TR/ATRAPS.Gen2 gefunden in Windows\installer

Nil11 · 08.06.2013, 15:42

Hallo,

ich wollte heute ein Programm aus dem Internet installieren und habe seit dem immer wieder die im Titel genannte Fehlermeldung vom AVIRA-Echtzeit-Scanner. Kann mir jemd. helfen?? Wäre super!

Ich würde den Rechner ungern neu aufsetzen. Es befinden sich viele wichtige Daten auf dem Rechner. Zudem betreibe ich online-banking.

lg, Nil

Update: Ich kann den Windowssicherheitscenter nicht mehr starten und der Hostprozess der Windows-Dienste wurde beendet und geschlossen

schrauber · 08.06.2013, 16:11

Hi,

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Nil11 · 08.06.2013, 18:03

a18:56:32.0351 4108 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:56:32.0704 4108 ============================================================
18:56:32.0704 4108 Current date / time: 2013/06/08 18:56:32.0704
18:56:32.0704 4108 SystemInfo:
18:56:32.0704 4108
18:56:32.0704 4108 OS Version: 6.0.6002 ServicePack: 2.0
18:56:32.0704 4108 Product type: Workstation
18:56:32.0704 4108 ComputerName: XXXXXXXXX-PC
18:56:32.0704 4108 UserName: XXXXXXXXXX
18:56:32.0704 4108 Windows directory: C:\Windows
18:56:32.0704 4108 System windows directory: C:\Windows
18:56:32.0704 4108 Running under WOW64
18:56:32.0704 4108 Processor architecture: Intel x64
18:56:32.0704 4108 Number of processors: 4
18:56:32.0704 4108 Page size: 0x1000
18:56:32.0704 4108 Boot type: Normal boot
18:56:32.0704 4108 ============================================================
18:56:33.0937 4108 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:56:33.0948 4108 ============================================================
18:56:33.0948 4108 \Device\Harddisk0\DR0:
18:56:33.0948 4108 MBR partitions:
18:56:33.0948 4108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48B46A59
18:56:33.0948 4108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B46A98, BlocksNum 0x1D10429
18:56:33.0948 4108 ============================================================
18:56:34.0018 4108 C: <-> \Device\Harddisk0\DR0\Partition1
18:56:34.0124 4108 D: <-> \Device\Harddisk0\DR0\Partition2
18:56:34.0124 4108 ============================================================
18:56:34.0124 4108 Initialize success
18:56:34.0124 4108 ============================================================
18:56:42.0971 4804 ============================================================
18:56:42.0971 4804 Scan started
18:56:42.0971 4804 Mode: Manual; SigCheck; TDLFS;
18:56:42.0971 4804 ============================================================
18:56:43.0894 4804 ================ Scan system memory ========================
18:56:43.0894 4804 System memory - ok
18:56:43.0894 4804 ================ Scan services =============================
18:56:44.0048 4804 [ A0709B82FA3B5AFAD1467E565B8B3BA0 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:56:44.0195 4804 !SASCORE ( UnsignedFile.Multi.Generic ) - warning
18:56:44.0195 4804 !SASCORE - detected UnsignedFile.Multi.Generic (1)
18:56:44.0359 4804 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
18:56:44.0489 4804 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
18:56:45.0191 4804 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:56:45.0225 4804 ACPI - ok
18:56:45.0255 4804 [ A19C69ABB22525D11E9C3E45DFA20850 ] acsint C:\Windows\system32\DRIVERS\acsint64.sys
18:56:45.0487 4804 acsint - ok
18:56:45.0502 4804 [ 3AAFC0ACF51C45605256D3BC4EB6C4FB ] acsmux C:\Windows\system32\DRIVERS\acsmux64.sys
18:56:45.0533 4804 acsmux - ok
18:56:45.0615 4804 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:56:45.0627 4804 AdobeARMservice - ok
18:56:45.0762 4804 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:56:45.0776 4804 AdobeFlashPlayerUpdateSvc - ok
18:56:45.0828 4804 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:56:45.0880 4804 adp94xx - ok
18:56:45.0933 4804 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:56:45.0965 4804 adpahci - ok
18:56:45.0984 4804 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:56:46.0002 4804 adpu160m - ok
18:56:46.0067 4804 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:56:46.0088 4804 adpu320 - ok
18:56:46.0124 4804 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:56:46.0249 4804 AeLookupSvc - ok
18:56:46.0299 4804 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
18:56:46.0377 4804 AFD - ok
18:56:46.0441 4804 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:56:46.0458 4804 agp440 - ok
18:56:46.0519 4804 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:56:46.0537 4804 aic78xx - ok
18:56:46.0554 4804 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
18:56:46.0688 4804 ALG - ok
18:56:46.0717 4804 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
18:56:46.0732 4804 aliide - ok
18:56:46.0745 4804 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
18:56:46.0759 4804 amdide - ok
18:56:46.0770 4804 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:56:46.0824 4804 AmdK8 - ok
18:56:46.0930 4804 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:56:46.0953 4804 AntiVirSchedulerService - ok
18:56:47.0000 4804 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:56:47.0011 4804 AntiVirService - ok
18:56:47.0053 4804 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
18:56:47.0108 4804 Appinfo - ok
18:56:47.0294 4804 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
18:56:47.0339 4804 Apple Mobile Device - ok
18:56:47.0378 4804 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
18:56:47.0397 4804 arc - ok
18:56:47.0419 4804 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:56:47.0439 4804 arcsas - ok
18:56:47.0472 4804 [ E536856E96A7605EBF580D62A868E5FE ] ASGT C:\Windows\SysWOW64\ASGT.exe
18:56:47.0494 4804 ASGT ( UnsignedFile.Multi.Generic ) - warning
18:56:47.0494 4804 ASGT - detected UnsignedFile.Multi.Generic (1)
18:56:47.0733 4804 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:56:47.0745 4804 aspnet_state - ok
18:56:47.0766 4804 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:56:47.0819 4804 AsyncMac - ok
18:56:47.0874 4804 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
18:56:47.0886 4804 atapi - ok
18:56:47.0960 4804 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:56:48.0036 4804 AudioEndpointBuilder - ok
18:56:48.0091 4804 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:56:48.0120 4804 AudioSrv - ok
18:56:48.0262 4804 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:56:48.0273 4804 avgntflt - ok
18:56:48.0351 4804 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:56:48.0370 4804 avipbb - ok
18:56:48.0506 4804 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:56:48.0547 4804 avkmgr - ok
18:56:48.0607 4804 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
18:56:48.0671 4804 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
18:56:48.0671 4804 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
18:56:48.0705 4804 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
18:56:48.0718 4804 avmeject - ok
18:56:48.0746 4804 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:56:48.0783 4804 blbdrive - ok
18:56:48.0805 4804 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:56:48.0817 4804 Bonjour Service - ok
18:56:48.0877 4804 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:56:48.0922 4804 bowser - ok
18:56:48.0950 4804 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:56:48.0991 4804 BrFiltLo - ok
18:56:49.0018 4804 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:56:49.0058 4804 BrFiltUp - ok
18:56:49.0092 4804 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
18:56:49.0150 4804 Browser - ok
18:56:49.0165 4804 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
18:56:49.0318 4804 Brserid - ok
18:56:49.0331 4804 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:56:49.0404 4804 BrSerWdm - ok
18:56:49.0418 4804 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:56:49.0482 4804 BrUsbMdm - ok
18:56:49.0495 4804 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:56:49.0557 4804 BrUsbSer - ok
18:56:49.0576 4804 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:56:49.0643 4804 BTHMODEM - ok
18:56:49.0673 4804 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:56:49.0718 4804 cdfs - ok
18:56:49.0772 4804 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:56:49.0822 4804 cdrom - ok
18:56:49.0899 4804 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
18:56:49.0937 4804 CertPropSvc - ok
18:56:49.0956 4804 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
18:56:50.0004 4804 circlass - ok
18:56:50.0057 4804 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
18:56:50.0097 4804 CLFS - ok
18:56:50.0157 4804 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:56:50.0191 4804 clr_optimization_v2.0.50727_32 - ok
18:56:50.0257 4804 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:56:50.0274 4804 clr_optimization_v2.0.50727_64 - ok
18:56:50.0578 4804 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:56:50.0605 4804 clr_optimization_v4.0.30319_32 - ok
18:56:50.0660 4804 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:56:50.0677 4804 clr_optimization_v4.0.30319_64 - ok
18:56:50.0692 4804 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:56:50.0706 4804 cmdide - ok
18:56:50.0719 4804 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:56:50.0735 4804 Compbatt - ok
18:56:50.0738 4804 COMSysApp - ok
