\drivers
14:55:01.574    AVAST engine scan C:\Users\Sandra
14:58:44.721    Disk 0 MBR has been saved successfully to "C:\Users\Sandra\Desktop\MBR.dat"
14:58:44.733    The log file has been saved successfully to "C:\Users\Sandra\Desktop\aswMBR.txt"
         
Code:
ATTFilter
15:42:12.0142 4944  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:42:12.0312 4944  ============================================================
15:42:12.0312 4944  Current date / time: 2013/05/17 15:42:12.0312
15:42:12.0312 4944  SystemInfo:
15:42:12.0312 4944  
15:42:12.0312 4944  OS Version: 6.1.7601 ServicePack: 1.0
15:42:12.0312 4944  Product type: Workstation
15:42:12.0312 4944  ComputerName: SANDRA-PC
15:42:12.0313 4944  UserName: Sandra
15:42:12.0313 4944  Windows directory: C:\Windows
15:42:12.0313 4944  System windows directory: C:\Windows
15:42:12.0313 4944  Processor architecture: Intel x86
15:42:12.0313 4944  Number of processors: 2
15:42:12.0313 4944  Page size: 0x1000
15:42:12.0313 4944  Boot type: Normal boot
15:42:12.0313 4944  ============================================================
15:42:13.0170 4944  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:42:13.0184 4944  ============================================================
15:42:13.0184 4944  \Device\Harddisk0\DR0:
15:42:13.0185 4944  MBR partitions:
15:42:13.0185 4944  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3000800, BlocksNum 0x32000
15:42:13.0185 4944  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3032800, BlocksNum 0x115E3800
15:42:13.0185 4944  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x14616000, BlocksNum 0x10E18000
15:42:13.0185 4944  ============================================================
15:42:13.0215 4944  C: <-> \Device\Harddisk0\DR0\Partition2
15:42:13.0252 4944  D: <-> \Device\Harddisk0\DR0\Partition3
15:42:13.0252 4944  ============================================================
15:42:13.0253 4944  Initialize success
15:42:13.0253 4944  ============================================================
15:42:16.0495 7724  ============================================================
15:42:16.0495 7724  Scan started
15:42:16.0495 7724  Mode: Manual; 
15:42:16.0495 7724  ============================================================
15:42:16.0871 7724  ================ Scan system memory ========================
15:42:16.0872 7724  System memory - ok
15:42:16.0872 7724  ================ Scan services =============================
15:42:17.0084 7724  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:42:17.0086 7724  1394ohci - ok
15:42:17.0151 7724  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:42:17.0154 7724  ACPI - ok
15:42:17.0208 7724  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:42:17.0209 7724  AcpiPmi - ok
15:42:17.0322 7724  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:42:17.0324 7724  AdobeARMservice - ok
15:42:17.0427 7724  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:42:17.0431 7724  AdobeFlashPlayerUpdateSvc - ok
15:42:17.0487 7724  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:42:17.0492 7724  adp94xx - ok
15:42:17.0530 7724  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:42:17.0533 7724  adpahci - ok
15:42:17.0549 7724  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:42:17.0551 7724  adpu320 - ok
15:42:17.0588 7724  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:42:17.0589 7724  AeLookupSvc - ok
15:42:17.0630 7724  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
15:42:17.0634 7724  AFD - ok
15:42:17.0668 7724  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
15:42:17.0669 7724  agp440 - ok
15:42:17.0708 7724  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
15:42:17.0710 7724  aic78xx - ok
15:42:17.0750 7724  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
15:42:17.0751 7724  ALG - ok
15:42:17.0797 7724  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:42:17.0798 7724  aliide - ok
15:42:17.0815 7724  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:42:17.0816 7724  amdagp - ok
15:42:17.0834 7724  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:42:17.0835 7724  amdide - ok
15:42:17.0865 7724  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:42:17.0866 7724  AmdK8 - ok
15:42:17.0880 7724  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:42:17.0881 7724  AmdPPM - ok
15:42:17.0929 7724  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:42:17.0929 7724  amdsata - ok
15:42:17.0968 7724  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:42:17.0970 7724  amdsbs - ok
15:42:17.0984 7724  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:42:17.0984 7724  amdxata - ok
15:42:18.0026 7724  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
15:42:18.0027 7724  AppID - ok
15:42:18.0080 7724  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:42:18.0082 7724  AppIDSvc - ok
15:42:18.0113 7724  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
15:42:18.0113 7724  Appinfo - ok
15:42:18.0190 7724  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:42:18.0191 7724  Apple Mobile Device - ok
15:42:18.0239 7724  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:42:18.0240 7724  AppMgmt - ok
15:42:18.0282 7724  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:42:18.0283 7724  arc - ok
15:42:18.0292 7724  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:42:18.0293 7724  arcsas - ok
15:42:18.0414 7724  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:42:18.0415 7724  aspnet_state - ok
15:42:18.0435 7724  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:42:18.0436 7724  AsyncMac - ok
15:42:18.0495 7724  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
15:42:18.0496 7724  atapi - ok
15:42:18.0566 7724  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:42:18.0571 7724  AudioEndpointBuilder - ok
15:42:18.0599 7724  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:42:18.0604 7724  Audiosrv - ok
15:42:18.0668 7724  [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
15:42:18.0669 7724  avgtp - ok
15:42:18.0712 7724  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:42:18.0714 7724  AxInstSV - ok
15:42:18.0771 7724  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
15:42:18.0776 7724  b06bdrv - ok
15:42:18.0814 7724  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:42:18.0817 7724  b57nd60x - ok
15:42:18.0898 7724  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
15:42:18.0899 7724  BcmSqlStartupSvc - ok
15:42:18.0942 7724  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:42:18.0944 7724  BDESVC - ok
15:42:18.0980 7724  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:42:18.0981 7724  Beep - ok
15:42:19.0055 7724  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
15:42:19.0061 7724  BFE - ok
15:42:19.0113 7724  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
15:42:19.0122 7724  BITS - ok
15:42:19.0149 7724  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:42:19.0150 7724  blbdrive - ok
15:42:19.0188 7724  [ D002033C1A37F6AF51B5F0BA6D0211BC ] BMLoad          C:\Windows\system32\drivers\BMLoad.sys
15:42:19.0189 7724  BMLoad - ok
15:42:19.0261 7724  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:42:19.0265 7724  Bonjour Service - ok
15:42:19.0296 7724  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:42:19.0297 7724  bowser - ok
15:42:19.0314 7724  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:42:19.0315 7724  BrFiltLo - ok
15:42:19.0325 7724  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:42:19.0326 7724  BrFiltUp - ok
15:42:19.0365 7724  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:42:19.0367 7724  BridgeMP - ok
15:42:19.0410 7724  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
15:42:19.0412 7724  Browser - ok
15:42:19.0444 7724  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:42:19.0448 7724  Brserid - ok
15:42:19.0461 7724  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:42:19.0463 7724  BrSerWdm - ok
15:42:19.0482 7724  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:42:19.0483 7724  BrUsbMdm - ok
15:42:19.0501 7724  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:42:19.0502 7724  BrUsbSer - ok
15:42:19.0521 7724  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:42:19.0522 7724  BTHMODEM - ok
15:42:19.0567 7724  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
15:42:19.0568 7724  bthserv - ok
15:42:19.0837 7724  catchme - ok
15:42:19.0994 7724  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:42:19.0996 7724  cdfs - ok
15:42:20.0044 7724  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:42:20.0046 7724  cdrom - ok
15:42:20.0089 7724  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:42:20.0091 7724  CertPropSvc - ok
15:42:20.0106 7724  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:42:20.0107 7724  circlass - ok
15:42:20.0133 7724  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
15:42:20.0135 7724  CLFS - ok
15:42:20.0256 7724  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:42:20.0258 7724  clr_optimization_v2.0.50727_32 - ok
15:42:20.0354 7724  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:42:20.0356 7724  clr_optimization_v4.0.30319_32 - ok
15:42:20.0382 7724  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:42:20.0383 7724  CmBatt - ok
15:42:20.0417 7724  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:42:20.0418 7724  cmdide - ok
15:42:20.0454 7724  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:42:20.0458 7724  CNG - ok
15:42:20.0536 7724  [ 720A32C2D7BE2F21C1213A2EC9C16CDD ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
15:42:20.0541 7724  CnxtHdAudService - ok
15:42:20.0582 7724  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:42:20.0583 7724  Compbatt - ok
15:42:20.0632 7724  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:42:20.0633 7724  CompositeBus - ok
15:42:20.0647 7724  COMSysApp - ok
15:42:20.0672 7724  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:42:20.0672 7724  crcdisk - ok
15:42:20.0710 7724  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:42:20.0711 7724  CryptSvc - ok
15:42:20.0747 7724  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
15:42:20.0752 7724  CSC - ok
15:42:20.0801 7724  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
15:42:20.0805 7724  CscService - ok
15:42:20.0828 7724  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:42:20.0832 7724  DcomLaunch - ok
15:42:20.0861 7724  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:42:20.0863 7724  defragsvc - ok
15:42:20.0912 7724  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:42:20.0912 7724  DfsC - ok
15:42:20.0969 7724  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:42:20.0971 7724  Dhcp - ok
15:42:20.0994 7724  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
15:42:20.0995 7724  discache - ok
15:42:21.0025 7724  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:42:21.0026 7724  Disk - ok
15:42:21.0081 7724  [ C701324C9E0C25DD9D60311BD87FBC84 ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
15:42:21.0082 7724  DKbFltr - ok
15:42:21.0119 7724  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:42:21.0121 7724  Dnscache - ok
15:42:21.0164 7724  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:42:21.0167 7724  dot3svc - ok
15:42:21.0209 7724  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
15:42:21.0211 7724  DPS - ok
15:42:21.0241 7724  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:42:21.0242 7724  drmkaud - ok
15:42:21.0296 7724  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:42:21.0302 7724  DXGKrnl - ok
15:42:21.0330 7724  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
15:42:21.0332 7724  EapHost - ok
15:42:21.0421 7724  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
15:42:21.0443 7724  ebdrv - ok
15:42:21.0488 7724  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
15:42:21.0490 7724  EFS - ok
15:42:21.0565 7724  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:42:21.0571 7724  ehRecvr - ok
15:42:21.0612 7724  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
15:42:21.0613 7724  ehSched - ok
15:42:21.0683 7724  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:42:21.0688 7724  elxstor - ok
15:42:21.0773 7724  [ C8505E1FD7FC441B933D3B0C29EE0F5D ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:42:21.0779 7724  ePowerSvc - ok
15:42:21.0804 7724  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:42:21.0805 7724  ErrDev - ok
15:42:21.0855 7724  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
15:42:21.0858 7724  EventSystem - ok
15:42:21.0931 7724  [ 7C18A6C99F4119D361A5CA028E788648 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
15:42:21.0934 7724  ewusbnet - ok
15:42:21.0954 7724  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
15:42:21.0957 7724  exfat - ok
15:42:21.0984 7724  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:42:21.0987 7724  fastfat - ok
15:42:22.0049 7724  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
15:42:22.0059 7724  Fax - ok
15:42:22.0072 7724  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:42:22.0073 7724  fdc - ok
15:42:22.0102 7724  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
15:42:22.0103 7724  fdPHost - ok
15:42:22.0114 7724  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
15:42:22.0116 7724  FDResPub - ok
15:42:22.0141 7724  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:42:22.0142 7724  FileInfo - ok
15:42:22.0158 7724  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:42:22.0159 7724  Filetrace - ok
15:42:22.0290 7724  [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
15:42:22.0305 7724  FirebirdServerMAGIXInstance - ok
15:42:22.0342 7724  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:42:22.0342 7724  flpydisk - ok
15:42:22.0376 7724  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:42:22.0378 7724  FltMgr - ok
15:42:22.0435 7724  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
15:42:22.0445 7724  FontCache - ok
15:42:22.0497 7724  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:42:22.0498 7724  FontCache3.0.0.0 - ok
15:42:22.0518 7724  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:42:22.0519 7724  FsDepends - ok
15:42:22.0553 7724  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:42:22.0554 7724  Fs_Rec - ok
15:42:22.0611 7724  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:42:22.0613 7724  fvevol - ok
15:42:22.0660 7724  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:42:22.0661 7724  gagp30kx - ok
15:42:22.0695 7724  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:42:22.0695 7724  GEARAspiWDM - ok
15:42:22.0746 7724  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:42:22.0752 7724  gpsvc - ok
15:42:22.0822 7724  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files\Acer\Registration\GREGsvc.exe
15:42:22.0822 7724  GREGService - ok
15:42:22.0881 7724  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
15:42:22.0883 7724  gupdate - ok
15:42:22.0902 7724  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
15:42:22.0904 7724  gupdatem - ok
15:42:22.0984 7724  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:42:22.0987 7724  gusvc - ok
15:42:23.0014 7724  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:42:23.0015 7724  hcw85cir - ok
15:42:23.0067 7724  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:42:23.0070 7724  HdAudAddService - ok
15:42:23.0102 7724  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:42:23.0104 7724  HDAudBus - ok
15:42:23.0123 7724  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:42:23.0124 7724  HidBatt - ok
15:42:23.0147 7724  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:42:23.0148 7724  HidBth - ok
15:42:23.0176 7724  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:42:23.0176 7724  HidIr - ok
15:42:23.0221 7724  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
15:42:23.0222 7724  hidserv - ok
15:42:23.0285 7724  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:42:23.0286 7724  HidUsb - ok
15:42:23.0320 7724  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:42:23.0322 7724  hkmsvc - ok
15:42:23.0353 7724  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:42:23.0356 7724  HomeGroupListener - ok
15:42:23.0394 7724  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:42:23.0397 7724  HomeGroupProvider - ok
15:42:23.0429 7724  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:42:23.0430 7724  HpSAMD - ok
15:42:23.0483 7724  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:42:23.0486 7724  HTTP - ok
15:42:23.0542 7724  [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:42:23.0544 7724  hwdatacard - ok
15:42:23.0590 7724  [ DE3FF0AB0C551D7E00E250E81169996A ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO32.SYS
15:42:23.0590 7724  HWiNFO32 - ok
15:42:23.0621 7724  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:42:23.0622 7724  hwpolicy - ok
15:42:23.0672 7724  [ A259D3619AA23D4562581067F85E2006 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
15:42:23.0673 7724  hwusbdev - ok
15:42:23.0737 7724  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:42:23.0739 7724  i8042prt - ok
15:42:23.0796 7724  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:42:23.0799 7724  IAANTMON - ok
15:42:23.0836 7724  [ D483687EACE0C065EE772481A96E05F5 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:42:23.0839 7724  iaStor - ok
15:42:23.0886 7724  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:42:23.0889 7724  iaStorV - ok
15:42:23.0956 7724  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:42:23.0963 7724  idsvc - ok