18:56:50.0768 4804 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:56:50.0792 4804 crcdisk - ok
18:56:50.0840 4804 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:56:50.0885 4804 CryptSvc - ok
18:56:50.0978 4804 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:56:51.0199 4804 DcomLaunch - ok
18:56:51.0231 4804 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:56:51.0281 4804 DfsC - ok
18:56:51.0399 4804 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
18:56:51.0568 4804 DFSR - ok
18:56:51.0652 4804 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:56:51.0705 4804 Dhcp - ok
18:56:51.0756 4804 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
18:56:51.0774 4804 disk - ok
18:56:51.0836 4804 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:56:51.0870 4804 Dnscache - ok
18:56:51.0931 4804 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
18:56:51.0974 4804 dot3svc - ok
18:56:52.0004 4804 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
18:56:52.0046 4804 DPS - ok
18:56:52.0085 4804 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:56:52.0134 4804 drmkaud - ok
18:56:52.0178 4804 [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:56:52.0242 4804 DXGKrnl - ok
18:56:52.0287 4804 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
18:56:52.0325 4804 E1G60 - ok
18:56:52.0348 4804 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
18:56:52.0388 4804 EapHost - ok
18:56:52.0457 4804 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
18:56:52.0482 4804 Ecache - ok
18:56:52.0760 4804 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:56:52.0850 4804 ehRecvr - ok
18:56:52.0872 4804 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
18:56:52.0909 4804 ehSched - ok
18:56:52.0933 4804 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
18:56:52.0978 4804 ehstart - ok
18:56:53.0074 4804 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:56:53.0114 4804 elxstor - ok
18:56:53.0287 4804 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:56:53.0401 4804 EMDMgmt - ok
18:56:53.0523 4804 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
18:56:53.0562 4804 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
18:56:53.0562 4804 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
18:56:53.0594 4804 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:56:53.0642 4804 ErrDev - ok
18:56:53.0805 4804 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
18:56:53.0894 4804 EventSystem - ok
18:56:53.0998 4804 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
18:56:54.0079 4804 exfat - ok
18:56:54.0086 4804 ezSharedSvc - ok
18:56:54.0168 4804 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:56:54.0242 4804 fastfat - ok
18:56:54.0272 4804 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:56:54.0321 4804 fdc - ok
18:56:54.0358 4804 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
18:56:54.0412 4804 fdPHost - ok
18:56:54.0432 4804 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
18:56:54.0504 4804 FDResPub - ok
18:56:54.0523 4804 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:56:54.0558 4804 FileInfo - ok
18:56:54.0581 4804 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:56:54.0631 4804 Filetrace - ok
18:56:54.0651 4804 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:56:54.0698 4804 flpydisk - ok
18:56:54.0782 4804 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:56:54.0811 4804 FltMgr - ok
18:56:55.0104 4804 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
18:56:55.0216 4804 FontCache - ok
18:56:55.0304 4804 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:56:55.0342 4804 FontCache3.0.0.0 - ok
18:56:55.0393 4804 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:56:55.0444 4804 Fs_Rec - ok
18:56:55.0585 4804 [ 15585492E45E2F30768B2D5B57929D99 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
18:56:55.0679 4804 fwlanusbn - ok
18:56:55.0718 4804 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:56:55.0764 4804 gagp30kx - ok
18:56:55.0813 4804 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:56:55.0826 4804 GEARAspiWDM - ok
18:56:55.0883 4804 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
18:56:55.0966 4804 gpsvc - ok
18:56:56.0003 4804 [ 1DBBF9BE473F6CA2F2F4182FCCF563DC ] HauppaugeTVServer C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
18:56:56.0065 4804 HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - warning
18:56:56.0065 4804 HauppaugeTVServer - detected UnsignedFile.Multi.Generic (1)
18:56:56.0110 4804 [ 7927EB9E64902FCAF126538F009C824C ] hcw95bda C:\Windows\system32\Drivers\hcw95bda.sys
18:56:56.0376 4804 hcw95bda - ok
18:56:56.0427 4804 [ 6CC035E4B3FD9702ABEB71D3FF8B899E ] hcw95rc C:\Windows\system32\DRIVERS\hcw95rc.sys
18:56:56.0460 4804 hcw95rc - ok
18:56:56.0598 4804 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:56:56.0641 4804 HdAudAddService - ok
18:56:56.0747 4804 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:56:56.0851 4804 HDAudBus - ok
18:56:56.0889 4804 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:56:56.0977 4804 HidBth - ok
18:56:56.0994 4804 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:56:57.0063 4804 HidIr - ok
18:56:57.0117 4804 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
18:56:57.0168 4804 hidserv - ok
18:56:57.0221 4804 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:56:57.0290 4804 HidUsb - ok
18:56:57.0314 4804 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
18:56:57.0349 4804 hkmsvc - ok
18:56:57.0370 4804 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:56:57.0387 4804 HpCISSs - ok
18:56:57.0486 4804 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:56:57.0573 4804 HTTP - ok
18:56:57.0585 4804 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:56:57.0601 4804 i2omp - ok
18:56:57.0621 4804 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:56:57.0662 4804 i8042prt - ok
18:56:57.0684 4804 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:56:57.0713 4804 iaStorV - ok
18:56:57.0773 4804 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:56:57.0823 4804 idsvc - ok
18:56:57.0867 4804 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:56:57.0882 4804 iirsp - ok
18:56:57.0950 4804 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
18:56:58.0023 4804 IKEEXT - ok
18:56:58.0080 4804 ildid - ok
18:56:58.0144 4804 [ 1EDAB7F9B9DE4424BECCDEF950CE2FF0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:56:58.0273 4804 IntcAzAudAddService - ok
18:56:58.0305 4804 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:56:58.0328 4804 intelide - ok
18:56:58.0370 4804 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:56:58.0419 4804 intelppm - ok
18:56:58.0450 4804 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:56:58.0505 4804 IPBusEnum - ok
18:56:58.0567 4804 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:56:58.0617 4804 IpFilterDriver - ok
18:56:58.0622 4804 IpInIp - ok
18:56:58.0637 4804 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:56:58.0689 4804 IPMIDRV - ok
18:56:58.0714 4804 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:56:58.0784 4804 IPNAT - ok
18:56:58.0989 4804 [ 006597773BE583D1CCF6A913477937E0 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:56:59.0048 4804 iPod Service - ok
18:56:59.0095 4804 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:56:59.0148 4804 IRENUM - ok
18:56:59.0175 4804 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:56:59.0190 4804 isapnp - ok
18:56:59.0251 4804 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:56:59.0266 4804 iScsiPrt - ok
18:56:59.0287 4804 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:56:59.0315 4804 iteatapi - ok
18:56:59.0337 4804 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:56:59.0353 4804 iteraid - ok
18:56:59.0374 4804 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:56:59.0391 4804 kbdclass - ok
18:56:59.0434 4804 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:56:59.0472 4804 kbdhid - ok
18:56:59.0508 4804 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
18:56:59.0547 4804 KeyIso - ok
18:56:59.0657 4804 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:56:59.0719 4804 KSecDD - ok
18:56:59.0746 4804 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:56:59.0790 4804 ksthunk - ok
18:56:59.0830 4804 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
18:56:59.0899 4804 KtmRm - ok
18:56:59.0952 4804 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:57:00.0008 4804 LanmanServer - ok
18:57:00.0055 4804 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:57:00.0091 4804 LanmanWorkstation - ok
18:57:00.0135 4804 [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:57:00.0153 4804 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
18:57:00.0153 4804 LightScribeService - detected UnsignedFile.Multi.Generic (1)
18:57:00.0172 4804 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:57:00.0225 4804 lltdio - ok
18:57:00.0263 4804 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:57:00.0326 4804 lltdsvc - ok
18:57:00.0343 4804 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:57:00.0378 4804 lmhosts - ok
18:57:00.0415 4804 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:57:00.0433 4804 LSI_FC - ok
18:57:00.0449 4804 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:57:00.0467 4804 LSI_SAS - ok
18:57:00.0496 4804 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:57:00.0515 4804 LSI_SCSI - ok
18:57:00.0529 4804 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
18:57:00.0579 4804 luafv - ok
18:57:00.0616 4804 [ 701223C663019B62029FAB1A2385EE81 ] LUMDriver C:\Windows\system32\drivers\LUMDriver.sys
18:57:00.0630 4804 LUMDriver - ok
18:57:00.0638 4804 lvpepf64 - ok
18:57:00.0646 4804 LVPr2M64 - ok
18:57:00.0672 4804 [ A401CFF74982D8DF851F20307C806073 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
18:57:00.0702 4804 LVRS64 - ok
18:57:00.0706 4804 LVUSBS64 - ok
18:57:01.0209 4804 [ 13384CB5F5813E65F31078D6ABFAAF38 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
18:57:01.0441 4804 LVUVC64 - ok
18:57:01.0648 4804 [ BDD577BD14B8F1D909AAD45AD729108C ] matlabserver C:\Program Files (x86)\MATLAB71\webserver\bin\win32\matlabserver.exe
18:57:01.0781 4804 matlabserver ( UnsignedFile.Multi.Generic ) - warning
18:57:01.0781 4804 matlabserver - detected UnsignedFile.Multi.Generic (1)
18:57:01.0827 4804 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:57:01.0919 4804 Mcx2Svc - ok
18:57:02.0009 4804 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
18:57:02.0024 4804 megasas - ok
18:57:02.0113 4804 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:57:02.0143 4804 MegaSR - ok
18:57:02.0210 4804 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:57:02.0243 4804 Microsoft Office Groove Audit Service - ok
18:57:02.0263 4804 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
18:57:02.0306 4804 MMCSS - ok
18:57:02.0326 4804 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
18:57:02.0360 4804 Modem - ok
18:57:02.0425 4804 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:57:02.0456 4804 monitor - ok
18:57:02.0483 4804 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:57:02.0499 4804 mouclass - ok
18:57:02.0508 4804 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:57:02.0552 4804 mouhid - ok
18:57:02.0573 4804 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:57:02.0611 4804 MountMgr - ok
18:57:02.0653 4804 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:57:02.0690 4804 MozillaMaintenance - ok
18:57:02.0713 4804 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
18:57:02.0755 4804 mpio - ok
18:57:02.0781 4804 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:57:02.0819 4804 mpsdrv - ok
18:57:02.0833 4804 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:57:02.0848 4804 Mraid35x - ok
18:57:02.0920 4804 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:57:02.0971 4804 MRxDAV - ok
18:57:03.0025 4804 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:57:03.0086 4804 mrxsmb - ok
18:57:03.0112 4804 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:57:03.0155 4804 mrxsmb10 - ok
18:57:03.0172 4804 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:57:03.0190 4804 mrxsmb20 - ok
18:57:03.0201 4804 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
18:57:03.0216 4804 msahci - ok
18:57:03.0238 4804 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:57:03.0257 4804 msdsm - ok
18:57:03.0292 4804 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
18:57:03.0348 4804 MSDTC - ok
18:57:03.0374 4804 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:57:03.0419 4804 Msfs - ok
18:57:03.0447 4804 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:57:03.0462 4804 msisadrv - ok
18:57:03.0488 4804 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:57:03.0532 4804 MSiSCSI - ok
18:57:03.0536 4804 msiserver - ok
18:57:03.0558 4804 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:57:03.0602 4804 MSKSSRV - ok
18:57:03.0624 4804 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:57:03.0673 4804 MSPCLOCK - ok
18:57:03.0691 4804 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:57:03.0741 4804 MSPQM - ok
18:57:03.0826 4804 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:57:03.0867 4804 MsRPC - ok
18:57:03.0911 4804 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:57:03.0923 4804 mssmbios - ok
18:57:03.0955 4804 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:57:04.0025 4804 MSTEE - ok
18:57:04.0078 4804 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
18:57:04.0129 4804 Mup - ok
18:57:04.0212 4804 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
18:57:04.0266 4804 napagent - ok
18:57:04.0337 4804 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:57:04.0380 4804 NativeWifiP - ok
18:57:04.0420 4804 NAVENG - ok
18:57:04.0423 4804 NAVEX15 - ok
18:57:04.0570 4804 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:57:04.0626 4804 NDIS - ok
18:57:04.0695 4804 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:57:04.0744 4804 NdisTapi - ok
18:57:04.0761 4804 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:57:04.0837 4804 Ndisuio - ok
18:57:04.0901 4804 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:57:04.0949 4804 NdisWan - ok
18:57:04.0966 4804 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:57:05.0031 4804 NDProxy - ok
18:57:05.0051 4804 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:57:05.0105 4804 NetBIOS - ok
18:57:05.0176 4804 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:57:05.0208 4804 netbt - ok
18:57:05.0215 4804 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
18:57:05.0228 4804 Netlogon - ok
18:57:05.0336 4804 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
18:57:05.0392 4804 Netman - ok
18:57:05.0450 4804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:57:05.0484 4804 NetMsmqActivator - ok
18:57:05.0488 4804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:57:05.0500 4804 NetPipeActivator - ok
18:57:05.0619 4804 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
18:57:05.0671 4804 netprofm - ok
18:57:05.0675 4804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:57:05.0687 4804 NetTcpActivator - ok
18:57:05.0701 4804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:57:05.0712 4804 NetTcpPortSharing - ok
18:57:05.0736 4804 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:57:05.0752 4804 nfrd960 - ok
18:57:05.0772 4804 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
18:57:05.0816 4804 NlaSvc - ok
18:57:05.0831 4804 Norton Internet Security - ok
18:57:05.0890 4804 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:57:05.0933 4804 Npfs - ok
18:57:05.0967 4804 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
18:57:06.0044 4804 nsi - ok
18:57:06.0067 4804 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:57:06.0112 4804 nsiproxy - ok
18:57:06.0237 4804 [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:57:06.0309 4804 Ntfs - ok
18:57:06.0337 4804 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
18:57:06.0398 4804 Null - ok
18:57:06.0428 4804 [ 57C718139D52E017331806BAF4A1100A ] NVFLASH C:\Windows\system32\drivers\nvflash.sys
18:57:06.0442 4804 NVFLASH - ok
18:57:06.0470 4804 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:57:06.0490 4804 NVHDA - ok
18:57:07.0032 4804 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:57:07.0499 4804 nvlddmkm - ok
18:57:07.0522 4804 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:57:07.0541 4804 nvraid - ok
18:57:07.0579 4804 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:57:07.0611 4804 nvstor - ok
18:57:07.0653 4804 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:57:07.0689 4804 nvsvc - ok
18:57:07.0775 4804 [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:57:07.0831 4804 nvUpdatusService - ok
18:57:07.0848 4804 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:57:07.0867 4804 nv_agp - ok
18:57:07.0870 4804 NwlnkFlt - ok
18:57:07.0875 4804 NwlnkFwd - ok
18:57:08.0047 4804 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:57:08.0113 4804 odserv - ok
18:57:08.0166 4804 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:57:08.0239 4804 ohci1394 - ok
18:57:08.0263 4804 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:57:08.0301 4804 ose - ok
18:57:08.0564 4804 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:57:08.0792 4804 osppsvc - ok
18:57:08.0890 4804 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:57:09.0030 4804 p2pimsvc - ok
18:57:09.0042 4804 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
18:57:09.0084 4804 p2psvc - ok
18:57:09.0178 4804 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
18:57:09.0261 4804 Parport - ok
18:57:09.0290 4804 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:57:09.0308 4804 partmgr - ok
18:57:09.0325 4804 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
18:57:09.0385 4804 PcaSvc - ok
18:57:09.0453 4804 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
18:57:09.0474 4804 pci - ok
18:57:09.0491 4804 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
18:57:09.0505 4804 pciide - ok
18:57:09.0518 4804 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:57:09.0539 4804 pcmcia - ok
18:57:09.0563 4804 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:57:09.0649 4804 PEAUTH - ok
18:57:09.0716 4804 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:57:09.0764 4804 PerfHost - ok
18:57:09.0789 4804 PID_PEPI - ok
18:57:09.0830 4804 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
18:57:09.0985 4804 pla - ok
18:57:10.0080 4804 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:57:10.0116 4804 PlugPlay - ok
18:57:10.0158 4804 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:57:10.0224 4804 PNRPAutoReg - ok