15:42:24.0185 7724  [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
15:42:24.0238 7724  igfx - ok
15:42:24.0286 7724  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:42:24.0287 7724  iirsp - ok
15:42:24.0349 7724  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:42:24.0357 7724  IKEEXT - ok
15:42:24.0389 7724  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:42:24.0390 7724  intelide - ok
15:42:24.0411 7724  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:42:24.0411 7724  intelppm - ok
15:42:24.0446 7724  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:42:24.0447 7724  IPBusEnum - ok
15:42:24.0456 7724  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:42:24.0456 7724  IpFilterDriver - ok
15:42:24.0498 7724  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:42:24.0503 7724  iphlpsvc - ok
15:42:24.0539 7724  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:42:24.0540 7724  IPMIDRV - ok
15:42:24.0560 7724  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:42:24.0561 7724  IPNAT - ok
15:42:24.0617 7724  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:42:24.0626 7724  iPod Service - ok
15:42:24.0649 7724  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:42:24.0650 7724  IRENUM - ok
15:42:24.0687 7724  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:42:24.0688 7724  isapnp - ok
15:42:24.0715 7724  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:42:24.0717 7724  iScsiPrt - ok
15:42:24.0793 7724  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:42:24.0794 7724  IviRegMgr - ok
15:42:24.0839 7724  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:42:24.0841 7724  kbdclass - ok
15:42:24.0878 7724  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:42:24.0880 7724  kbdhid - ok
15:42:24.0899 7724  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
15:42:24.0902 7724  KeyIso - ok
15:42:25.0000 7724  [ EDF96FDBA037497E5D4B8A7BA8A1A4B8 ] KinoniSvc       C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
15:42:25.0005 7724  KinoniSvc - ok
15:42:25.0036 7724  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:42:25.0038 7724  KSecDD - ok
15:42:25.0080 7724  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:42:25.0082 7724  KSecPkg - ok
15:42:25.0125 7724  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:42:25.0131 7724  KtmRm - ok
15:42:25.0187 7724  [ 3705B2273E8EFC9A707864AB7324B614 ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
15:42:25.0188 7724  L1C - ok
15:42:25.0207 7724  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:42:25.0213 7724  LanmanServer - ok
15:42:25.0251 7724  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:42:25.0254 7724  LanmanWorkstation - ok
15:42:25.0292 7724  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:42:25.0292 7724  lltdio - ok
15:42:25.0332 7724  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:42:25.0335 7724  lltdsvc - ok
15:42:25.0353 7724  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:42:25.0355 7724  lmhosts - ok
15:42:25.0385 7724  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:42:25.0386 7724  LSI_FC - ok
15:42:25.0423 7724  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:42:25.0424 7724  LSI_SAS - ok
15:42:25.0444 7724  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:42:25.0445 7724  LSI_SAS2 - ok
15:42:25.0473 7724  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:42:25.0474 7724  LSI_SCSI - ok
15:42:25.0509 7724  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
15:42:25.0511 7724  luafv - ok
15:42:25.0560 7724  [ BA1347822D01B2D29C14CF09663A6457 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
15:42:25.0564 7724  LVRS - ok
15:42:25.0711 7724  [ E2C99D3B692BA2173114C9DF79313B70 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
15:42:25.0753 7724  LVUVC - ok
15:42:25.0818 7724  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:42:25.0819 7724  MBAMProtector - ok
15:42:25.0882 7724  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:42:25.0886 7724  MBAMScheduler - ok
15:42:25.0934 7724  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:42:25.0938 7724  MBAMService - ok
15:42:26.0047 7724  [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\progra~1\mcafee\sitead~1\McSACore.exe
15:42:26.0048 7724  McAfee SiteAdvisor Service - ok
15:42:26.0092 7724  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:42:26.0096 7724  Mcx2Svc - ok
15:42:26.0119 7724  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:42:26.0121 7724  megasas - ok
15:42:26.0148 7724  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:42:26.0151 7724  MegaSR - ok
15:42:26.0183 7724  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
15:42:26.0186 7724  MMCSS - ok
15:42:26.0201 7724  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
15:42:26.0202 7724  Modem - ok
15:42:26.0223 7724  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:42:26.0225 7724  monitor - ok
15:42:26.0259 7724  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:42:26.0260 7724  mouclass - ok
15:42:26.0301 7724  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:42:26.0302 7724  mouhid - ok
15:42:26.0332 7724  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:42:26.0333 7724  mountmgr - ok
15:42:26.0404 7724  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:42:26.0406 7724  MozillaMaintenance - ok
15:42:26.0468 7724  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:42:26.0471 7724  MpFilter - ok
15:42:26.0489 7724  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:42:26.0491 7724  mpio - ok
15:42:26.0636 7724  [ A69630D039C38018689190234F866D77 ] MpKslf7f30ce2   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys
15:42:26.0637 7724  MpKslf7f30ce2 - ok
15:42:26.0668 7724  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:42:26.0669 7724  mpsdrv - ok
15:42:26.0724 7724  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:42:26.0732 7724  MpsSvc - ok
15:42:26.0774 7724  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:42:26.0776 7724  MRxDAV - ok
15:42:26.0826 7724  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:42:26.0827 7724  mrxsmb - ok
15:42:26.0850 7724  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:42:26.0853 7724  mrxsmb10 - ok
15:42:26.0871 7724  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:42:26.0873 7724  mrxsmb20 - ok
15:42:26.0904 7724  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
15:42:26.0906 7724  msahci - ok
15:42:26.0984 7724  [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
15:42:26.0986 7724  MSCamSvc - ok
15:42:27.0030 7724  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:42:27.0032 7724  msdsm - ok
15:42:27.0050 7724  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
15:42:27.0054 7724  MSDTC - ok
15:42:27.0098 7724  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:42:27.0098 7724  Msfs - ok
15:42:27.0114 7724  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:42:27.0115 7724  mshidkmdf - ok
15:42:27.0173 7724  [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
15:42:27.0174 7724  MSHUSBVideo - ok
15:42:27.0201 7724  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:42:27.0202 7724  msisadrv - ok
15:42:27.0256 7724  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:42:27.0260 7724  MSiSCSI - ok
15:42:27.0267 7724  msiserver - ok
15:42:27.0312 7724  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:42:27.0313 7724  MSKSSRV - ok
15:42:27.0386 7724  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:42:27.0387 7724  MsMpSvc - ok
15:42:27.0405 7724  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:42:27.0406 7724  MSPCLOCK - ok
15:42:27.0436 7724  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:42:27.0437 7724  MSPQM - ok
15:42:27.0450 7724  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:42:27.0453 7724  MsRPC - ok
15:42:27.0492 7724  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:42:27.0493 7724  mssmbios - ok
15:42:27.0559 7724  MSSQL$MSSMLBIZ - ok
15:42:27.0590 7724  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:42:27.0591 7724  MSSQLServerADHelper - ok
15:42:27.0621 7724  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:42:27.0622 7724  MSTEE - ok
15:42:27.0635 7724  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:42:27.0635 7724  MTConfig - ok
15:42:27.0651 7724  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:42:27.0652 7724  Mup - ok
15:42:27.0693 7724  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
15:42:27.0697 7724  napagent - ok
15:42:27.0744 7724  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:42:27.0746 7724  NativeWifiP - ok
15:42:27.0792 7724  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:42:27.0797 7724  NDIS - ok
15:42:27.0818 7724  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:42:27.0818 7724  NdisCap - ok
15:42:27.0847 7724  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:42:27.0848 7724  NdisTapi - ok
15:42:27.0883 7724  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:42:27.0883 7724  Ndisuio - ok
15:42:27.0921 7724  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:27.0923 7724  NdisWan - ok
15:42:27.0958 7724  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:42:27.0959 7724  NDProxy - ok
15:42:28.0006 7724  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
15:42:28.0007 7724  Netaapl - ok
15:42:28.0056 7724  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:42:28.0057 7724  NetBIOS - ok
15:42:28.0087 7724  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:42:28.0089 7724  NetBT - ok
15:42:28.0099 7724  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
15:42:28.0102 7724  Netlogon - ok
15:42:28.0153 7724  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
15:42:28.0159 7724  Netman - ok
15:42:28.0212 7724  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:42:28.0214 7724  NetMsmqActivator - ok
15:42:28.0222 7724  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:42:28.0224 7724  NetPipeActivator - ok
15:42:28.0257 7724  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
15:42:28.0261 7724  netprofm - ok
15:42:28.0269 7724  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:42:28.0271 7724  NetTcpActivator - ok
15:42:28.0278 7724  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:42:28.0280 7724  NetTcpPortSharing - ok
15:42:28.0460 7724  [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32        C:\Windows\system32\DRIVERS\NETw5s32.sys
15:42:28.0519 7724  NETw5s32 - ok
15:42:28.0642 7724  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
15:42:28.0667 7724  netw5v32 - ok
15:42:28.0699 7724  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:42:28.0700 7724  nfrd960 - ok
15:42:28.0731 7724  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:42:28.0732 7724  NisDrv - ok
15:42:28.0763 7724  [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:42:28.0765 7724  NisSrv - ok
15:42:28.0797 7724  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:42:28.0800 7724  NlaSvc - ok
15:42:28.0827 7724  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:42:28.0828 7724  Npfs - ok
15:42:28.0847 7724  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
15:42:28.0849 7724  nsi - ok
15:42:28.0865 7724  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:42:28.0866 7724  nsiproxy - ok
15:42:28.0931 7724  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:42:28.0941 7724  Ntfs - ok
15:42:29.0030 7724  [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:42:29.0031 7724  NTIBackupSvc - ok
15:42:29.0078 7724  [ 94E08DCC43F46471D96953E712B6D82B ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
15:42:29.0078 7724  NTIDrvr - ok
15:42:29.0090 7724  [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:42:29.0092 7724  NTISchedulerSvc - ok
15:42:29.0120 7724  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
15:42:29.0121 7724  Null - ok
15:42:29.0132 7724  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:42:29.0133 7724  nvraid - ok
15:42:29.0171 7724  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:42:29.0172 7724  nvstor - ok
15:42:29.0216 7724  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:42:29.0218 7724  nv_agp - ok
15:42:29.0307 7724  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:42:29.0312 7724  odserv - ok
15:42:29.0345 7724  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:42:29.0347 7724  ohci1394 - ok
15:42:29.0393 7724  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:42:29.0395 7724  ose - ok
15:42:29.0441 7724  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:42:29.0445 7724  p2pimsvc - ok
15:42:29.0464 7724  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:42:29.0467 7724  p2psvc - ok
15:42:29.0499 7724  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:42:29.0500 7724  Parport - ok
15:42:29.0534 7724  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:42:29.0535 7724  partmgr - ok
15:42:29.0549 7724  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
15:42:29.0550 7724  Parvdm - ok
15:42:29.0584 7724  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:42:29.0587 7724  PcaSvc - ok
15:42:29.0624 7724  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
15:42:29.0626 7724  pci - ok
15:42:29.0667 7724  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
15:42:29.0668 7724  pciide - ok
15:42:29.0698 7724  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:42:29.0700 7724  pcmcia - ok
15:42:29.0713 7724  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
15:42:29.0713 7724  pcw - ok
15:42:29.0741 7724  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:42:29.0747 7724  PEAUTH - ok
15:42:29.0798 7724  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:42:29.0806 7724  PeerDistSvc - ok
15:42:29.0890 7724  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
15:42:29.0902 7724  pla - ok
15:42:29.0948 7724  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:42:29.0954 7724  PlugPlay - ok
15:42:29.0991 7724  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:42:29.0993 7724  PNRPAutoReg - ok
15:42:30.0008 7724  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:42:30.0011 7724  PNRPsvc - ok
15:42:30.0056 7724  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:42:30.0062 7724  PolicyAgent - ok
15:42:30.0105 7724  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
15:42:30.0108 7724  Power - ok
15:42:30.0141 7724  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:42:30.0142 7724  PptpMiniport - ok
15:42:30.0161 7724  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:42:30.0162 7724  Processor - ok
15:42:30.0200 7724  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
15:42:30.0203 7724  ProfSvc - ok
15:42:30.0208 7724  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:42:30.0211 7724  ProtectedStorage - ok
15:42:30.0232 7724  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:42:30.0233 7724  Psched - ok
15:42:30.0268 7724  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
15:42:30.0271 7724  PSI_SVC_2 - ok
15:42:30.0314 7724  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:42:30.0323 7724  ql2300 - ok
15:42:30.0340 7724  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:42:30.0341 7724  ql40xx - ok
15:42:30.0377 7724  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
15:42:30.0382 7724  QWAVE - ok
15:42:30.0415 7724  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:42:30.0416 7724  QWAVEdrv - ok
15:42:30.0435 7724  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:42:30.0436 7724  RasAcd - ok
15:42:30.0488 7724  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:42:30.0489 7724  RasAgileVpn - ok
15:42:30.0519 7724  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
15:42:30.0524 7724  RasAuto - ok
15:42:30.0542 7724  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:42:30.0544 7724  Rasl2tp - ok
15:42:30.0606 7724  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
15:42:30.0613 7724  RasMan - ok
15:42:30.0626 7724  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:42:30.0628 7724  RasPppoe - ok
15:42:30.0655 7724  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:42:30.0656 7724  RasSstp - ok
15:42:30.0691 7724  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:42:30.0693 7724  rdbss - ok
15:42:30.0702 7724  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:42:30.0703 7724  rdpbus - ok
15:42:30.0733 7724  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:42:30.0734 7724  RDPCDD - ok
15:42:30.0766 7724  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:42:30.0767 7724  RDPDR - ok
15:42:30.0796 7724  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:42:30.0797 7724  RDPENCDD - ok
15:42:30.0811 7724  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:42:30.0811 7724  RDPREFMP - ok
15:42:30.0848 7724  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:42:30.0849 7724  RDPWD - ok
15:42:30.0898 7724  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:42:30.0899 7724  rdyboost - ok
15:42:30.0931 7724  [ 001B4278407F4303EFC902A2B16F2453 ] regi            C:\Windows\system32\drivers\regi.sys
15:42:30.0932 7724  regi - ok
15:42:30.0960 7724  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:42:30.0962 7724  RemoteAccess - ok
15:42:30.0990 7724  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:42:30.0993 7724  RemoteRegistry - ok
15:42:31.0030 7724  [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
15:42:31.0031 7724  RimUsb - ok
15:42:31.0065 7724  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:42:31.0067 7724  RpcEptMapper - ok
15:42:31.0103 7724  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