18:57:10.0355 4804 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:57:10.0389 4804 PNRPsvc - ok
18:57:10.0473 4804 [ 147938DA9605668EC48B8419E819CAF1 ] Point64 C:\Windows\system32\DRIVERS\point64k.sys
18:57:10.0497 4804 Point64 - ok
18:57:10.0645 4804 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:57:10.0728 4804 PolicyAgent - ok
18:57:10.0810 4804 postgresql-8.4 - ok
18:57:10.0863 4804 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:57:10.0919 4804 PptpMiniport - ok
18:57:10.0960 4804 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
18:57:11.0010 4804 Processor - ok
18:57:11.0061 4804 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
18:57:11.0103 4804 ProfSvc - ok
18:57:11.0123 4804 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
18:57:11.0136 4804 ProtectedStorage - ok
18:57:11.0191 4804 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:57:11.0220 4804 PSched - ok
18:57:11.0526 4804 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:57:11.0585 4804 ql2300 - ok
18:57:11.0636 4804 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:57:11.0669 4804 ql40xx - ok
18:57:11.0695 4804 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
18:57:11.0738 4804 QWAVE - ok
18:57:11.0753 4804 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:57:11.0770 4804 QWAVEdrv - ok
18:57:11.0776 4804 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:57:11.0825 4804 RasAcd - ok
18:57:11.0862 4804 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
18:57:11.0915 4804 RasAuto - ok
18:57:11.0968 4804 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:57:12.0018 4804 Rasl2tp - ok
18:57:12.0046 4804 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
18:57:12.0073 4804 RasMan - ok
18:57:12.0141 4804 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:57:12.0204 4804 RasPppoe - ok
18:57:12.0248 4804 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:57:12.0291 4804 RasSstp - ok
18:57:12.0342 4804 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:57:12.0376 4804 rdbss - ok
18:57:12.0387 4804 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:57:12.0419 4804 RDPCDD - ok
18:57:12.0455 4804 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:57:12.0521 4804 rdpdr - ok
18:57:12.0524 4804 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:57:12.0558 4804 RDPENCDD - ok
18:57:12.0629 4804 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:57:12.0695 4804 RDPWD - ok
18:57:12.0713 4804 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:57:12.0767 4804 RemoteAccess - ok
18:57:12.0847 4804 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:57:12.0893 4804 RemoteRegistry - ok
18:57:12.0920 4804 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
18:57:12.0964 4804 RpcLocator - ok
18:57:13.0021 4804 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
18:57:13.0054 4804 RpcSs - ok
18:57:13.0065 4804 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:57:13.0110 4804 rspndr - ok
18:57:13.0137 4804 [ D53C84EC99AB4D78A90001E5CE5386EC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
18:57:13.0192 4804 RTL8169 - ok
18:57:13.0215 4804 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
18:57:13.0227 4804 SamSs - ok
18:57:13.0368 4804 [ 99DF79C258B3342B6C8A5F802998DE56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:57:13.0387 4804 SASDIFSV - ok
18:57:13.0390 4804 [ 2859C35C0651E8EB0D86D48E740388F2 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:57:13.0402 4804 SASKUTIL - ok
18:57:13.0406 4804 sboliv - ok
18:57:13.0417 4804 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:57:13.0435 4804 sbp2port - ok
18:57:13.0742 4804 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
18:57:13.0788 4804 SBSDWSCService - ok
18:57:13.0863 4804 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:57:13.0892 4804 SCardSvr - ok
18:57:14.0140 4804 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
18:57:14.0247 4804 Schedule - ok
18:57:14.0322 4804 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:57:14.0345 4804 SCPolicySvc - ok
18:57:14.0386 4804 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:57:14.0424 4804 SDRSVC - ok
18:57:14.0456 4804 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:57:14.0526 4804 secdrv - ok
18:57:14.0536 4804 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
18:57:14.0581 4804 seclogon - ok
18:57:14.0650 4804 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
18:57:14.0699 4804 SENS - ok
18:57:14.0715 4804 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:57:14.0792 4804 Serenum - ok
18:57:14.0838 4804 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
18:57:14.0914 4804 Serial - ok
18:57:14.0923 4804 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:57:14.0973 4804 sermouse - ok
18:57:15.0032 4804 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
18:57:15.0068 4804 SessionEnv - ok
18:57:15.0092 4804 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:57:15.0154 4804 sffdisk - ok
18:57:15.0209 4804 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:57:15.0243 4804 sffp_mmc - ok
18:57:15.0256 4804 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:57:15.0302 4804 sffp_sd - ok
18:57:15.0320 4804 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:57:15.0392 4804 sfloppy - ok
18:57:15.0441 4804 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:57:15.0502 4804 ShellHWDetection - ok
18:57:15.0525 4804 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:57:15.0542 4804 SiSRaid2 - ok
18:57:15.0553 4804 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:57:15.0571 4804 SiSRaid4 - ok
18:57:15.0994 4804 [ 4CA43B85F22C7739311788B651A779CB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:57:16.0127 4804 Skype C2C Service - ok
18:57:16.0259 4804 [ 2F5AF9D91D51E832773D4A9EAF65CB33 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:57:16.0270 4804 SkypeUpdate - ok
18:57:16.0424 4804 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
18:57:16.0536 4804 slsvc - ok
18:57:16.0585 4804 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:57:16.0659 4804 SLUINotify - ok
18:57:16.0747 4804 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:57:16.0858 4804 Smb - ok
18:57:16.0893 4804 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:57:16.0930 4804 SNMPTRAP - ok
18:57:16.0980 4804 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
18:57:16.0997 4804 spldr - ok
18:57:17.0079 4804 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
18:57:17.0110 4804 Spooler - ok
18:57:17.0127 4804 SRTSP - ok
18:57:17.0132 4804 SRTSPX - ok
18:57:17.0225 4804 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
18:57:17.0309 4804 srv - ok
18:57:17.0439 4804 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:57:17.0495 4804 srv2 - ok
18:57:17.0525 4804 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:57:17.0561 4804 srvnet - ok
18:57:17.0584 4804 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:57:17.0634 4804 SSDPSRV - ok
18:57:17.0665 4804 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:57:17.0690 4804 SstpSvc - ok
18:57:17.0739 4804 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:57:17.0762 4804 Stereo Service - ok
18:57:17.0829 4804 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
18:57:17.0889 4804 stisvc - ok
18:57:17.0915 4804 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:57:17.0929 4804 swenum - ok
18:57:18.0024 4804 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
18:57:18.0106 4804 swprv - ok
18:57:18.0146 4804 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:57:18.0170 4804 Symc8xx - ok
18:57:18.0200 4804 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:57:18.0215 4804 Sym_hi - ok
18:57:18.0226 4804 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:57:18.0242 4804 Sym_u3 - ok
18:57:18.0415 4804 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
18:57:18.0506 4804 SysMain - ok
18:57:18.0544 4804 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:57:18.0572 4804 TabletInputService - ok
18:57:18.0597 4804 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:57:18.0641 4804 TapiSrv - ok
18:57:18.0656 4804 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
18:57:18.0705 4804 TBS - ok
18:57:18.0747 4804 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:57:18.0831 4804 Tcpip - ok
18:57:18.0849 4804 [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:57:18.0892 4804 Tcpip6 - ok
18:57:18.0944 4804 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:57:19.0020 4804 tcpipreg - ok
18:57:19.0044 4804 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:57:19.0094 4804 TDPIPE - ok
18:57:19.0111 4804 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:57:19.0171 4804 TDTCP - ok
18:57:19.0209 4804 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:57:19.0255 4804 tdx - ok
18:57:19.0311 4804 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:57:19.0348 4804 TermDD - ok
18:57:19.0366 4804 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
18:57:19.0427 4804 TermService - ok
18:57:19.0507 4804 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
18:57:19.0524 4804 Themes - ok
18:57:19.0544 4804 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
18:57:19.0579 4804 THREADORDER - ok
18:57:19.0608 4804 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
18:57:19.0657 4804 TrkWks - ok
18:57:19.0726 4804 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:57:19.0767 4804 TrustedInstaller - ok
18:57:19.0791 4804 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:57:19.0842 4804 tssecsrv - ok
18:57:19.0873 4804 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:57:19.0916 4804 tunmp - ok
18:57:19.0975 4804 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:57:20.0006 4804 tunnel - ok
18:57:20.0022 4804 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:57:20.0041 4804 uagp35 - ok
18:57:20.0163 4804 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:57:20.0221 4804 udfs - ok
18:57:20.0247 4804 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:57:20.0298 4804 UI0Detect - ok
18:57:20.0326 4804 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:57:20.0362 4804 uliagpkx - ok
18:57:20.0389 4804 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:57:20.0418 4804 uliahci - ok
18:57:20.0466 4804 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:57:20.0484 4804 UlSata - ok
18:57:20.0537 4804 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:57:20.0593 4804 ulsata2 - ok
18:57:20.0611 4804 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:57:20.0668 4804 umbus - ok
18:57:20.0756 4804 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
18:57:20.0834 4804 upnphost - ok
18:57:20.0880 4804 [ 9E58997A211C8C9AC9E6CFFA53614A73 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:57:20.0906 4804 USBAAPL64 - ok
18:57:20.0971 4804 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:57:21.0049 4804 usbaudio - ok
18:57:21.0150 4804 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:57:21.0221 4804 usbccgp - ok
18:57:21.0248 4804 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:57:21.0344 4804 usbcir - ok
18:57:21.0570 4804 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:57:21.0692 4804 usbehci - ok
18:57:21.0773 4804 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:57:21.0915 4804 usbhub - ok
18:57:21.0965 4804 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:57:22.0057 4804 usbohci - ok
18:57:22.0098 4804 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:57:22.0146 4804 usbprint - ok
18:57:22.0209 4804 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:57:22.0263 4804 usbscan - ok
18:57:22.0326 4804 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:57:22.0426 4804 USBSTOR - ok
18:57:22.0451 4804 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:57:22.0478 4804 usbuhci - ok
18:57:22.0519 4804 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:57:22.0580 4804 usbvideo - ok
18:57:22.0626 4804 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
18:57:22.0655 4804 UxSms - ok
18:57:22.0801 4804 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
18:57:22.0864 4804 vds - ok
18:57:22.0881 4804 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:57:22.0933 4804 vga - ok
18:57:22.0958 4804 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:57:23.0005 4804 VgaSave - ok
18:57:23.0027 4804 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
18:57:23.0045 4804 viaide - ok
18:57:23.0083 4804 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:57:23.0112 4804 volmgr - ok
18:57:23.0311 4804 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:57:23.0360 4804 volmgrx - ok
18:57:23.0491 4804 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:57:23.0532 4804 volsnap - ok
18:57:23.0729 4804 [ 80E63B86C40C5E067475DC98F845A6DD ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
18:57:23.0758 4804 vpnagent - ok
18:57:23.0793 4804 [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys
18:57:23.0808 4804 vpnva - ok
18:57:23.0841 4804 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:57:23.0861 4804 vsmraid - ok
18:57:23.0933 4804 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
18:57:24.0016 4804 VSS - ok
18:57:24.0065 4804 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
18:57:24.0130 4804 W32Time - ok
18:57:24.0182 4804 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:57:24.0233 4804 WacomPen - ok
18:57:24.0283 4804 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:57:24.0311 4804 Wanarp - ok
18:57:24.0316 4804 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:57:24.0341 4804 Wanarpv6 - ok
18:57:24.0359 4804 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:57:24.0405 4804 wcncsvc - ok
18:57:24.0460 4804 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:57:24.0500 4804 WcsPlugInService - ok
18:57:24.0519 4804 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
18:57:24.0535 4804 Wd - ok
18:57:24.0571 4804 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:57:24.0622 4804 Wdf01000 - ok
18:57:24.0650 4804 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:57:24.0683 4804 WdiServiceHost - ok
18:57:24.0686 4804 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:57:24.0719 4804 WdiSystemHost - ok
18:57:24.0731 4804 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
18:57:24.0753 4804 WebClient - ok
18:57:24.0782 4804 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:57:24.0835 4804 Wecsvc - ok
18:57:24.0862 4804 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:57:24.0891 4804 wercplsupport - ok
18:57:24.0899 4804 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
18:57:24.0942 4804 WerSvc - ok
18:57:24.0950 4804 WinHttpAutoProxySvc - ok
18:57:25.0044 4804 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:57:25.0095 4804 Winmgmt - ok
18:57:25.0150 4804 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
18:57:25.0238 4804 WinRM - ok
18:57:25.0277 4804 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:57:25.0378 4804 Wlansvc - ok
18:57:25.0538 4804 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:57:25.0688 4804 wlidsvc - ok
18:57:25.0739 4804 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:57:25.0764 4804 WmiAcpi - ok
18:57:25.0834 4804 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:57:25.0863 4804 wmiApSrv - ok
18:57:25.0892 4804 WMPNetworkSvc - ok
18:57:25.0917 4804 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:57:25.0967 4804 WPCSvc - ok
18:57:26.0026 4804 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:57:26.0059 4804 WPDBusEnum - ok
18:57:26.0132 4804 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:57:26.0157 4804 WpdUsb - ok
18:57:26.0410 4804 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:57:26.0454 4804 WPFFontCache_v0400 - ok
18:57:26.0490 4804 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:57:26.0541 4804 ws2ifsl - ok
18:57:26.0544 4804 WSearch - ok
18:57:26.0584 4804 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:57:26.0631 4804 WudfPf - ok
18:57:26.0659 4804 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:57:26.0696 4804 WUDFRd - ok
18:57:26.0716 4804 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:57:26.0752 4804 wudfsvc - ok
18:57:26.0757 4804 yyca - ok
18:57:26.0778 4804 ================ Scan global ===============================
18:57:26.0806 4804 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
18:57:26.0846 4804 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
18:57:26.0870 4804 [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
18:57:26.0903 4804 [ B8844F93D2C5F1DCDB179AAA9AF134B7 ] C:\Windows\system32\services.exe
18:57:26.0907 4804 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
18:57:26.0907 4804 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
18:57:26.0907 4804 ================ Scan MBR ==================================
18:57:26.0916 4804 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
18:57:27.0875 4804 \Device\Harddisk0\DR0 - ok
18:57:27.0875 4804 ================ Scan VBR ==================================
18:57:27.0880 4804 [ 73B88313EEEC8D1935C176FCC911E938 ] \Device\Harddisk0\DR0\Partition1
18:57:27.0892 4804 \Device\Harddisk0\DR0\Partition1 - ok
18:57:27.0924 4804 [ D8FAEC64F54C85571B13B1BAF41E9665 ] \Device\Harddisk0\DR0\Partition2
18:57:27.0951 4804 \Device\Harddisk0\DR0\Partition2 - ok
18:57:27.0951 4804 ============================================================
18:57:27.0951 4804 Scan finished
18:57:27.0951 4804 ============================================================
18:57:27.0960 3632 Detected object count: 8
18:57:27.0960 3632 Actual detected object count: 8
18:57:55.0051 3632 !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:55.0051 3632 !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:55.0053 3632 ASGT ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:55.0053 3632 ASGT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:55.0054 3632 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:55.0055 3632 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:55.0056 3632 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:55.0056 3632 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:55.0058 3632 HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:55.0058 3632 HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:55.0060 3632 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:55.0060 3632 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:55.0061 3632 matlabserver ( UnsignedFile.Multi.Generic ) - skipped by user
18:57:55.0061 3632 matlabserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:57:55.0063 3632 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
18:57:55.0063 3632 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip
18:58:00.0680 1040 Deinitialize success