15:42:31.0105 7724  RpcLocator - ok
15:42:31.0150 7724  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
15:42:31.0154 7724  RpcSs - ok
15:42:31.0187 7724  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:42:31.0188 7724  rspndr - ok
15:42:31.0226 7724  [ 96F8DD546677AA5102150ACC140377B3 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
15:42:31.0228 7724  RSUSBSTOR - ok
15:42:31.0279 7724  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service      C:\Program Files\Acer\Acer VCM\RS_Service.exe
15:42:31.0281 7724  RS_Service - ok
15:42:31.0289 7724  RtsUIR - ok
15:42:31.0334 7724  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:42:31.0335 7724  s3cap - ok
15:42:31.0344 7724  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
15:42:31.0347 7724  SamSs - ok
15:42:31.0407 7724  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:42:31.0409 7724  sbp2port - ok
15:42:31.0439 7724  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:42:31.0444 7724  SCardSvr - ok
15:42:31.0483 7724  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:42:31.0485 7724  scfilter - ok
15:42:31.0536 7724  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
15:42:31.0548 7724  Schedule - ok
15:42:31.0600 7724  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:42:31.0601 7724  SCPolicySvc - ok
15:42:31.0640 7724  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:42:31.0645 7724  SDRSVC - ok
15:42:31.0690 7724  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:42:31.0690 7724  secdrv - ok
15:42:31.0723 7724  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
15:42:31.0727 7724  seclogon - ok
15:42:31.0758 7724  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
15:42:31.0762 7724  SENS - ok
15:42:31.0786 7724  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:42:31.0790 7724  SensrSvc - ok
15:42:31.0796 7724  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:42:31.0797 7724  Serenum - ok
15:42:31.0813 7724  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:42:31.0814 7724  Serial - ok
15:42:31.0853 7724  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:42:31.0854 7724  sermouse - ok
15:42:31.0895 7724  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:42:31.0898 7724  SessionEnv - ok
15:42:31.0933 7724  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:42:31.0934 7724  sffdisk - ok
15:42:31.0945 7724  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:42:31.0945 7724  sffp_mmc - ok
15:42:31.0953 7724  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:42:31.0954 7724  sffp_sd - ok
15:42:31.0980 7724  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:42:31.0980 7724  sfloppy - ok
15:42:32.0027 7724  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:42:32.0030 7724  SharedAccess - ok
15:42:32.0077 7724  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:42:32.0081 7724  ShellHWDetection - ok
15:42:32.0102 7724  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:42:32.0102 7724  sisagp - ok
15:42:32.0130 7724  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:42:32.0131 7724  SiSRaid2 - ok
15:42:32.0141 7724  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:42:32.0142 7724  SiSRaid4 - ok
15:42:32.0196 7724  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
15:42:32.0197 7724  SkypeUpdate - ok
15:42:32.0228 7724  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:42:32.0229 7724  Smb - ok
15:42:32.0288 7724  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:42:32.0290 7724  SNMPTRAP - ok
15:42:32.0319 7724  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:42:32.0320 7724  spldr - ok
15:42:32.0369 7724  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
15:42:32.0373 7724  Spooler - ok
15:42:32.0484 7724  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:42:32.0511 7724  sppsvc - ok
15:42:32.0539 7724  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:42:32.0542 7724  sppuinotify - ok
15:42:32.0582 7724  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:42:32.0584 7724  SQLBrowser - ok
15:42:32.0614 7724  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:42:32.0615 7724  SQLWriter - ok
15:42:32.0658 7724  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:42:32.0662 7724  srv - ok
15:42:32.0689 7724  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:42:32.0693 7724  srv2 - ok
15:42:32.0716 7724  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:42:32.0718 7724  srvnet - ok
15:42:32.0750 7724  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:42:32.0756 7724  SSDPSRV - ok
15:42:32.0767 7724  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:42:32.0773 7724  SstpSvc - ok
15:42:32.0797 7724  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:42:32.0797 7724  stexstor - ok
15:42:32.0849 7724  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
15:42:32.0858 7724  StiSvc - ok
15:42:32.0895 7724  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:42:32.0896 7724  storflt - ok
15:42:32.0927 7724  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
15:42:32.0930 7724  StorSvc - ok
15:42:32.0945 7724  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:42:32.0946 7724  storvsc - ok
15:42:32.0973 7724  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:42:32.0973 7724  swenum - ok
15:42:32.0993 7724  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
15:42:32.0997 7724  swprv - ok
15:42:33.0029 7724  [ 85AA36B9C4C07CABC1B4E57E11E60E24 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:42:33.0030 7724  SynTP - ok
15:42:33.0083 7724  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
15:42:33.0092 7724  SysMain - ok
15:42:33.0128 7724  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:42:33.0131 7724  TabletInputService - ok
15:42:33.0166 7724  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:42:33.0170 7724  TapiSrv - ok
15:42:33.0202 7724  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
15:42:33.0204 7724  TBS - ok
15:42:33.0258 7724  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:42:33.0266 7724  Tcpip - ok
15:42:33.0314 7724  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:42:33.0322 7724  TCPIP6 - ok
15:42:33.0367 7724  [ DCFEB82CA988598CEB8F83148616038E ] tcpipBM         C:\Windows\system32\drivers\tcpipBM.sys
15:42:33.0367 7724  tcpipBM - ok
15:42:33.0403 7724  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:42:33.0403 7724  tcpipreg - ok
15:42:33.0450 7724  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:42:33.0451 7724  TDPIPE - ok
15:42:33.0469 7724  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:42:33.0470 7724  TDTCP - ok
15:42:33.0509 7724  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:42:33.0510 7724  tdx - ok
15:42:33.0616 7724  [ 01A402D34732CA3DA91786ADCC765069 ] TeamViewer6     C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
15:42:33.0631 7724  TeamViewer6 - ok
15:42:33.0663 7724  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:42:33.0664 7724  TermDD - ok
15:42:33.0712 7724  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
15:42:33.0721 7724  TermService - ok
15:42:33.0754 7724  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
15:42:33.0756 7724  Themes - ok
15:42:33.0772 7724  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:42:33.0774 7724  THREADORDER - ok
15:42:33.0807 7724  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
15:42:33.0810 7724  TrkWks - ok
15:42:33.0866 7724  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:42:33.0869 7724  TrustedInstaller - ok
15:42:33.0904 7724  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:42:33.0906 7724  tssecsrv - ok
15:42:33.0956 7724  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:42:33.0958 7724  TsUsbFlt - ok
15:42:34.0006 7724  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:42:34.0007 7724  tunnel - ok
15:42:34.0034 7724  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:42:34.0035 7724  uagp35 - ok
15:42:34.0069 7724  [ 91096BD971BF7C1C4CA58C1CE594BB24 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
15:42:34.0070 7724  UBHelper - ok
15:42:34.0110 7724  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:42:34.0113 7724  udfs - ok
15:42:34.0157 7724  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:42:34.0162 7724  UI0Detect - ok
15:42:34.0205 7724  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:42:34.0207 7724  uliagpkx - ok
15:42:34.0248 7724  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
15:42:34.0249 7724  umbus - ok
15:42:34.0281 7724  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:42:34.0282 7724  UmPass - ok
15:42:34.0324 7724  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:42:34.0330 7724  UmRdpService - ok
15:42:34.0415 7724  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:42:34.0418 7724  Updater Service - ok
15:42:34.0464 7724  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
15:42:34.0471 7724  upnphost - ok
15:42:34.0515 7724  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
15:42:34.0516 7724  USBAAPL - ok
15:42:34.0563 7724  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:42:34.0565 7724  usbaudio - ok
15:42:34.0604 7724  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:42:34.0605 7724  usbccgp - ok
15:42:34.0610 7724  USBCCID - ok
15:42:34.0649 7724  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:42:34.0650 7724  usbcir - ok
15:42:34.0675 7724  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:42:34.0675 7724  usbehci - ok
15:42:34.0699 7724  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:42:34.0701 7724  usbhub - ok
15:42:34.0737 7724  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:42:34.0737 7724  usbohci - ok
15:42:34.0772 7724  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:42:34.0772 7724  usbprint - ok
15:42:34.0811 7724  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:42:34.0812 7724  USBSTOR - ok
15:42:34.0851 7724  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:42:34.0852 7724  usbuhci - ok
15:42:34.0897 7724  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:42:34.0899 7724  usbvideo - ok
15:42:34.0919 7724  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
15:42:34.0923 7724  UxSms - ok
15:42:34.0944 7724  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
15:42:34.0946 7724  VaultSvc - ok
15:42:34.0984 7724  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:42:34.0985 7724  vdrvroot - ok
15:42:35.0038 7724  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
15:42:35.0047 7724  vds - ok
15:42:35.0078 7724  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:42:35.0079 7724  vga - ok
15:42:35.0094 7724  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:42:35.0095 7724  VgaSave - ok
15:42:35.0131 7724  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:42:35.0133 7724  vhdmp - ok
15:42:35.0163 7724  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:42:35.0163 7724  viaagp - ok
15:42:35.0174 7724  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
15:42:35.0175 7724  ViaC7 - ok
15:42:35.0214 7724  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
15:42:35.0214 7724  viaide - ok
15:42:35.0247 7724  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:42:35.0248 7724  vmbus - ok
15:42:35.0281 7724  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:42:35.0282 7724  VMBusHID - ok
15:42:35.0298 7724  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:42:35.0299 7724  volmgr - ok
15:42:35.0316 7724  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:42:35.0318 7724  volmgrx - ok
15:42:35.0335 7724  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:42:35.0337 7724  volsnap - ok
15:42:35.0374 7724  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:42:35.0376 7724  vsmraid - ok
15:42:35.0429 7724  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
15:42:35.0444 7724  VSS - ok
15:42:35.0568 7724  [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
15:42:35.0573 7724  vToolbarUpdater13.2.0 - ok
15:42:35.0593 7724  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:42:35.0594 7724  vwifibus - ok
15:42:35.0613 7724  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:42:35.0614 7724  vwififlt - ok
15:42:35.0655 7724  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:42:35.0656 7724  vwifimp - ok
15:42:35.0689 7724  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
15:42:35.0693 7724  W32Time - ok
15:42:35.0710 7724  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:42:35.0711 7724  WacomPen - ok
15:42:35.0751 7724  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:42:35.0752 7724  WANARP - ok
15:42:35.0757 7724  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:42:35.0758 7724  Wanarpv6 - ok
15:42:35.0828 7724  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:42:35.0836 7724  WatAdminSvc - ok
15:42:35.0889 7724  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
15:42:35.0899 7724  wbengine - ok
15:42:35.0937 7724  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:42:35.0941 7724  WbioSrvc - ok
15:42:35.0982 7724  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:42:35.0986 7724  wcncsvc - ok
15:42:35.0996 7724  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:42:35.0999 7724  WcsPlugInService - ok
15:42:36.0018 7724  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:42:36.0019 7724  Wd - ok
15:42:36.0050 7724  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:42:36.0054 7724  Wdf01000 - ok
15:42:36.0076 7724  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:42:36.0080 7724  WdiServiceHost - ok
15:42:36.0084 7724  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:42:36.0087 7724  WdiSystemHost - ok
15:42:36.0119 7724  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
15:42:36.0123 7724  WebClient - ok
15:42:36.0145 7724  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:42:36.0149 7724  Wecsvc - ok
15:42:36.0161 7724  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:42:36.0164 7724  wercplsupport - ok
15:42:36.0204 7724  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:42:36.0207 7724  WerSvc - ok
15:42:36.0237 7724  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:42:36.0238 7724  WfpLwf - ok
15:42:36.0268 7724  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:42:36.0270 7724  WIMMount - ok
15:42:36.0354 7724  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:42:36.0361 7724  WinDefend - ok
15:42:36.0375 7724  WinHttpAutoProxySvc - ok
15:42:36.0456 7724  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:42:36.0459 7724  Winmgmt - ok
15:42:36.0517 7724  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
15:42:36.0530 7724  WinRM - ok
15:42:36.0592 7724  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:42:36.0593 7724  WinUsb - ok
15:42:36.0640 7724  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:42:36.0649 7724  Wlansvc - ok
15:42:36.0697 7724  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:42:36.0698 7724  WmiAcpi - ok
15:42:36.0730 7724  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:42:36.0732 7724  wmiApSrv - ok
15:42:36.0820 7724  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:42:36.0832 7724  WMPNetworkSvc - ok
15:42:36.0864 7724  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:42:36.0869 7724  WPCSvc - ok
15:42:36.0910 7724  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:42:36.0916 7724  WPDBusEnum - ok
15:42:36.0944 7724  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:42:36.0945 7724  ws2ifsl - ok
15:42:36.0962 7724  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
15:42:36.0967 7724  wscsvc - ok
15:42:36.0975 7724  WSearch - ok
15:42:37.0043 7724  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:42:37.0058 7724  wuauserv - ok
15:42:37.0087 7724  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:42:37.0088 7724  WudfPf - ok
15:42:37.0119 7724  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:42:37.0120 7724  WUDFRd - ok
15:42:37.0179 7724  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:42:37.0185 7724  wudfsvc - ok
15:42:37.0224 7724  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:42:37.0230 7724  WwanSvc - ok
15:42:37.0289 7724  ================ Scan global ===============================
15:42:37.0326 7724  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:42:37.0356 7724  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:42:37.0366 7724  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
15:42:37.0392 7724  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:42:37.0433 7724  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:42:37.0440 7724  [Global] - ok
15:42:37.0441 7724  ================ Scan MBR ==================================
15:42:37.0458 7724  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:42:37.0816 7724  \Device\Harddisk0\DR0 - ok
15:42:37.0817 7724  ================ Scan VBR ==================================
15:42:37.0821 7724  [ 33A3B1F5CF41265473F927A5413DCAE6 ] \Device\Harddisk0\DR0\Partition1
15:42:37.0823 7724  \Device\Harddisk0\DR0\Partition1 - ok
15:42:37.0842 7724  [ 9CC830D2E32D535FDDF0A116EB300FBD ] \Device\Harddisk0\DR0\Partition2
15:42:37.0844 7724  \Device\Harddisk0\DR0\Partition2 - ok
15:42:37.0870 7724  [ 40A423095DE5FDF089143EF149A0CA3D ] \Device\Harddisk0\DR0\Partition3
15:42:37.0873 7724  \Device\Harddisk0\DR0\Partition3 - ok
15:42:37.0875 7724  ============================================================
15:42:37.0875 7724  Scan finished
15:42:37.0875 7724  ============================================================
15:42:37.0891 5468  Detected object count: 0
15:42:37.0891 5468  Actual detected object count: 0
         