Sorry, ich weiß gerad nicht wie ich das in einen spoiler kriege oder Anhang...
Es wurde scheinbar ein "Virus" gefunden. Danke, dass hier so schnell Hilfe kommt!

Update: bei Programmen unter "Start" steht jetzt ein Programm "Software995.com". Das habe ich vorher noch nicht gesehen, evtl hab ich es aber auch nur übersehen bisher!?

schrauber · 08.06.2013, 20:49

Code:

ATTFilter

18:57:55.0063 3632 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
18:57:55.0063 3632 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip

TDSSKiller nochmal laufen lassen, bei den obigen beiden Zeilen Cure wählen. Logfile posten.

Das andere Programm deinstallieren.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Nil11 · 08.06.2013, 21:06

Code:

ATTFilter

21:55:43.0253 4400  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:55:43.0551 4400  ============================================================
21:55:43.0551 4400  Current date / time: 2013/06/08 21:55:43.0551
21:55:43.0551 4400  SystemInfo:
21:55:43.0551 4400  
21:55:43.0551 4400  OS Version: 6.0.6002 ServicePack: 2.0
21:55:43.0551 4400  Product type: Workstation
21:55:43.0551 4400  ComputerName: xxxx-PC
21:55:43.0551 4400  UserName: xxxx
21:55:43.0551 4400  Windows directory: C:\Windows
21:55:43.0551 4400  System windows directory: C:\Windows
21:55:43.0551 4400  Running under WOW64
21:55:43.0551 4400  Processor architecture: Intel x64
21:55:43.0551 4400  Number of processors: 4
21:55:43.0551 4400  Page size: 0x1000
21:55:43.0551 4400  Boot type: Normal boot
21:55:43.0551 4400  ============================================================
21:55:44.0517 4400  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:55:44.0528 4400  ============================================================
21:55:44.0528 4400  \Device\Harddisk0\DR0:
21:55:44.0528 4400  MBR partitions:
21:55:44.0528 4400  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48B46A59
21:55:44.0528 4400  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B46A98, BlocksNum 0x1D10429
21:55:44.0528 4400  ============================================================
21:55:44.0553 4400  C: <-> \Device\Harddisk0\DR0\Partition1
21:55:44.0610 4400  D: <-> \Device\Harddisk0\DR0\Partition2
21:55:44.0610 4400  ============================================================
21:55:44.0610 4400  Initialize success
21:55:44.0610 4400  ============================================================
21:55:51.0936 4252  ============================================================
21:55:51.0936 4252  Scan started
21:55:51.0936 4252  Mode: Manual; SigCheck; TDLFS; 
21:55:51.0936 4252  ============================================================
21:55:52.0591 4252  ================ Scan system memory ========================
21:55:52.0591 4252  System memory - ok
21:55:52.0591 4252  ================ Scan services =============================
21:55:52.0670 4252  [ A0709B82FA3B5AFAD1467E565B8B3BA0 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:55:52.0757 4252  !SASCORE ( UnsignedFile.Multi.Generic ) - warning
21:55:52.0757 4252  !SASCORE - detected UnsignedFile.Multi.Generic (1)
21:55:52.0860 4252  [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
21:55:52.0885 4252  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
21:55:53.0049 4252  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:55:53.0068 4252  ACPI - ok
21:55:53.0103 4252  [ A19C69ABB22525D11E9C3E45DFA20850 ] acsint          C:\Windows\system32\DRIVERS\acsint64.sys
21:55:53.0118 4252  acsint - ok
21:55:53.0148 4252  [ 3AAFC0ACF51C45605256D3BC4EB6C4FB ] acsmux          C:\Windows\system32\DRIVERS\acsmux64.sys
21:55:53.0160 4252  acsmux - ok
21:55:53.0237 4252  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:55:53.0249 4252  AdobeARMservice - ok
21:55:53.0342 4252  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:55:53.0356 4252  AdobeFlashPlayerUpdateSvc - ok
21:55:53.0400 4252  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:55:53.0421 4252  adp94xx - ok
21:55:53.0481 4252  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:55:53.0499 4252  adpahci - ok
21:55:53.0539 4252  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:55:53.0553 4252  adpu160m - ok
21:55:53.0564 4252  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:55:53.0578 4252  adpu320 - ok
21:55:53.0613 4252  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:55:53.0638 4252  AeLookupSvc - ok
21:55:53.0671 4252  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
21:55:53.0689 4252  AFD - ok
21:55:53.0746 4252  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:55:53.0759 4252  agp440 - ok
21:55:53.0782 4252  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:55:53.0795 4252  aic78xx - ok
21:55:53.0810 4252  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
21:55:53.0843 4252  ALG - ok
21:55:53.0856 4252  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:55:53.0868 4252  aliide - ok
21:55:53.0884 4252  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
21:55:53.0895 4252  amdide - ok
21:55:53.0910 4252  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:55:53.0942 4252  AmdK8 - ok
21:55:54.0027 4252  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:55:54.0038 4252  AntiVirSchedulerService - ok
21:55:54.0089 4252  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:55:54.0100 4252  AntiVirService - ok
21:55:54.0125 4252  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
21:55:54.0139 4252  Appinfo - ok
21:55:54.0288 4252  [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
21:55:54.0299 4252  Apple Mobile Device - ok
21:55:54.0316 4252  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
21:55:54.0329 4252  arc - ok
21:55:54.0349 4252  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:55:54.0363 4252  arcsas - ok
21:55:54.0394 4252  [ E536856E96A7605EBF580D62A868E5FE ] ASGT            C:\Windows\SysWOW64\ASGT.exe
21:55:54.0398 4252  ASGT ( UnsignedFile.Multi.Generic ) - warning
21:55:54.0398 4252  ASGT - detected UnsignedFile.Multi.Generic (1)
21:55:54.0530 4252  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:55:54.0542 4252  aspnet_state - ok
21:55:54.0563 4252  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:55:54.0594 4252  AsyncMac - ok
21:55:54.0646 4252  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:55:54.0658 4252  atapi - ok
21:55:54.0724 4252  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:55:54.0753 4252  AudioEndpointBuilder - ok
21:55:54.0782 4252  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:55:54.0811 4252  AudioSrv - ok
21:55:54.0884 4252  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:55:54.0896 4252  avgntflt - ok
21:55:54.0939 4252  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:55:54.0953 4252  avipbb - ok
21:55:54.0995 4252  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:55:55.0005 4252  avkmgr - ok
21:55:55.0063 4252  [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:55:55.0072 4252  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
21:55:55.0072 4252  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
21:55:55.0135 4252  [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject        C:\Windows\system32\drivers\avmeject.sys
21:55:55.0146 4252  avmeject - ok
21:55:55.0176 4252  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:55:55.0208 4252  blbdrive - ok
21:55:55.0244 4252  [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
21:55:55.0256 4252  Bonjour Service - ok
21:55:55.0308 4252  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:55:55.0336 4252  bowser - ok
21:55:55.0355 4252  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:55:55.0380 4252  BrFiltLo - ok
21:55:55.0390 4252  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:55:55.0413 4252  BrFiltUp - ok
21:55:55.0439 4252  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
21:55:55.0471 4252  Browser - ok
21:55:55.0487 4252  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
21:55:55.0536 4252  Brserid - ok
21:55:55.0553 4252  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:55:55.0600 4252  BrSerWdm - ok
21:55:55.0615 4252  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:55:55.0663 4252  BrUsbMdm - ok
21:55:55.0684 4252  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
21:55:55.0761 4252  BrUsbSer - ok
21:55:55.0815 4252  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:55:55.0863 4252  BTHMODEM - ok
21:55:55.0887 4252  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:55:55.0920 4252  cdfs - ok
21:55:55.0977 4252  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:55:56.0002 4252  cdrom - ok
21:55:56.0063 4252  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:55:56.0087 4252  CertPropSvc - ok
21:55:56.0103 4252  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:55:56.0135 4252  circlass - ok
21:55:56.0187 4252  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
21:55:56.0206 4252  CLFS - ok
21:55:56.0313 4252  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:55:56.0325 4252  clr_optimization_v2.0.50727_32 - ok
21:55:56.0388 4252  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:55:56.0399 4252  clr_optimization_v2.0.50727_64 - ok
21:55:56.0509 4252  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:55:56.0521 4252  clr_optimization_v4.0.30319_32 - ok
21:55:56.0576 4252  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:55:56.0590 4252  clr_optimization_v4.0.30319_64 - ok
21:55:56.0605 4252  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:55:56.0619 4252  cmdide - ok
21:55:56.0632 4252  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:55:56.0644 4252  Compbatt - ok
21:55:56.0648 4252  COMSysApp - ok
21:55:56.0674 4252  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:55:56.0686 4252  crcdisk - ok
21:55:56.0720 4252  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:55:56.0749 4252  CryptSvc - ok
21:55:56.0812 4252  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:55:56.0857 4252  DcomLaunch - ok
21:55:56.0895 4252  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:55:56.0920 4252  DfsC - ok
21:55:57.0038 4252  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
21:55:57.0207 4252  DFSR - ok
21:55:57.0258 4252  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:55:57.0284 4252  Dhcp - ok
21:55:57.0336 4252  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
21:55:57.0349 4252  disk - ok
21:55:57.0408 4252  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:55:57.0422 4252  Dnscache - ok
21:55:57.0486 4252  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:55:57.0512 4252  dot3svc - ok
21:55:57.0535 4252  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
21:55:57.0568 4252  DPS - ok
21:55:57.0599 4252  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:55:57.0622 4252  drmkaud - ok
21:55:57.0668 4252  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:55:57.0709 4252  DXGKrnl - ok
21:55:57.0760 4252  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
21:55:57.0792 4252  E1G60 - ok