Danke!

LG

Jörg

Alt 17.05.2013, 15:49   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Zitat:
15:42:16.0495 7724 Scan started
15:42:16.0495 7724 Mode: Manual;
den tdsskiller hast du falsch eingestellt, nochmal: bitte die Anleitungen sorgfältiger lesen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.05.2013, 19:48   #12
joerg69
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



ich sollte wirklich sorgfältiger lesen .....

Code:
ATTFilter
20:44:04.0110 6020  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:44:04.0291 6020  ============================================================
20:44:04.0291 6020  Current date / time: 2013/05/17 20:44:04.0291
20:44:04.0291 6020  SystemInfo:
20:44:04.0291 6020  
20:44:04.0291 6020  OS Version: 6.1.7601 ServicePack: 1.0
20:44:04.0291 6020  Product type: Workstation
20:44:04.0292 6020  ComputerName: SANDRA-PC
20:44:04.0292 6020  UserName: Sandra
20:44:04.0292 6020  Windows directory: C:\Windows
20:44:04.0292 6020  System windows directory: C:\Windows
20:44:04.0292 6020  Processor architecture: Intel x86
20:44:04.0292 6020  Number of processors: 2
20:44:04.0292 6020  Page size: 0x1000
20:44:04.0292 6020  Boot type: Normal boot
20:44:04.0292 6020  ============================================================
20:44:05.0152 6020  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:44:05.0154 6020  ============================================================
20:44:05.0154 6020  \Device\Harddisk0\DR0:
20:44:05.0155 6020  MBR partitions:
20:44:05.0155 6020  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3000800, BlocksNum 0x32000
20:44:05.0155 6020  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3032800, BlocksNum 0x115E3800
20:44:05.0155 6020  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x14616000, BlocksNum 0x10E18000
20:44:05.0155 6020  ============================================================
20:44:05.0185 6020  C: <-> \Device\Harddisk0\DR0\Partition2
20:44:05.0223 6020  D: <-> \Device\Harddisk0\DR0\Partition3
20:44:05.0223 6020  ============================================================
20:44:05.0223 6020  Initialize success
20:44:05.0223 6020  ============================================================
20:44:43.0473 7684  ============================================================
20:44:43.0473 7684  Scan started
20:44:43.0473 7684  Mode: Manual; SigCheck; TDLFS; 
20:44:43.0473 7684  ============================================================
20:44:43.0774 7684  ================ Scan system memory ========================
20:44:43.0775 7684  System memory - ok
20:44:43.0775 7684  ================ Scan services =============================
20:44:43.0998 7684  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:44:44.0128 7684  1394ohci - ok
20:44:44.0220 7684  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:44:44.0244 7684  ACPI - ok
20:44:44.0322 7684  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:44:44.0378 7684  AcpiPmi - ok
20:44:44.0503 7684  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:44:44.0526 7684  AdobeARMservice - ok
20:44:44.0652 7684  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:44:44.0678 7684  AdobeFlashPlayerUpdateSvc - ok
20:44:44.0768 7684  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:44:44.0803 7684  adp94xx - ok
20:44:44.0854 7684  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:44:44.0871 7684  adpahci - ok
20:44:44.0885 7684  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:44:44.0900 7684  adpu320 - ok
20:44:44.0958 7684  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:44:45.0011 7684  AeLookupSvc - ok
20:44:45.0078 7684  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
20:44:45.0106 7684  AFD - ok
20:44:45.0159 7684  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
20:44:45.0172 7684  agp440 - ok
20:44:45.0211 7684  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
20:44:45.0224 7684  aic78xx - ok
20:44:45.0264 7684  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
20:44:45.0288 7684  ALG - ok
20:44:45.0344 7684  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:44:45.0356 7684  aliide - ok
20:44:45.0373 7684  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:44:45.0386 7684  amdagp - ok
20:44:45.0404 7684  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:44:45.0416 7684  amdide - ok
20:44:45.0445 7684  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:44:45.0470 7684  AmdK8 - ok
20:44:45.0483 7684  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:44:45.0513 7684  AmdPPM - ok
20:44:45.0565 7684  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:44:45.0588 7684  amdsata - ok
20:44:45.0616 7684  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:44:45.0630 7684  amdsbs - ok
20:44:45.0642 7684  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:44:45.0654 7684  amdxata - ok
20:44:45.0696 7684  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
20:44:45.0803 7684  AppID - ok
20:44:45.0861 7684  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:44:45.0921 7684  AppIDSvc - ok
20:44:45.0949 7684  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
20:44:46.0009 7684  Appinfo - ok
20:44:46.0104 7684  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:44:46.0123 7684  Apple Mobile Device - ok
20:44:46.0164 7684  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:44:46.0207 7684  AppMgmt - ok
20:44:46.0252 7684  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:44:46.0265 7684  arc - ok
20:44:46.0318 7684  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:44:46.0340 7684  arcsas - ok
20:44:46.0494 7684  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:44:46.0515 7684  aspnet_state - ok
20:44:46.0538 7684  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:44:46.0668 7684  AsyncMac - ok
20:44:46.0731 7684  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
20:44:46.0753 7684  atapi - ok
20:44:46.0800 7684  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:44:46.0848 7684  AudioEndpointBuilder - ok
20:44:46.0876 7684  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:44:46.0907 7684  Audiosrv - ok
20:44:46.0960 7684  [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
20:44:46.0988 7684  avgtp - ok
20:44:47.0026 7684  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:44:47.0095 7684  AxInstSV - ok
20:44:47.0140 7684  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
20:44:47.0200 7684  b06bdrv - ok
20:44:47.0241 7684  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:44:47.0276 7684  b57nd60x - ok
20:44:47.0356 7684  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
20:44:47.0376 7684  BcmSqlStartupSvc - ok
20:44:47.0412 7684  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:44:47.0465 7684  BDESVC - ok
20:44:47.0494 7684  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:44:47.0538 7684  Beep - ok
20:44:47.0602 7684  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
20:44:47.0667 7684  BFE - ok
20:44:47.0714 7684  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
20:44:47.0761 7684  BITS - ok
20:44:47.0785 7684  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:44:47.0811 7684  blbdrive - ok
20:44:47.0857 7684  [ D002033C1A37F6AF51B5F0BA6D0211BC ] BMLoad          C:\Windows\system32\drivers\BMLoad.sys
20:44:47.0876 7684  BMLoad ( UnsignedFile.Multi.Generic ) - warning
20:44:47.0876 7684  BMLoad - detected UnsignedFile.Multi.Generic (1)
20:44:47.0942 7684  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:44:47.0967 7684  Bonjour Service - ok
20:44:48.0012 7684  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:44:48.0058 7684  bowser - ok
20:44:48.0105 7684  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:44:48.0171 7684  BrFiltLo - ok
20:44:48.0206 7684  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:44:48.0259 7684  BrFiltUp - ok
20:44:48.0313 7684  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
20:44:48.0381 7684  BridgeMP - ok
20:44:48.0435 7684  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
20:44:48.0459 7684  Browser - ok
20:44:48.0491 7684  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:44:48.0545 7684  Brserid - ok
20:44:48.0564 7684  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:44:48.0592 7684  BrSerWdm - ok
20:44:48.0607 7684  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:44:48.0632 7684  BrUsbMdm - ok
20:44:48.0648 7684  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:44:48.0678 7684  BrUsbSer - ok
20:44:48.0702 7684  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:44:48.0730 7684  BTHMODEM - ok
20:44:48.0792 7684  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
20:44:48.0820 7684  bthserv - ok
20:44:49.0087 7684  catchme - ok
20:44:49.0253 7684  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:44:49.0312 7684  cdfs - ok
20:44:49.0347 7684  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:44:49.0380 7684  cdrom - ok
20:44:49.0425 7684  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:44:49.0460 7684  CertPropSvc - ok
20:44:49.0487 7684  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:44:49.0503 7684  circlass - ok
20:44:49.0525 7684  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
20:44:49.0540 7684  CLFS - ok
20:44:49.0637 7684  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:44:49.0656 7684  clr_optimization_v2.0.50727_32 - ok
20:44:49.0757 7684  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:44:49.0778 7684  clr_optimization_v4.0.30319_32 - ok
20:44:49.0807 7684  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:44:49.0846 7684  CmBatt - ok
20:44:49.0875 7684  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:44:49.0897 7684  cmdide - ok
20:44:49.0933 7684  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
20:44:49.0965 7684  CNG - ok
20:44:50.0038 7684  [ 720A32C2D7BE2F21C1213A2EC9C16CDD ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
20:44:50.0075 7684  CnxtHdAudService - ok
20:44:50.0118 7684  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:44:50.0140 7684  Compbatt - ok
20:44:50.0180 7684  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:44:50.0225 7684  CompositeBus - ok
20:44:50.0249 7684  COMSysApp - ok
20:44:50.0263 7684  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:44:50.0276 7684  crcdisk - ok
20:44:50.0324 7684  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:44:50.0382 7684  CryptSvc - ok
20:44:50.0417 7684  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
20:44:50.0471 7684  CSC - ok
20:44:50.0504 7684  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
20:44:50.0539 7684  CscService - ok
20:44:50.0575 7684  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:44:50.0615 7684  DcomLaunch - ok
20:44:50.0641 7684  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:44:50.0691 7684  defragsvc - ok
20:44:50.0748 7684  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:44:50.0793 7684  DfsC - ok
20:44:50.0839 7684  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:44:50.0861 7684  Dhcp - ok
20:44:50.0886 7684  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
20:44:50.0928 7684  discache - ok
20:44:50.0972 7684  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:44:50.0985 7684  Disk - ok
20:44:51.0039 7684  [ C701324C9E0C25DD9D60311BD87FBC84 ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
20:44:51.0048 7684  DKbFltr - ok
20:44:51.0088 7684  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:44:51.0151 7684  Dnscache - ok
20:44:51.0189 7684  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:44:51.0236 7684  dot3svc - ok
20:44:51.0267 7684  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
20:44:51.0309 7684  DPS - ok
20:44:51.0355 7684  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:44:51.0383 7684  drmkaud - ok
20:44:51.0430 7684  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:44:51.0455 7684  DXGKrnl - ok
20:44:51.0488 7684  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
20:44:51.0537 7684  EapHost - ok
20:44:51.0662 7684  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
20:44:51.0745 7684  ebdrv - ok
20:44:51.0780 7684  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
20:44:51.0837 7684  EFS - ok
20:44:51.0923 7684  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:44:51.0974 7684  ehRecvr - ok
20:44:52.0003 7684  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
20:44:52.0060 7684  ehSched - ok
20:44:52.0107 7684  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:44:52.0132 7684  elxstor - ok
20:44:52.0221 7684  [ C8505E1FD7FC441B933D3B0C29EE0F5D ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:44:52.0253 7684  ePowerSvc - ok
20:44:52.0285 7684  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:44:52.0324 7684  ErrDev - ok
20:44:52.0392 7684  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
20:44:52.0448 7684  EventSystem - ok
20:44:52.0512 7684  [ 7C18A6C99F4119D361A5CA028E788648 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
20:44:52.0544 7684  ewusbnet - ok
20:44:52.0557 7684  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
20:44:52.0617 7684  exfat - ok
20:44:52.0642 7684  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:44:52.0684 7684  fastfat - ok
20:44:52.0740 7684  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
20:44:52.0804 7684  Fax - ok
20:44:52.0819 7684  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:44:52.0852 7684  fdc - ok
20:44:52.0872 7684  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
20:44:52.0917 7684  fdPHost - ok
20:44:52.0940 7684  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
20:44:52.0982 7684  FDResPub - ok
20:44:53.0011 7684  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:44:53.0024 7684  FileInfo - ok
20:44:53.0039 7684  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:44:53.0085 7684  Filetrace - ok
20:44:53.0203 7684  [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
20:44:53.0245 7684  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
20:44:53.0245 7684  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
20:44:53.0267 7684  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:44:53.0293 7684  flpydisk - ok
20:44:53.0323 7684  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:44:53.0338 7684  FltMgr - ok
20:44:53.0401 7684  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
20:44:53.0469 7684  FontCache - ok
20:44:53.0544 7684  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:44:53.0561 7684  FontCache3.0.0.0 - ok
20:44:53.0587 7684  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:44:53.0600 7684  FsDepends - ok
20:44:53.0634 7684  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:44:53.0646 7684  Fs_Rec - ok
20:44:53.0702 7684  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:44:53.0719 7684  fvevol - ok
20:44:53.0751 7684  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:44:53.0765 7684  gagp30kx - ok
20:44:53.0808 7684  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:44:53.0824 7684  GEARAspiWDM - ok
20:44:53.0872 7684  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:44:53.0931 7684  gpsvc - ok
20:44:54.0035 7684  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files\Acer\Registration\GREGsvc.exe
20:44:54.0051 7684  GREGService - ok
20:44:54.0117 7684  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:44:54.0136 7684  gupdate - ok
20:44:54.0173 7684  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:44:54.0191 7684  gupdatem - ok
20:44:54.0254 7684  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:44:54.0270 7684  gusvc - ok
20:44:54.0305 7684  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:44:54.0351 7684  hcw85cir - ok
20:44:54.0403 7684  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:44:54.0446 7684  HdAudAddService - ok
20:44:54.0471 7684  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:44:54.0502 7684  HDAudBus - ok
20:44:54.0537 7684  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:44:54.0563 7684  HidBatt - ok
20:44:54.0583 7684  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:44:54.0612 7684  HidBth - ok
20:44:54.0634 7684  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:44:54.0664 7684  HidIr - ok
20:44:54.0690 7684  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
20:44:54.0743 7684  hidserv - ok
20:44:54.0787 7684  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:44:54.0814 7684  HidUsb - ok
20:44:54.0845 7684  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:44:54.0882 7684  hkmsvc - ok
20:44:54.0911 7684  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:44:54.0978 7684  HomeGroupListener - ok
20:44:55.0019 7684  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:44:55.0077 7684  HomeGroupProvider - ok
20:44:55.0121 7684  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:44:55.0144 7684  HpSAMD - ok
20:44:55.0198 7684  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:44:55.0250 7684  HTTP - ok
20:44:55.0300 7684  [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:44:55.0352 7684  hwdatacard - ok
20:44:55.0403 7684  [ DE3FF0AB0C551D7E00E250E81169996A ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO32.SYS
20:44:55.0423 7684  HWiNFO32 - ok
20:44:55.0457 7684  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:44:55.0479 7684  hwpolicy - ok
20:44:55.0530 7684  [ A259D3619AA23D4562581067F85E2006 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
20:44:55.0555 7684  hwusbdev - ok
20:44:55.0618 7684  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:44:55.0631 7684  i8042prt - ok
20:44:55.0688 7684  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:44:55.0714 7684  IAANTMON - ok
20:44:55.0750 7684  [ D483687EACE0C065EE772481A96E05F5 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:44:55.0775 7684  iaStor - ok
20:44:55.0822 7684  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:44:55.0839 7684  iaStorV - ok
20:44:55.0903 7684  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:44:55.0941 7684  idsvc - ok