21:55:57.0812 4252  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
21:55:57.0836 4252  EapHost - ok
21:55:57.0885 4252  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:55:57.0900 4252  Ecache - ok
21:55:57.0932 4252  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:55:57.0949 4252  ehRecvr - ok
21:55:57.0994 4252  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
21:55:58.0011 4252  ehSched - ok
21:55:58.0030 4252  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
21:55:58.0042 4252  ehstart - ok
21:55:58.0063 4252  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:55:58.0082 4252  elxstor - ok
21:55:58.0134 4252  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:55:58.0153 4252  EMDMgmt - ok
21:55:58.0278 4252  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
21:55:58.0295 4252  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
21:55:58.0295 4252  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
21:55:58.0308 4252  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:55:58.0331 4252  ErrDev - ok
21:55:58.0394 4252  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
21:55:58.0424 4252  EventSystem - ok
21:55:58.0462 4252  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:55:58.0484 4252  exfat - ok
21:55:58.0491 4252  ezSharedSvc - ok
21:55:58.0557 4252  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:55:58.0582 4252  fastfat - ok
21:55:58.0603 4252  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:55:58.0634 4252  fdc - ok
21:55:58.0638 4252  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
21:55:58.0670 4252  fdPHost - ok
21:55:58.0687 4252  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
21:55:58.0737 4252  FDResPub - ok
21:55:58.0746 4252  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:55:58.0760 4252  FileInfo - ok
21:55:58.0786 4252  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:55:58.0819 4252  Filetrace - ok
21:55:58.0840 4252  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:55:58.0872 4252  flpydisk - ok
21:55:58.0924 4252  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:55:58.0942 4252  FltMgr - ok
21:55:59.0047 4252  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
21:55:59.0096 4252  FontCache - ok
21:55:59.0185 4252  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:55:59.0196 4252  FontCache3.0.0.0 - ok
21:55:59.0241 4252  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:55:59.0254 4252  Fs_Rec - ok
21:55:59.0326 4252  [ 15585492E45E2F30768B2D5B57929D99 ] fwlanusbn       C:\Windows\system32\DRIVERS\fwlanusbn.sys
21:55:59.0402 4252  fwlanusbn - ok
21:55:59.0424 4252  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:55:59.0438 4252  gagp30kx - ok
21:55:59.0486 4252  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:55:59.0496 4252  GEARAspiWDM - ok
21:55:59.0555 4252  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:55:59.0588 4252  gpsvc - ok
21:55:59.0643 4252  [ 1DBBF9BE473F6CA2F2F4182FCCF563DC ] HauppaugeTVServer C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
21:55:59.0658 4252  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - warning
21:55:59.0659 4252  HauppaugeTVServer - detected UnsignedFile.Multi.Generic (1)
21:55:59.0733 4252  [ 7927EB9E64902FCAF126538F009C824C ] hcw95bda        C:\Windows\system32\Drivers\hcw95bda.sys
21:55:59.0806 4252  hcw95bda - ok
21:55:59.0832 4252  [ 6CC035E4B3FD9702ABEB71D3FF8B899E ] hcw95rc         C:\Windows\system32\DRIVERS\hcw95rc.sys
21:55:59.0843 4252  hcw95rc - ok
21:55:59.0873 4252  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:55:59.0889 4252  HdAudAddService - ok
21:55:59.0954 4252  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:56:00.0001 4252  HDAudBus - ok
21:56:00.0036 4252  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:56:00.0084 4252  HidBth - ok
21:56:00.0117 4252  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:56:00.0166 4252  HidIr - ok
21:56:00.0197 4252  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
21:56:00.0221 4252  hidserv - ok
21:56:00.0261 4252  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:56:00.0285 4252  HidUsb - ok
21:56:00.0311 4252  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:56:00.0343 4252  hkmsvc - ok
21:56:00.0393 4252  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:56:00.0406 4252  HpCISSs - ok
21:56:00.0459 4252  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:56:00.0546 4252  HTTP - ok
21:56:00.0574 4252  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:56:00.0586 4252  i2omp - ok
21:56:00.0619 4252  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:56:00.0644 4252  i8042prt - ok
21:56:00.0664 4252  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:56:00.0680 4252  iaStorV - ok
21:56:00.0746 4252  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:56:00.0773 4252  idsvc - ok
21:56:00.0807 4252  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:56:00.0818 4252  iirsp - ok
21:56:00.0839 4252  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
21:56:00.0870 4252  IKEEXT - ok
21:56:00.0911 4252  ildid - ok
21:56:00.0967 4252  [ 1EDAB7F9B9DE4424BECCDEF950CE2FF0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:56:01.0012 4252  IntcAzAudAddService - ok
21:56:01.0052 4252  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
21:56:01.0065 4252  intelide - ok
21:56:01.0076 4252  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:56:01.0108 4252  intelppm - ok
21:56:01.0119 4252  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:56:01.0151 4252  IPBusEnum - ok
21:56:01.0198 4252  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:01.0223 4252  IpFilterDriver - ok
21:56:01.0227 4252  IpInIp - ok
21:56:01.0251 4252  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:56:01.0283 4252  IPMIDRV - ok
21:56:01.0311 4252  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:56:01.0343 4252  IPNAT - ok
21:56:01.0423 4252  [ 006597773BE583D1CCF6A913477937E0 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:56:01.0443 4252  iPod Service - ok
21:56:01.0493 4252  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:56:01.0525 4252  IRENUM - ok
21:56:01.0547 4252  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:56:01.0559 4252  isapnp - ok
21:56:01.0615 4252  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:56:01.0633 4252  iScsiPrt - ok
21:56:01.0651 4252  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:56:01.0663 4252  iteatapi - ok
21:56:01.0685 4252  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:56:01.0697 4252  iteraid - ok
21:56:01.0714 4252  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:56:01.0726 4252  kbdclass - ok
21:56:01.0773 4252  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:56:01.0798 4252  kbdhid - ok
21:56:01.0822 4252  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
21:56:01.0835 4252  KeyIso - ok
21:56:01.0875 4252  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:56:01.0897 4252  KSecDD - ok
21:56:01.0944 4252  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:56:01.0977 4252  ksthunk - ok
21:56:02.0003 4252  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:56:02.0044 4252  KtmRm - ok
21:56:02.0092 4252  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:56:02.0108 4252  LanmanServer - ok
21:56:02.0139 4252  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:56:02.0164 4252  LanmanWorkstation - ok
21:56:02.0216 4252  [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:56:02.0220 4252  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
21:56:02.0221 4252  LightScribeService - detected UnsignedFile.Multi.Generic (1)
21:56:02.0228 4252  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:56:02.0261 4252  lltdio - ok
21:56:02.0277 4252  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:56:02.0314 4252  lltdsvc - ok
21:56:02.0324 4252  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:56:02.0356 4252  lmhosts - ok
21:56:02.0379 4252  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:56:02.0392 4252  LSI_FC - ok
21:56:02.0414 4252  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:56:02.0427 4252  LSI_SAS - ok
21:56:02.0452 4252  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:56:02.0467 4252  LSI_SCSI - ok
21:56:02.0485 4252  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:56:02.0518 4252  luafv - ok
21:56:02.0547 4252  [ 701223C663019B62029FAB1A2385EE81 ] LUMDriver       C:\Windows\system32\drivers\LUMDriver.sys
21:56:02.0558 4252  LUMDriver - ok
21:56:02.0569 4252  lvpepf64 - ok
21:56:02.0577 4252  LVPr2M64 - ok
21:56:02.0603 4252  [ A401CFF74982D8DF851F20307C806073 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
21:56:02.0621 4252  LVRS64 - ok
21:56:02.0625 4252  LVUSBS64 - ok
21:56:02.0774 4252  [ 13384CB5F5813E65F31078D6ABFAAF38 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:56:02.0899 4252  LVUVC64 - ok
21:56:02.0979 4252  [ BDD577BD14B8F1D909AAD45AD729108C ] matlabserver    C:\Program Files (x86)\MATLAB71\webserver\bin\win32\matlabserver.exe
21:56:02.0991 4252  matlabserver ( UnsignedFile.Multi.Generic ) - warning
21:56:02.0991 4252  matlabserver - detected UnsignedFile.Multi.Generic (1)
21:56:03.0041 4252  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:56:03.0055 4252  Mcx2Svc - ok
21:56:03.0090 4252  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
21:56:03.0102 4252  megasas - ok
21:56:03.0136 4252  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
21:56:03.0156 4252  MegaSR - ok
21:56:03.0241 4252  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:56:03.0252 4252  Microsoft Office Groove Audit Service - ok
21:56:03.0269 4252  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
21:56:03.0301 4252  MMCSS - ok
21:56:03.0332 4252  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
21:56:03.0365 4252  Modem - ok
21:56:03.0398 4252  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:56:03.0430 4252  monitor - ok
21:56:03.0439 4252  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:56:03.0452 4252  mouclass - ok
21:56:03.0473 4252  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:56:03.0505 4252  mouhid - ok
21:56:03.0520 4252  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:56:03.0533 4252  MountMgr - ok
21:56:03.0567 4252  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:56:03.0580 4252  MozillaMaintenance - ok
21:56:03.0594 4252  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:56:03.0608 4252  mpio - ok
21:56:03.0629 4252  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:56:03.0653 4252  mpsdrv - ok
21:56:03.0672 4252  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:56:03.0684 4252  Mraid35x - ok
21:56:03.0733 4252  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:56:03.0750 4252  MRxDAV - ok
21:56:03.0785 4252  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:56:03.0810 4252  mrxsmb - ok
21:56:03.0835 4252  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:56:03.0850 4252  mrxsmb10 - ok
21:56:03.0861 4252  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:56:03.0875 4252  mrxsmb20 - ok