20:44:56.0165 7684  [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:44:56.0323 7684  igfx - ok
20:44:56.0367 7684  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:44:56.0379 7684  iirsp - ok
20:44:56.0439 7684  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:44:56.0491 7684  IKEEXT - ok
20:44:56.0514 7684  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:44:56.0526 7684  intelide - ok
20:44:56.0558 7684  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:44:56.0571 7684  intelppm - ok
20:44:56.0615 7684  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:44:56.0661 7684  IPBusEnum - ok
20:44:56.0680 7684  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:44:56.0727 7684  IpFilterDriver - ok
20:44:56.0780 7684  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:44:56.0838 7684  iphlpsvc - ok
20:44:56.0875 7684  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:44:56.0899 7684  IPMIDRV - ok
20:44:56.0929 7684  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:44:56.0971 7684  IPNAT - ok
20:44:57.0031 7684  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:44:57.0053 7684  iPod Service - ok
20:44:57.0075 7684  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:44:57.0139 7684  IRENUM - ok
20:44:57.0169 7684  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:44:57.0182 7684  isapnp - ok
20:44:57.0219 7684  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:44:57.0235 7684  iScsiPrt - ok
20:44:57.0318 7684  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:44:57.0338 7684  IviRegMgr - ok
20:44:57.0376 7684  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:44:57.0389 7684  kbdclass - ok
20:44:57.0415 7684  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:44:57.0438 7684  kbdhid - ok
20:44:57.0458 7684  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
20:44:57.0472 7684  KeyIso - ok
20:44:57.0570 7684  [ EDF96FDBA037497E5D4B8A7BA8A1A4B8 ] KinoniSvc       C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
20:44:57.0603 7684  KinoniSvc ( UnsignedFile.Multi.Generic ) - warning
20:44:57.0603 7684  KinoniSvc - detected UnsignedFile.Multi.Generic (1)
20:44:57.0639 7684  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:44:57.0653 7684  KSecDD - ok
20:44:57.0694 7684  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:44:57.0709 7684  KSecPkg - ok
20:44:57.0750 7684  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:44:57.0797 7684  KtmRm - ok
20:44:57.0857 7684  [ 3705B2273E8EFC9A707864AB7324B614 ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
20:44:57.0910 7684  L1C - ok
20:44:57.0955 7684  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:44:58.0006 7684  LanmanServer - ok
20:44:58.0043 7684  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:44:58.0087 7684  LanmanWorkstation - ok
20:44:58.0151 7684  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:44:58.0212 7684  lltdio - ok
20:44:58.0259 7684  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:44:58.0315 7684  lltdsvc - ok
20:44:58.0334 7684  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:44:58.0369 7684  lmhosts - ok
20:44:58.0399 7684  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:44:58.0413 7684  LSI_FC - ok
20:44:58.0438 7684  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:44:58.0452 7684  LSI_SAS - ok
20:44:58.0470 7684  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:44:58.0483 7684  LSI_SAS2 - ok
20:44:58.0499 7684  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:44:58.0512 7684  LSI_SCSI - ok
20:44:58.0545 7684  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
20:44:58.0585 7684  luafv - ok
20:44:58.0664 7684  [ BA1347822D01B2D29C14CF09663A6457 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
20:44:58.0688 7684  LVRS - ok
20:44:58.0818 7684  [ E2C99D3B692BA2173114C9DF79313B70 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
20:44:58.0895 7684  LVUVC - ok
20:44:58.0955 7684  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:44:58.0977 7684  MBAMProtector - ok
20:44:59.0041 7684  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:44:59.0064 7684  MBAMScheduler - ok
20:44:59.0104 7684  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:59.0124 7684  MBAMService - ok
20:44:59.0217 7684  [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\progra~1\mcafee\sitead~1\McSACore.exe
20:44:59.0236 7684  McAfee SiteAdvisor Service - ok
20:44:59.0274 7684  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:44:59.0289 7684  Mcx2Svc - ok
20:44:59.0312 7684  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:44:59.0325 7684  megasas - ok
20:44:59.0363 7684  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:44:59.0389 7684  MegaSR - ok
20:44:59.0419 7684  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
20:44:59.0463 7684  MMCSS - ok
20:44:59.0494 7684  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
20:44:59.0521 7684  Modem - ok
20:44:59.0538 7684  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:44:59.0572 7684  monitor - ok
20:44:59.0607 7684  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:44:59.0620 7684  mouclass - ok
20:44:59.0638 7684  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:44:59.0667 7684  mouhid - ok
20:44:59.0702 7684  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:44:59.0716 7684  mountmgr - ok
20:44:59.0785 7684  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:44:59.0807 7684  MozillaMaintenance - ok
20:44:59.0872 7684  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
20:44:59.0901 7684  MpFilter - ok
20:44:59.0915 7684  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:44:59.0928 7684  mpio - ok
20:45:00.0051 7684  [ A69630D039C38018689190234F866D77 ] MpKslf7f30ce2   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{296B3EDB-5CB9-4053-B6E1-234A84DCDB7C}\MpKslf7f30ce2.sys
20:45:00.0065 7684  MpKslf7f30ce2 - ok
20:45:00.0093 7684  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:45:00.0145 7684  mpsdrv - ok
20:45:00.0192 7684  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:45:00.0237 7684  MpsSvc - ok
20:45:00.0264 7684  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:45:00.0304 7684  MRxDAV - ok
20:45:00.0351 7684  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:45:00.0395 7684  mrxsmb - ok
20:45:00.0442 7684  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:45:00.0487 7684  mrxsmb10 - ok
20:45:00.0541 7684  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:45:00.0577 7684  mrxsmb20 - ok
20:45:00.0630 7684  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
20:45:00.0653 7684  msahci - ok
20:45:00.0732 7684  [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
20:45:00.0752 7684  MSCamSvc - ok
20:45:00.0789 7684  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:45:00.0802 7684  msdsm - ok
20:45:00.0819 7684  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
20:45:00.0850 7684  MSDTC - ok
20:45:00.0890 7684  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:45:00.0918 7684  Msfs - ok
20:45:00.0929 7684  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:45:00.0969 7684  mshidkmdf - ok
20:45:01.0021 7684  [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
20:45:01.0032 7684  MSHUSBVideo - ok
20:45:01.0060 7684  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:45:01.0073 7684  msisadrv - ok
20:45:01.0115 7684  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:45:01.0154 7684  MSiSCSI - ok
20:45:01.0158 7684  msiserver - ok
20:45:01.0215 7684  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:45:01.0262 7684  MSKSSRV - ok
20:45:01.0345 7684  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:45:01.0370 7684  MsMpSvc - ok
20:45:01.0397 7684  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:45:01.0459 7684  MSPCLOCK - ok
20:45:01.0495 7684  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:45:01.0538 7684  MSPQM - ok
20:45:01.0564 7684  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:45:01.0579 7684  MsRPC - ok
20:45:01.0607 7684  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:45:01.0619 7684  mssmbios - ok
20:45:01.0684 7684  MSSQL$MSSMLBIZ - ok
20:45:01.0716 7684  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:45:01.0734 7684  MSSQLServerADHelper - ok
20:45:01.0769 7684  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:45:01.0818 7684  MSTEE - ok
20:45:01.0827 7684  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:45:01.0856 7684  MTConfig - ok
20:45:01.0877 7684  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:45:01.0890 7684  Mup - ok
20:45:01.0930 7684  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
20:45:01.0960 7684  napagent - ok
20:45:02.0003 7684  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:45:02.0023 7684  NativeWifiP - ok
20:45:02.0062 7684  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:45:02.0086 7684  NDIS - ok
20:45:02.0110 7684  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:45:02.0146 7684  NdisCap - ok
20:45:02.0173 7684  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:45:02.0212 7684  NdisTapi - ok
20:45:02.0253 7684  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:45:02.0278 7684  Ndisuio - ok
20:45:02.0313 7684  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:45:02.0350 7684  NdisWan - ok
20:45:02.0383 7684  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:45:02.0409 7684  NDProxy - ok
20:45:02.0453 7684  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
20:45:02.0497 7684  Netaapl - ok
20:45:02.0537 7684  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:45:02.0586 7684  NetBIOS - ok
20:45:02.0612 7684  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:45:02.0639 7684  NetBT - ok
20:45:02.0647 7684  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
20:45:02.0661 7684  Netlogon - ok
20:45:02.0711 7684  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
20:45:02.0757 7684  Netman - ok
20:45:02.0793 7684  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:45:02.0804 7684  NetMsmqActivator - ok
20:45:02.0811 7684  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:45:02.0823 7684  NetPipeActivator - ok
20:45:02.0838 7684  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
20:45:02.0870 7684  netprofm - ok
20:45:02.0875 7684  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:45:02.0888 7684  NetTcpActivator - ok
20:45:02.0892 7684  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:45:02.0904 7684  NetTcpPortSharing - ok
20:45:03.0062 7684  [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32        C:\Windows\system32\DRIVERS\NETw5s32.sys
20:45:03.0164 7684  NETw5s32 - ok
20:45:03.0291 7684  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
20:45:03.0372 7684  netw5v32 - ok
20:45:03.0413 7684  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:45:03.0426 7684  nfrd960 - ok
20:45:03.0456 7684  [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:45:03.0472 7684  NisDrv - ok
20:45:03.0499 7684  [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
20:45:03.0518 7684  NisSrv - ok
20:45:03.0556 7684  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:45:03.0585 7684  NlaSvc - ok
20:45:03.0609 7684  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:45:03.0636 7684  Npfs - ok
20:45:03.0684 7684  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
20:45:03.0723 7684  nsi - ok
20:45:03.0735 7684  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:45:03.0777 7684  nsiproxy - ok
20:45:03.0831 7684  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:45:03.0864 7684  Ntfs - ok
20:45:03.0945 7684  [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
20:45:03.0962 7684  NTIBackupSvc - ok
20:45:04.0003 7684  [ 94E08DCC43F46471D96953E712B6D82B ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
20:45:04.0020 7684  NTIDrvr - ok
20:45:04.0038 7684  [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
20:45:04.0058 7684  NTISchedulerSvc - ok
20:45:04.0079 7684  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
20:45:04.0107 7684  Null - ok
20:45:04.0136 7684  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:45:04.0149 7684  nvraid - ok
20:45:04.0185 7684  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:45:04.0209 7684  nvstor - ok
20:45:04.0252 7684  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:45:04.0277 7684  nv_agp - ok
20:45:04.0365 7684  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:45:04.0387 7684  odserv - ok
20:45:04.0425 7684  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:45:04.0459 7684  ohci1394 - ok
20:45:04.0529 7684  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:45:04.0549 7684  ose - ok
20:45:04.0599 7684  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:45:04.0663 7684  p2pimsvc - ok
20:45:04.0689 7684  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:45:04.0732 7684  p2psvc - ok
20:45:04.0768 7684  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:45:04.0791 7684  Parport - ok
20:45:04.0825 7684  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:45:04.0838 7684  partmgr - ok
20:45:04.0852 7684  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
20:45:04.0878 7684  Parvdm - ok
20:45:04.0920 7684  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:45:04.0938 7684  PcaSvc - ok
20:45:04.0971 7684  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
20:45:04.0986 7684  pci - ok
20:45:05.0025 7684  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
20:45:05.0038 7684  pciide - ok
20:45:05.0067 7684  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:45:05.0083 7684  pcmcia - ok
20:45:05.0115 7684  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
20:45:05.0137 7684  pcw - ok
20:45:05.0177 7684  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:45:05.0229 7684  PEAUTH - ok
20:45:05.0292 7684  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:45:05.0357 7684  PeerDistSvc - ok
20:45:05.0441 7684  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
20:45:05.0516 7684  pla - ok
20:45:05.0562 7684  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:45:05.0587 7684  PlugPlay - ok
20:45:05.0626 7684  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:45:05.0665 7684  PNRPAutoReg - ok
20:45:05.0689 7684  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:45:05.0718 7684  PNRPsvc - ok
20:45:05.0757 7684  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:45:05.0799 7684  PolicyAgent - ok
20:45:05.0840 7684  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
20:45:05.0869 7684  Power - ok
20:45:05.0898 7684  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:45:05.0926 7684  PptpMiniport - ok
20:45:05.0941 7684  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:45:05.0954 7684  Processor - ok
20:45:06.0003 7684  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
20:45:06.0058 7684  ProfSvc - ok
20:45:06.0069 7684  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:45:06.0087 7684  ProtectedStorage - ok
20:45:06.0123 7684  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:45:06.0151 7684  Psched - ok
20:45:06.0181 7684  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:45:06.0193 7684  PSI_SVC_2 - ok
20:45:06.0227 7684  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:45:06.0272 7684  ql2300 - ok
20:45:06.0286 7684  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:45:06.0301 7684  ql40xx - ok
20:45:06.0335 7684  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
20:45:06.0354 7684  QWAVE - ok
20:45:06.0384 7684  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:45:06.0400 7684  QWAVEdrv - ok
20:45:06.0415 7684  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:45:06.0455 7684  RasAcd - ok
20:45:06.0501 7684  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:45:06.0562 7684  RasAgileVpn - ok
20:45:06.0599 7684  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
20:45:06.0628 7684  RasAuto - ok
20:45:06.0644 7684  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:45:06.0672 7684  Rasl2tp - ok
20:45:06.0719 7684  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
20:45:06.0777 7684  RasMan - ok
20:45:06.0795 7684  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:45:06.0823 7684  RasPppoe - ok
20:45:06.0857 7684  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:45:06.0896 7684  RasSstp - ok
20:45:06.0926 7684  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:45:06.0971 7684  rdbss - ok
20:45:06.0994 7684  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:45:07.0009 7684  rdpbus - ok
20:45:07.0047 7684  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:45:07.0072 7684  RDPCDD - ok
20:45:07.0101 7684  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:45:07.0143 7684  RDPDR - ok
20:45:07.0176 7684  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:45:07.0213 7684  RDPENCDD - ok
20:45:07.0235 7684  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:45:07.0262 7684  RDPREFMP - ok
20:45:07.0294 7684  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:45:07.0335 7684  RDPWD - ok
20:45:07.0378 7684  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:45:07.0393 7684  rdyboost - ok
20:45:07.0423 7684  [ 001B4278407F4303EFC902A2B16F2453 ] regi            C:\Windows\system32\drivers\regi.sys
20:45:07.0432 7684  regi - ok
20:45:07.0462 7684  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:45:07.0501 7684  RemoteAccess - ok
20:45:07.0537 7684  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:45:07.0583 7684  RemoteRegistry - ok
20:45:07.0610 7684  [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
20:45:07.0660 7684  RimUsb - ok
20:45:07.0689 7684  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:45:07.0732 7684  RpcEptMapper - ok
20:45:07.0761 7684  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
20:45:07.0791 7684  RpcLocator - ok
20:45:07.0830 7684  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
20:45:07.0861 7684  RpcSs - ok
20:45:07.0900 7684  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:45:07.0927 7684  rspndr - ok
20:45:07.0985 7684  [ 96F8DD546677AA5102150ACC140377B3 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
20:45:08.0025 7684  RSUSBSTOR - ok
20:45:08.0070 7684  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service      C:\Program Files\Acer\Acer VCM\RS_Service.exe
20:45:08.0090 7684  RS_Service - ok
20:45:08.0095 7684  RtsUIR - ok
20:45:08.0125 7684  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
20:45:08.0174 7684  s3cap - ok
20:45:08.0191 7684  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
20:45:08.0210 7684  SamSs - ok
20:45:08.0254 7684  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:45:08.0272 7684  sbp2port - ok
20:45:08.0307 7684  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:45:08.0358 7684  SCardSvr - ok
20:45:08.0397 7684  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:45:08.0422 7684  scfilter - ok
20:45:08.0469 7684  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
20:45:08.0518 7684  Schedule - ok
20:45:08.0547 7684  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:45:08.0572 7684  SCPolicySvc - ok
20:45:08.0608 7684  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:45:08.0661 7684  SDRSVC - ok
20:45:08.0703 7684  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:45:08.0754 7684  secdrv - ok
20:45:08.0792 7684  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
20:45:08.0835 7684  seclogon - ok
20:45:08.0894 7684  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
20:45:08.0942 7684  SENS - ok
20:45:08.0977 7684  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:45:09.0039 7684  SensrSvc - ok
20:45:09.0064 7684  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:45:09.0078 7684  Serenum - ok
20:45:09.0093 7684  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:45:09.0126 7684  Serial - ok
20:45:09.0156 7684  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:45:09.0192 7684  sermouse - ok
20:45:09.0231 7684  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:45:09.0272 7684  SessionEnv - ok
20:45:09.0302 7684  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:45:09.0326 7684  sffdisk - ok
20:45:09.0347 7684  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:45:09.0380 7684  sffp_mmc - ok
20:45:09.0400 7684  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:45:09.0415 7684  sffp_sd - ok
20:45:09.0449 7684  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:45:09.0485 7684  sfloppy - ok
20:45:09.0540 7684  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:45:09.0587 7684  SharedAccess - ok
20:45:09.0624 7684  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:45:09.0674 7684  ShellHWDetection - ok
20:45:09.0693 7684  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:45:09.0706 7684  sisagp - ok
20:45:09.0743 7684  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:45:09.0756 7684  SiSRaid2 - ok
20:45:09.0777 7684  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:45:09.0791 7684  SiSRaid4 - ok
20:45:09.0854 7684  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
20:45:09.0875 7684  SkypeUpdate - ok
20:45:09.0897 7684  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:45:09.0924 7684  Smb - ok
20:45:09.0979 7684  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:45:10.0020 7684  SNMPTRAP - ok
20:45:10.0043 7684  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:45:10.0056 7684  spldr - ok
20:45:10.0104 7684  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
20:45:10.0126 7684  Spooler - ok
20:45:10.0228 7684  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:45:10.0316 7684  sppsvc - ok
20:45:10.0341 7684  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:45:10.0384 7684  sppuinotify - ok
20:45:10.0429 7684  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:45:10.0452 7684  SQLBrowser - ok
20:45:10.0494 7684  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:45:10.0504 7684  SQLWriter - ok
20:45:10.0538 7684  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:45:10.0599 7684  srv - ok
20:45:10.0624 7684  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:45:10.0651 7684  srv2 - ok
20:45:10.0673 7684  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:45:10.0703 7684  srvnet - ok
20:45:10.0730 7684  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:45:10.0761 7684  SSDPSRV - ok
20:45:10.0769 7684  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:45:10.0798 7684  SstpSvc - ok
20:45:10.0832 7684  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:45:10.0845 7684  stexstor - ok
20:45:10.0894 7684  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
20:45:10.0927 7684  StiSvc - ok
20:45:10.0963 7684  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:45:10.0985 7684  storflt - ok
20:45:11.0018 7684  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
20:45:11.0036 7684  StorSvc - ok
20:45:11.0047 7684  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:45:11.0061 7684  storvsc - ok
20:45:11.0097 7684  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:45:11.0110 7684  swenum - ok
20:45:11.0129 7684  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
20:45:11.0169 7684  swprv - ok
20:45:11.0220 7684  [ 85AA36B9C4C07CABC1B4E57E11E60E24 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:45:11.0243 7684  SynTP - ok
20:45:11.0300 7684  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
20:45:11.0342 7684  SysMain - ok
20:45:11.0375 7684  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:45:11.0395 7684  TabletInputService - ok
20:45:11.0435 7684  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:45:11.0474 7684  TapiSrv - ok
20:45:11.0515 7684  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
20:45:11.0560 7684  TBS - ok
20:45:11.0604 7684  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:45:11.0649 7684  Tcpip - ok
20:45:11.0682 7684  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:45:11.0714 7684  TCPIP6 - ok
20:45:11.0758 7684  [ DCFEB82CA988598CEB8F83148616038E ] tcpipBM         C:\Windows\system32\drivers\tcpipBM.sys
20:45:11.0773 7684  tcpipBM ( UnsignedFile.Multi.Generic ) - warning
20:45:11.0773 7684  tcpipBM - detected UnsignedFile.Multi.Generic (1)
20:45:11.0805 7684  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:45:11.0817 7684  tcpipreg - ok
20:45:11.0852 7684  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:45:11.0885 7684  TDPIPE - ok
20:45:11.0905 7684  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:45:11.0917 7684  TDTCP - ok
20:45:11.0955 7684  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:45:12.0018 7684  tdx - ok
20:45:12.0144 7684  [ 01A402D34732CA3DA91786ADCC765069 ] TeamViewer6     C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
20:45:12.0194 7684  TeamViewer6 - ok
20:45:12.0232 7684  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:45:12.0245 7684  TermDD - ok
20:45:12.0290 7684  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
20:45:12.0322 7684  TermService - ok
20:45:12.0378 7684  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
20:45:12.0408 7684  Themes - ok
20:45:12.0441 7684  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:45:12.0469 7684  THREADORDER - ok
20:45:12.0498 7684  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
20:45:12.0537 7684  TrkWks - ok
20:45:12.0602 7684  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:45:12.0669 7684  TrustedInstaller - ok
20:45:12.0706 7684  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:45:12.0744 7684  tssecsrv - ok
20:45:12.0781 7684  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:45:12.0826 7684  TsUsbFlt - ok
20:45:12.0874 7684  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:45:12.0916 7684  tunnel - ok
20:45:12.0947 7684  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:45:12.0960 7684  uagp35 - ok
20:45:12.0993 7684  [ 91096BD971BF7C1C4CA58C1CE594BB24 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
20:45:13.0003 7684  UBHelper - ok
20:45:13.0046 7684  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:45:13.0105 7684  udfs - ok
20:45:13.0148 7684  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:45:13.0178 7684  UI0Detect - ok
20:45:13.0218 7684  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:45:13.0232 7684  uliagpkx - ok
20:45:13.0272 7684  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
20:45:13.0298 7684  umbus - ok
20:45:13.0327 7684  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:45:13.0367 7684  UmPass - ok
20:45:13.0404 7684  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:45:13.0443 7684  UmRdpService - ok
20:45:13.0540 7684  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:45:13.0561 7684  Updater Service - ok
20:45:13.0598 7684  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
20:45:13.0643 7684  upnphost - ok
20:45:13.0683 7684  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:45:13.0708 7684  USBAAPL - ok
20:45:13.0754 7684  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:45:13.0769 7684  usbaudio - ok
20:45:13.0795 7684  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:45:13.0820 7684  usbccgp - ok
20:45:13.0826 7684  USBCCID - ok
20:45:13.0863 7684  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:45:13.0880 7684  usbcir - ok
20:45:13.0910 7684  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:45:13.0923 7684  usbehci - ok
20:45:13.0935 7684  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:45:13.0951 7684  usbhub - ok
20:45:13.0983 7684  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:45:14.0014 7684  usbohci - ok
20:45:14.0052 7684  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:45:14.0067 7684  usbprint - ok
20:45:14.0080 7684  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:45:14.0129 7684  USBSTOR - ok
20:45:14.0164 7684  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:45:14.0195 7684  usbuhci - ok
20:45:14.0243 7684  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:45:14.0260 7684  usbvideo - ok
20:45:14.0277 7684  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
20:45:14.0304 7684  UxSms - ok
20:45:14.0324 7684  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
20:45:14.0337 7684  VaultSvc - ok
20:45:14.0364 7684  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:45:14.0377 7684  vdrvroot - ok
20:45:14.0416 7684  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
20:45:14.0448 7684  vds - ok
20:45:14.0480 7684  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:45:14.0495 7684  vga - ok
20:45:14.0507 7684  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:45:14.0545 7684  VgaSave - ok
20:45:14.0579 7684  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:45:14.0593 7684  vhdmp - ok
20:45:14.0621 7684  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:45:14.0635 7684  viaagp - ok
20:45:14.0655 7684  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
20:45:14.0682 7684  ViaC7 - ok
20:45:14.0717 7684  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
20:45:14.0738 7684  viaide - ok
20:45:14.0772 7684  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:45:14.0787 7684  vmbus - ok
20:45:14.0817 7684  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
20:45:14.0854 7684  VMBusHID - ok
20:45:14.0879 7684  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:45:14.0893 7684  volmgr - ok
20:45:14.0919 7684  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:45:14.0936 7684  volmgrx - ok
20:45:14.0949 7684  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:45:14.0966 7684  volsnap - ok
20:45:14.0999 7684  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:45:15.0013 7684  vsmraid - ok
20:45:15.0062 7684  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
20:45:15.0115 7684  VSS - ok
20:45:15.0237 7684  [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
20:45:15.0266 7684  vToolbarUpdater13.2.0 - ok
20:45:15.0285 7684  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:45:15.0319 7684  vwifibus - ok
20:45:15.0338 7684  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:45:15.0354 7684  vwififlt - ok
20:45:15.0391 7684  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:45:15.0407 7684  vwifimp - ok
20:45:15.0436 7684  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
20:45:15.0485 7684  W32Time - ok
20:45:15.0513 7684  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:45:15.0552 7684  WacomPen - ok
20:45:15.0599 7684  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:45:15.0652 7684  WANARP - ok
20:45:15.0656 7684  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:45:15.0683 7684  Wanarpv6 - ok
20:45:15.0764 7684  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:45:15.0799 7684  WatAdminSvc - ok
20:45:15.0859 7684  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
20:45:15.0913 7684  wbengine - ok
20:45:15.0951 7684  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:45:15.0970 7684  WbioSrvc - ok
20:45:16.0007 7684  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:45:16.0057 7684  wcncsvc - ok
20:45:16.0076 7684  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:45:16.0121 7684  WcsPlugInService - ok
20:45:16.0144 7684  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:45:16.0157 7684  Wd - ok
20:45:16.0187 7684  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:45:16.0209 7684  Wdf01000 - ok
20:45:16.0231 7684  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:45:16.0276 7684  WdiServiceHost - ok
20:45:16.0280 7684  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:45:16.0299 7684  WdiSystemHost - ok
20:45:16.0333 7684  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
20:45:16.0353 7684  WebClient - ok
20:45:16.0371 7684  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:45:16.0401 7684  Wecsvc - ok
20:45:16.0407 7684  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:45:16.0435 7684  wercplsupport - ok
20:45:16.0462 7684  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:45:16.0509 7684  WerSvc - ok
20:45:16.0551 7684  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:45:16.0578 7684  WfpLwf - ok
20:45:16.0615 7684  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:45:16.0628 7684  WIMMount - ok
20:45:16.0702 7684  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:45:16.0745 7684  WinDefend - ok
20:45:16.0753 7684  WinHttpAutoProxySvc - ok
20:45:16.0814 7684  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:45:16.0854 7684  Winmgmt - ok
20:45:16.0907 7684  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
20:45:16.0948 7684  WinRM - ok
20:45:16.0995 7684  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:45:17.0027 7684  WinUsb - ok
20:45:17.0075 7684  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:45:17.0120 7684  Wlansvc - ok
20:45:17.0166 7684  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:45:17.0180 7684  WmiAcpi - ok
20:45:17.0211 7684  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:45:17.0242 7684  wmiApSrv - ok
20:45:17.0333 7684  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:45:17.0402 7684  WMPNetworkSvc - ok
20:45:17.0434 7684  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:45:17.0480 7684  WPCSvc - ok
20:45:17.0513 7684  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:45:17.0563 7684  WPDBusEnum - ok
20:45:17.0591 7684  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:45:17.0631 7684  ws2ifsl - ok
20:45:17.0664 7684  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
20:45:17.0693 7684  wscsvc - ok
20:45:17.0699 7684  WSearch - ok
20:45:17.0774 7684  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:45:17.0830 7684  wuauserv - ok
20:45:17.0856 7684  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:45:17.0875 7684  WudfPf - ok
20:45:17.0911 7684  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:45:17.0925 7684  WUDFRd - ok
20:45:17.0971 7684  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:45:17.0999 7684  wudfsvc - ok
20:45:18.0039 7684  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:45:18.0100 7684  WwanSvc - ok
20:45:18.0149 7684  ================ Scan global ===============================
20:45:18.0184 7684  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:45:18.0215 7684  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:45:18.0223 7684  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:45:18.0250 7684  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:45:18.0280 7684  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:45:18.0284 7684  [Global] - ok
20:45:18.0284 7684  ================ Scan MBR ==================================
20:45:18.0295 7684  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:45:18.0764 7684  \Device\Harddisk0\DR0 - ok
20:45:18.0765 7684  ================ Scan VBR ==================================
20:45:18.0769 7684  [ 33A3B1F5CF41265473F927A5413DCAE6 ] \Device\Harddisk0\DR0\Partition1
20:45:18.0772 7684  \Device\Harddisk0\DR0\Partition1 - ok
20:45:18.0800 7684  [ 9CC830D2E32D535FDDF0A116EB300FBD ] \Device\Harddisk0\DR0\Partition2
20:45:18.0803 7684  \Device\Harddisk0\DR0\Partition2 - ok
20:45:18.0829 7684  [ 40A423095DE5FDF089143EF149A0CA3D ] \Device\Harddisk0\DR0\Partition3
20:45:18.0831 7684  \Device\Harddisk0\DR0\Partition3 - ok
20:45:18.0832 7684  ============================================================
20:45:18.0832 7684  Scan finished
20:45:18.0832 7684  ============================================================
20:45:18.0853 3488  Detected object count: 4
20:45:18.0855 3488  Actual detected object count: 4
20:46:01.0243 3488  BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:01.0243 3488  BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:46:01.0246 3488  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:01.0246 3488  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:46:01.0248 3488  KinoniSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:01.0248 3488  KinoniSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:46:01.0251 3488  tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
20:46:01.0251 3488  tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Danke!

LG

Jörg

Alt 17.05.2013, 20:55   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.05.2013, 21:26   #14
joerg69
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



jrt.txt

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x86
Ran by Sandra on 17.05.2013 at 22:02:12,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\office\powerpoint\addins\babylonofficeaddin.officeaddin
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\office\word\addins\babylonofficeaddin.officeaddin
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E4C32C88-C595-4C32-B61B-14A6F067D3F6}



~~~ Files

Successfully deleted: [File] "C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\babylon.lnk"



~~~ Folders



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com
Successfully deleted the following from C:\Users\Sandra\AppData\Roaming\mozilla\firefox\profiles\wla9cndx.default\prefs.js

user_pref("extensions.crossrider.bic", "13ac6b46c211ad995284f3043f7f1e38");
Emptied folder: C:\Users\Sandra\AppData\Roaming\mozilla\firefox\profiles\wla9cndx.default\minidumps [117 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.05.2013 at 22:03:35,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

adwcleaner.txt

Code:
ATTFilter
# AdwCleaner v2.301 - Datei am 17/05/2013 um 22:07:36 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : Sandra - SANDRA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Sandra\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\wla9cndx.default\searchplugins\FBDownloader.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\wla9cndx.default\searchplugins\fbdownloader_search.xml
Gelöscht mit Neustart : C:\Program Files\Common Files\AVG Secure Search

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\wla9cndx.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v26.0.1410.64
         
otl:

Code:
ATTFilter
OTL logfile created on: 17.05.2013 22:11:58 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sandra\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,90 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 65,12% Memory free
5,80 Gb Paging File | 4,76 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,94 Gb Total Space | 93,67 Gb Free Space | 67,42% Space Free | Partition Type: NTFS
Drive D: | 135,05 Gb Total Space | 134,95 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
 
Computer Name: SANDRA-PC | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Sandra\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
PRC - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Programme\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe ()
PRC - C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer ePower Management\ePowerEvent.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
PRC - C:\Programme\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Users\Sandra\AppData\Roaming\T-Mobile Internet Manager\ouc.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Programme\Launch Manager\LManager.EXE (Dritek System Inc.)
PRC - C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Programme\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\PLFSetI.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (McAfee SiteAdvisor Service) -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (vToolbarUpdater13.2.0) -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
SRV - (KinoniSvc) -- C:\Programme\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (GREGService) -- C:\Programme\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (USBCCID) -- system32\DRIVERS\RtsUCcid.sys File not found
DRV - (RtsUIR) -- system32\DRIVERS\Rts516xIR.sys File not found
DRV - (catchme) -- C:\Users\Sandra\AppData\Local\Temp\catchme.sys File not found
DRV - (HWiNFO32) -- C:\Windows\System32\drivers\HWiNFO32.SYS (REALiX(tm))
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (BMLoad) -- C:\Windows\System32\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&m=extensa_5635&r=27051111d506l0473z2i5i5741u495
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.02.07 01:39:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.17 11:52:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011.12.13 19:58:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sandra\AppData\Roaming\mozilla\Extensions
[2013.03.08 20:11:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sandra\AppData\Roaming\mozilla\Firefox\Profiles\wla9cndx.default\extensions
[2013.05.17 11:52:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.17 11:52:34 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - Extension: Google Drive = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Google Mail = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.05.17 13:28:27 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3322867212-3760231481-2277792164-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0055F8EE-D9A6-4CD6-986E-2B6E60A99052}: NameServer = 213.162.69.169 213.162.69.170
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A8D70E7-C4E4-44C2-A11D-61244551D09F}: DhcpNameServer = 192.168.1.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A8D70E7-C4E4-44C2-A11D-61244551D09F}: NameServer = 8.8.8.8,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65596105-DD19-4088-99D5-43028999E61E}: DhcpNameServer = 192.168.1.10
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.17 22:02:10 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.17 22:02:01 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.17 22:01:18 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Sandra\Desktop\JRT.exe
[2013.05.17 14:59:26 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sandra\Desktop\tdsskiller.exe
[2013.05.17 14:42:57 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Sandra\Desktop\aswMBR.exe
[2013.05.17 14:24:18 | 000,000,000 | ---D | C] -- C:\Users\Sandra\Desktop\mbar-1.05.0.1001
[2013.05.17 14:22:04 | 000,022,560 | ---- | C] (REALiX(tm)) -- C:\Windows\System32\drivers\HWiNFO32.SYS
[2013.05.17 14:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
[2013.05.17 14:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO32
[2013.05.17 14:20:17 | 002,820,032 | ---- | C] (Martin Malík - REALiX                                       ) -- C:\Users\Sandra\Desktop\hw32_418.exe
[2013.05.17 13:30:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.17 13:30:10 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.05.17 13:20:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.05.17 13:20:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.05.17 13:20:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.05.17 13:16:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.17 13:16:20 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.05.17 13:13:43 | 005,066,411 | R--- | C] (Swearware) -- C:\Users\Sandra\Desktop\ComboFix.exe
[2013.05.17 11:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.17 07:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.05.17 07:19:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.05.17 07:19:35 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.05.17 07:19:35 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.05.16 19:52:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sandra\Desktop\OTL.exe
[2013.05.15 16:02:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.15 16:02:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.15 16:02:32 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.15 16:02:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.15 16:02:31 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.15 16:02:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.15 16:02:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.15 15:57:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.15 13:28:10 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.15 13:28:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013.05.15 13:28:08 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.05.15 13:27:58 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013.05.15 13:27:57 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.04.29 20:06:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\SupportAppXL
[2013.04.29 20:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\MODEM Mobiler Anschluss
[2013.04.29 20:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MODEM Mobiler Anschluss
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.17 22:09:07 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.17 22:08:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.17 22:08:46 | 2338,004,992 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.17 22:06:07 | 000,632,031 | ---- | M] () -- C:\Users\Sandra\Desktop\adwcleaner.exe
[2013.05.17 22:01:28 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Sandra\Desktop\JRT.exe
[2013.05.17 21:55:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.17 21:41:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.17 14:59:30 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sandra\Desktop\tdsskiller.exe
[2013.05.17 14:58:44 | 000,000,512 | ---- | M] () -- C:\Users\Sandra\Desktop\MBR.dat
[2013.05.17 14:44:28 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Sandra\Desktop\aswMBR.exe
[2013.05.17 14:23:45 | 012,917,756 | ---- | M] () -- C:\Users\Sandra\Desktop\mbar-1.05.0.1001.zip
[2013.05.17 14:22:04 | 000,022,560 | ---- | M] (REALiX(tm)) -- C:\Windows\System32\drivers\HWiNFO32.SYS
[2013.05.17 14:20:19 | 002,820,032 | ---- | M] (Martin Malík - REALiX                                       ) -- C:\Users\Sandra\Desktop\hw32_418.exe
[2013.05.17 13:28:27 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.05.17 13:14:17 | 005,066,411 | R--- | M] (Swearware) -- C:\Users\Sandra\Desktop\ComboFix.exe
[2013.05.17 07:18:36 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.17 07:18:36 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.16 22:48:50 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.16 21:43:49 | 000,016,479 | ---- | M] () -- C:\Users\Sandra\Desktop\OTL.zip
[2013.05.16 20:21:28 | 000,377,856 | ---- | M] () -- C:\Users\Sandra\Desktop\gmer_2.1.19163.exe
[2013.05.16 19:52:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sandra\Desktop\OTL.exe
[2013.05.16 19:51:42 | 000,000,000 | ---- | M] () -- C:\Users\Sandra\defogger_reenable
[2013.05.16 19:51:24 | 000,050,477 | ---- | M] () -- C:\Users\Sandra\Desktop\Defogger.exe
[2013.05.16 19:14:39 | 000,753,840 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.16 19:14:39 | 000,698,856 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.16 19:14:39 | 000,171,660 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.16 19:14:39 | 000,138,602 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.15 16:12:55 | 000,463,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.14 21:56:33 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.14 21:56:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.13 10:37:43 | 003,602,982 | ---- | M] () -- C:\Users\Sandra\Documents\Omi und Opi 2. Versuch.wmv
[2013.05.10 11:13:12 | 318,971,301 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.05.08 18:05:11 | 000,002,044 | -H-- | M] () -- C:\Users\Sandra\Documents\Default.rdp
[2013.05.08 11:14:04 | 005,480,482 | ---- | M] () -- C:\Users\Sandra\Documents\Omi und Opi 1. Versuch.wmv
[2013.05.06 14:16:41 | 000,009,292 | ---- | M] () -- C:\Users\Sandra\Documents\print.pdf
[2013.05.05 21:12:55 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.02 17:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.04.29 20:06:58 | 000,001,774 | ---- | M] () -- C:\Users\Public\Desktop\MODEM Mobiler Anschluss.lnk
[2013.04.23 12:41:51 | 000,002,186 | ---- | M] () -- C:\Users\Sandra\Documents\Mein Film 3.wlmp
[2013.04.23 12:11:33 | 000,002,152 | ---- | M] () -- C:\Users\Sandra\Documents\mein film 1.wlmp
[2013.04.23 11:53:32 | 000,002,416 | ---- | M] () -- C:\Users\Sandra\Documents\Mein Film.wlmp
 
========== Files Created - No Company Name ==========
 
[2013.05.17 22:05:57 | 000,632,031 | ---- | C] () -- C:\Users\Sandra\Desktop\adwcleaner.exe
[2013.05.17 14:58:44 | 000,000,512 | ---- | C] () -- C:\Users\Sandra\Desktop\MBR.dat
[2013.05.17 14:23:32 | 012,917,756 | ---- | C] () -- C:\Users\Sandra\Desktop\mbar-1.05.0.1001.zip
[2013.05.17 13:20:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.05.17 13:20:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.05.17 13:20:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.05.17 13:20:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.05.17 13:20:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.05.16 21:43:49 | 000,016,479 | ---- | C] () -- C:\Users\Sandra\Desktop\OTL.zip
[2013.05.16 20:21:28 | 000,377,856 | ---- | C] () -- C:\Users\Sandra\Desktop\gmer_2.1.19163.exe
[2013.05.16 19:51:42 | 000,000,000 | ---- | C] () -- C:\Users\Sandra\defogger_reenable
[2013.05.16 19:51:22 | 000,050,477 | ---- | C] () -- C:\Users\Sandra\Desktop\Defogger.exe
[2013.05.13 10:37:13 | 003,602,982 | ---- | C] () -- C:\Users\Sandra\Documents\Omi und Opi 2. Versuch.wmv
[2013.05.08 11:13:23 | 005,480,482 | ---- | C] () -- C:\Users\Sandra\Documents\Omi und Opi 1. Versuch.wmv
[2013.05.06 14:16:41 | 000,009,292 | ---- | C] () -- C:\Users\Sandra\Documents\print.pdf
[2013.04.29 20:06:43 | 000,001,774 | ---- | C] () -- C:\Users\Public\Desktop\MODEM Mobiler Anschluss.lnk
[2013.04.23 12:41:51 | 000,002,186 | ---- | C] () -- C:\Users\Sandra\Documents\Mein Film 3.wlmp
[2013.04.23 12:11:33 | 000,002,152 | ---- | C] () -- C:\Users\Sandra\Documents\mein film 1.wlmp
[2013.04.23 11:53:31 | 000,002,416 | ---- | C] () -- C:\Users\Sandra\Documents\Mein Film.wlmp
[2013.03.04 12:52:54 | 000,015,872 | ---- | C] () -- C:\Users\Sandra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.24 02:14:17 | 000,007,605 | ---- | C] () -- C:\Users\Sandra\AppData\Local\Resmon.ResmonCfg
[2012.10.15 10:23:12 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2012.09.27 20:01:40 | 000,000,033 | ---- | C] () -- C:\Windows\System32\mnprxpd2f.bin
[2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012.09.11 13:45:25 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2012.09.11 13:44:11 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2012.09.11 13:43:41 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2012.09.09 12:54:25 | 000,000,105 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.05.08 12:53:17 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.01.18 07:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011.11.08 09:56:02 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         

extras:

Code:
ATTFilter
OTL Extras logfile created on: 17.05.2013 22:11:58 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sandra\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,90 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 65,12% Memory free
5,80 Gb Paging File | 4,76 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,94 Gb Total Space | 93,67 Gb Free Space | 67,42% Space Free | Partition Type: NTFS
Drive D: | 135,05 Gb Total Space | 134,95 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
 
Computer Name: SANDRA-PC | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-3322867212-3760231481-2277792164-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0769129A-E86E-4310-802E-E630F6EB4C78}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{0BCC12F9-0CFE-43B1-84C1-4178553E460D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0FF73EE9-88E7-470F-B6F6-11FC9275AB13}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1133BD62-9EF8-4908-80B6-29F9C146A3C9}" = rport=139 | protocol=6 | dir=out | app=system | 
"{13FC3117-CDC5-47F2-96E7-7D9D491CB0B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1A562B7C-1D4D-47C0-A65B-0F083584DCF1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{25B6DA82-9DD4-4F1C-9D6D-4E5048D1AFF5}" = lport=445 | protocol=6 | dir=in | app=system | 
"{49FFF147-B83F-4B9D-8069-715A07B64240}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4D418F3F-DFED-4B00-A53E-0B6614261218}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4FFA3DC9-5021-40C1-849B-E5E9CFA0F18B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{61E30013-86F4-477A-84E8-B28012D94E60}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{66FB5303-6D53-4B8D-8193-15AB807A20B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{7E6911AA-D051-45DC-8CEF-359F8CDE9B63}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{82604CBA-8961-4E33-ACD6-5586EA989230}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8332D17F-4507-44D4-BD48-674617AEE4C3}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{84F97902-B448-48DD-8CBB-8323C22F6DB5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{95431E00-AB1E-4037-8E92-85CDD5CE70DF}" = lport=138 | protocol=17 | dir=in | app=system | 
"{B7F6507D-737E-4034-8B84-074CEA74895D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{BBCAEA54-832A-4F7D-83C5-824CB6AF2EBC}" = rport=137 | protocol=17 | dir=out | app=system | 
"{CAD3D3FD-C68A-4389-A828-6C4EE29FD53F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{CDF44C22-68F1-424F-B854-E8C39FF7C90E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E69EA7CC-20A4-4A03-B550-60C95904E4E2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{E96FF62F-CA53-4D2A-8403-537CD617E7F6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{ECB3A3A5-2E70-4BC6-8A84-270B4F4CBC0A}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B733F4F-0C8C-4247-843C-16516ABD89A5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{12870F13-A815-49C2-B9B0-455C2477623C}" = dir=in | app=c:\program files\acer\acer vcm\rs_service.exe | 
"{173A4FFC-0572-4A8D-9A93-363CF674C8B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2EBC331F-E8B8-4748-95C0-6324FD45523F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2F3455E5-40E7-4157-B84E-C273C5FBC06F}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | 
"{31E25133-2D27-488C-BC2E-CC2E9F4302BC}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{3390BD87-3A43-4E1A-B0EF-12A412DD6552}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{36EC0432-C48D-4FDE-B5F2-C0B4103D963A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{3799457D-E06C-41B2-9A4A-7C304ADB7F84}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | 
"{3A950D8A-8F7A-476D-A1E0-FC36F8F6E42E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{456D8972-1682-4FC2-B55C-63EA7DCE694D}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{4CC27AC1-7EE1-4315-9517-58A5468F814B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{510AE8F5-EFE1-487F-B0A1-037C604C90DE}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | 
"{522293ED-922C-4D89-BE80-C4EE9A83B187}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{554AE5D3-EEED-49B5-B53C-436A60E0F621}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{5C3BE645-952C-440F-B240-7C236AB03FC9}" = protocol=6 | dir=out | app=c:\program files\kinoni\epoccam_and_barcode_drivers\kinonisvc.exe | 
"{620C5A7D-6BDE-4C31-9A2D-4181A28D969C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{6673E7DC-51F7-4872-955E-56E210AA8D5F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{68A4F3E0-6A6C-4723-A3A9-65FED53A66C3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7358A915-28B8-4031-9A0A-EE5015070701}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{7D79096F-4089-464B-97C1-7D9A350A85DE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8912F232-733F-4494-BC8E-E3707BC760AE}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{8CA8D513-AFEF-4A63-BF60-4267A790A775}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8CBEA5E7-A4D6-4247-BD10-A47E7996EA69}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{8DCC28A0-632C-469C-BC39-8D1A7064E64E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{9AD0C094-81EF-4C1E-B4D8-4CC5EF487E2E}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{9D02B553-9F8C-4584-BEBA-081AC702E728}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A012AA85-EECE-4852-860A-CE9C9F5D89E5}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{A4B17515-7DD5-4F96-AC4F-D423A3C0E36F}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{A56E409B-B30C-4860-B8D2-02D4BB7D0703}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A71C4E2F-AB61-4DFB-BA00-1ADB9122A905}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{ADC98240-A8EF-4CF6-8C09-5A114953C159}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{AEB47642-AD53-47C2-BC2A-0AC1B9853B33}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BEB2FE12-E17B-42C6-8685-00A6DE4AC8C0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C0BA7EA8-9776-4274-A87E-AE28EAF52D84}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | 
"{C2E26C3A-B681-4444-A72B-F176534FE483}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CED1562C-EAF1-45CC-B4B9-DF25CADD06EA}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | 
"{D6E115E2-499A-438C-9F5E-347BA0090ABF}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{D754A5A4-0111-4D2E-AC0C-E0F9417A7C16}" = protocol=6 | dir=in | app=c:\program files\kinoni\epoccam_and_barcode_drivers\kinonisvc.exe | 
"{DB8E39A2-1441-4A4A-9325-08AEDDBC5AAC}" = protocol=6 | dir=out | app=system | 
"{E66F10FD-F401-4189-AB66-CA34AEC62B4F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E893468E-A6FE-48BB-A143-CFCCCA4EC939}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{EEBDD4E8-A01F-41D8-BE0F-6596B647E264}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{F2404AFE-1D7D-4A48-91B1-33278C961AC6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"TCP Query User{309F4965-1AA3-494B-BDCD-E6B8AE6DC8BB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{7C334C5B-8F6B-4F34-B29A-4EE605A83BDD}C:\satisfyme\satisfyme.exe" = protocol=6 | dir=in | app=c:\satisfyme\satisfyme.exe | 
"TCP Query User{B6F93A39-7705-4E34-8ED5-A7F1AECFC763}\\svr02\volume_1\apple\tinyumbrella-6.01.00.exe" = protocol=6 | dir=in | app=\\svr02\volume_1\apple\tinyumbrella-6.01.00.exe | 
"UDP Query User{7005199E-BAFA-4563-9265-495262EE662E}C:\satisfyme\satisfyme.exe" = protocol=17 | dir=in | app=c:\satisfyme\satisfyme.exe | 
"UDP Query User{A291CF49-B811-4AC6-B532-65343D1D21B3}\\svr02\volume_1\apple\tinyumbrella-6.01.00.exe" = protocol=17 | dir=in | app=\\svr02\volume_1\apple\tinyumbrella-6.01.00.exe | 
"UDP Query User{D6B772D1-8EA9-4544-984D-763FDA269F60}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = MODEM Mobiler Anschluss
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.160.210
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F73D8560-EB17-4C8C-BA6C-8389419E8A98}" = SatisfyMe
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"D'Accord Free Clef_is1" = D'Accord Free Clef
"DarkWave Studio" = DarkWave Studio 4.0.9
"Finale 2012 Demo" = Finale 2012 Demo
"Finale NotePad 2012" = Finale NotePad 2012
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HWiNFO32_is1" = HWiNFO32 Version 4.18
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"JTL-Wawi_is1" = JTL-Wawi
"KinoniDrivers" = KinoniDrivers 2.7.1
"LManager" = Launch Manager
"MAGIX Music Maker for MySpace D" = MAGIX Music Maker for MySpace 15.0.1.8 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Multilizer PDF Translator_is1" = Multilizer PDF Translator (Build 7.8.8)
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"PROHYBRIDR" = 2007 Microsoft Office system
"Synthesia" = Synthesia (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"T-Mobile Internet Manager" = T-Mobile Internet Manager
"TVWiz" = Intel(R) TV Wizard
"Virtual Garden" = Virtual Garden
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.05.2013 16:12:10 | Computer Name = Sandra-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.)
 active for over two minutes. This places considerable burden on the network.
 
[ OSession Events ]
Error - 30.08.2012 04:00:55 | Computer Name = Sandra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1714
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 30.08.2012 04:14:59 | Computer Name = Sandra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 795
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 30.11.2012 06:53:50 | Computer Name = Sandra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 118
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 17.05.2013 16:09:16 | Computer Name = Sandra-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
 
< End of report >
         

Danke!

LG

Jörg

Alt 17.05.2013, 21:46   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich einen Virus ? - Standard

Habe ich einen Virus ?



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Habe ich einen Virus ?
blick, datei, freundin, probleme, seite, virus, virus ?, wirklich, würde



Ähnliche Themen: Habe ich einen Virus ?


  1. .scr Datei (Virus?) über Steam erhalten, habe ich jetzt einen Virus (oder Passwortscanner, etc.)?
    Log-Analyse und Auswertung - 09.06.2015 (3)
  2. Habe ich einen Virus ?
    Plagegeister aller Art und deren Bekämpfung - 27.10.2014 (14)
  3. Ich habe 2 DllHost.exe Prozesse, Habe ich mir einen Virus eingefangen?
    Log-Analyse und Auswertung - 29.08.2013 (9)
  4. Habe einen virus! aber was für einen ?
    Log-Analyse und Auswertung - 17.07.2013 (8)
  5. 2x | Habe einen virus !aber was für einen?
    Mülltonne - 20.05.2013 (0)
  6. Habe ich einen Virus ?
    Log-Analyse und Auswertung - 28.04.2013 (9)
  7. ich glaub ich habe einen virus(trojaner>JS/Exploit-Blacole.ht< unter anderen.) sorry habe im ersten thema so ziemlich alles falsch gemacht
    Mülltonne - 21.12.2012 (4)
  8. Benötige einen Check meiner Dienste, evtl. habe ich einen Virus, der meinen PC überwacht!
    Log-Analyse und Auswertung - 19.12.2011 (10)
  9. Ich habe einen Virus
    Plagegeister aller Art und deren Bekämpfung - 08.12.2011 (1)
  10. Ich habe einen Virus !
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (3)
  11. Habe ich einen Virus
    Log-Analyse und Auswertung - 03.06.2010 (26)
  12. Habe einen Virus
    Plagegeister aller Art und deren Bekämpfung - 07.05.2010 (3)
  13. Habe ich einen Virus?? Bitte um Hilfe - Virus userinit.exe
    Log-Analyse und Auswertung - 20.04.2010 (8)
  14. Guten Morgen ich habe ein Gefühl ich habe nun einen Virus/Trojaner
    Log-Analyse und Auswertung - 23.12.2009 (1)
  15. Habe ich da einen Virus?
    Log-Analyse und Auswertung - 24.10.2007 (2)
  16. Habe ich einen Virus?
    Log-Analyse und Auswertung - 06.09.2007 (2)
  17. Habe ich einen Virus?
    Log-Analyse und Auswertung - 18.04.2007 (2)

Zum Thema Habe ich einen Virus ? - Hallo, leider hat meine Freundin aus dem Netz eine Datei video.exe angeklickt. Die Seite war nicht wirklich vertrauenswürdig. Wir haben auf Ihrem PC zwar noch keine Probleme, jedoch würde ich - Habe ich einen Virus ?...
Archiv
Du betrachtest: Habe ich einen Virus ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.