21:56:03.0890 4252  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
21:56:03.0903 4252  msahci - ok
21:56:03.0927 4252  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:56:03.0942 4252  msdsm - ok
21:56:03.0964 4252  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
21:56:03.0998 4252  MSDTC - ok
21:56:04.0013 4252  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:56:04.0046 4252  Msfs - ok
21:56:04.0070 4252  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:56:04.0083 4252  msisadrv - ok
21:56:04.0110 4252  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:56:04.0144 4252  MSiSCSI - ok
21:56:04.0148 4252  msiserver - ok
21:56:04.0172 4252  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:56:04.0205 4252  MSKSSRV - ok
21:56:04.0221 4252  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:56:04.0254 4252  MSPCLOCK - ok
21:56:04.0263 4252  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:56:04.0296 4252  MSPQM - ok
21:56:04.0344 4252  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:56:04.0361 4252  MsRPC - ok
21:56:04.0375 4252  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:56:04.0388 4252  mssmbios - ok
21:56:04.0403 4252  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:56:04.0436 4252  MSTEE - ok
21:56:04.0442 4252  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:56:04.0455 4252  Mup - ok
21:56:04.0477 4252  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
21:56:04.0513 4252  napagent - ok
21:56:04.0584 4252  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:56:04.0600 4252  NativeWifiP - ok
21:56:04.0634 4252  NAVENG - ok
21:56:04.0638 4252  NAVEX15 - ok
21:56:04.0693 4252  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:56:04.0732 4252  NDIS - ok
21:56:04.0768 4252  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:56:04.0792 4252  NdisTapi - ok
21:56:04.0800 4252  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:56:04.0832 4252  Ndisuio - ok
21:56:04.0882 4252  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:04.0909 4252  NdisWan - ok
21:56:04.0922 4252  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:56:04.0946 4252  NDProxy - ok
21:56:04.0957 4252  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:56:04.0990 4252  NetBIOS - ok
21:56:05.0039 4252  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:56:05.0066 4252  netbt - ok
21:56:05.0075 4252  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
21:56:05.0088 4252  Netlogon - ok
21:56:05.0115 4252  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
21:56:05.0154 4252  Netman - ok
21:56:05.0238 4252  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:05.0250 4252  NetMsmqActivator - ok
21:56:05.0254 4252  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:05.0266 4252  NetPipeActivator - ok
21:56:05.0282 4252  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
21:56:05.0320 4252  netprofm - ok
21:56:05.0326 4252  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:05.0338 4252  NetTcpActivator - ok
21:56:05.0343 4252  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:05.0355 4252  NetTcpPortSharing - ok
21:56:05.0367 4252  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:56:05.0380 4252  nfrd960 - ok
21:56:05.0394 4252  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:56:05.0428 4252  NlaSvc - ok
21:56:05.0437 4252  Norton Internet Security - ok
21:56:05.0487 4252  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:56:05.0512 4252  Npfs - ok
21:56:05.0530 4252  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
21:56:05.0564 4252  nsi - ok
21:56:05.0589 4252  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:56:05.0620 4252  nsiproxy - ok
21:56:05.0677 4252  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:56:05.0750 4252  Ntfs - ok
21:56:05.0775 4252  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
21:56:05.0807 4252  Null - ok
21:56:05.0841 4252  [ 57C718139D52E017331806BAF4A1100A ] NVFLASH         C:\Windows\system32\drivers\nvflash.sys
21:56:05.0869 4252  NVFLASH - ok
21:56:05.0951 4252  [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:56:05.0964 4252  NVHDA - ok
21:56:06.0295 4252  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:56:06.0582 4252  nvlddmkm - ok
21:56:06.0611 4252  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:56:06.0625 4252  nvraid - ok
21:56:06.0643 4252  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:56:06.0656 4252  nvstor - ok
21:56:06.0691 4252  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:56:06.0728 4252  nvsvc - ok
21:56:06.0831 4252  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:56:06.0865 4252  nvUpdatusService - ok
21:56:06.0902 4252  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:56:06.0916 4252  nv_agp - ok
21:56:06.0920 4252  NwlnkFlt - ok
21:56:06.0926 4252  NwlnkFwd - ok
21:56:06.0987 4252  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:56:07.0005 4252  odserv - ok
21:56:07.0055 4252  [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:56:07.0106 4252  ohci1394 - ok
21:56:07.0152 4252  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:56:07.0163 4252  ose - ok
21:56:07.0320 4252  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:56:07.0463 4252  osppsvc - ok
21:56:07.0512 4252  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:56:07.0595 4252  p2pimsvc - ok
21:56:07.0617 4252  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
21:56:07.0643 4252  p2psvc - ok
21:56:07.0683 4252  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
21:56:07.0734 4252  Parport - ok
21:56:07.0762 4252  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:56:07.0777 4252  partmgr - ok
21:56:07.0797 4252  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:56:07.0818 4252  PcaSvc - ok
21:56:07.0866 4252  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
21:56:07.0882 4252  pci - ok
21:56:07.0897 4252  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:56:07.0908 4252  pciide - ok
21:56:07.0924 4252  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:56:07.0938 4252  pcmcia - ok
21:56:07.0969 4252  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:56:08.0031 4252  PEAUTH - ok
21:56:08.0229 4252  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:56:08.0264 4252  PerfHost - ok
21:56:08.0286 4252  PID_PEPI - ok
21:56:08.0327 4252  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
21:56:08.0376 4252  pla - ok
21:56:08.0416 4252  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:56:08.0445 4252  PlugPlay - ok
21:56:08.0457 4252  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:56:08.0484 4252  PNRPAutoReg - ok
21:56:08.0497 4252  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:56:08.0522 4252  PNRPsvc - ok
21:56:08.0603 4252  [ 147938DA9605668EC48B8419E819CAF1 ] Point64         C:\Windows\system32\DRIVERS\point64k.sys
21:56:08.0615 4252  Point64 - ok
21:56:08.0685 4252  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:56:08.0716 4252  PolicyAgent - ok
21:56:08.0765 4252  postgresql-8.4 - ok
21:56:08.0810 4252  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:56:08.0837 4252  PptpMiniport - ok
21:56:08.0848 4252  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
21:56:08.0885 4252  Processor - ok
21:56:08.0933 4252  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
21:56:08.0961 4252  ProfSvc - ok
21:56:08.0970 4252  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
21:56:08.0993 4252  ProtectedStorage - ok
21:56:09.0046 4252  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:56:09.0072 4252  PSched - ok
21:56:09.0158 4252  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:56:09.0196 4252  ql2300 - ok
21:56:09.0233 4252  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:56:09.0247 4252  ql40xx - ok
21:56:09.0284 4252  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
21:56:09.0303 4252  QWAVE - ok
21:56:09.0358 4252  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:56:09.0373 4252  QWAVEdrv - ok
21:56:09.0423 4252  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:56:09.0455 4252  RasAcd - ok
21:56:09.0493 4252  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
21:56:09.0528 4252  RasAuto - ok
21:56:09.0573 4252  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:56:09.0600 4252  Rasl2tp - ok
21:56:09.0655 4252  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
21:56:09.0685 4252  RasMan - ok
21:56:09.0746 4252  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:56:09.0770 4252  RasPppoe - ok
21:56:09.0828 4252  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:56:09.0867 4252  RasSstp - ok
21:56:09.0907 4252  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:56:09.0934 4252  rdbss - ok
21:56:09.0942 4252  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:56:09.0976 4252  RDPCDD - ok
21:56:10.0010 4252  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
21:56:10.0047 4252  rdpdr - ok
21:56:10.0051 4252  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:56:10.0085 4252  RDPENCDD - ok
21:56:10.0160 4252  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:56:10.0185 4252  RDPWD - ok
21:56:10.0236 4252  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:56:10.0270 4252  RemoteAccess - ok
21:56:10.0319 4252  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:56:10.0346 4252  RemoteRegistry - ok
21:56:10.0392 4252  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
21:56:10.0405 4252  RpcLocator - ok
21:56:10.0495 4252  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
21:56:10.0539 4252  RpcSs - ok
21:56:10.0579 4252  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:56:10.0612 4252  rspndr - ok
21:56:10.0668 4252  [ D53C84EC99AB4D78A90001E5CE5386EC ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys
21:56:10.0715 4252  RTL8169 - ok
21:56:10.0745 4252  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
21:56:10.0760 4252  SamSs - ok
21:56:10.0807 4252  [ 99DF79C258B3342B6C8A5F802998DE56 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:56:10.0818 4252  SASDIFSV - ok
21:56:10.0821 4252  [ 2859C35C0651E8EB0D86D48E740388F2 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:56:10.0833 4252  SASKUTIL - ok
21:56:10.0836 4252  sboliv - ok
21:56:10.0855 4252  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:56:10.0869 4252  sbp2port - ok
21:56:11.0005 4252  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
21:56:11.0036 4252  SBSDWSCService - ok
21:56:11.0095 4252  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:56:11.0122 4252  SCardSvr - ok
21:56:11.0212 4252  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
21:56:11.0242 4252  Schedule - ok
21:56:11.0302 4252  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:56:11.0326 4252  SCPolicySvc - ok
21:56:11.0350 4252  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:56:11.0381 4252  SDRSVC - ok
21:56:11.0395 4252  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:56:11.0444 4252  secdrv - ok
21:56:11.0449 4252  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
21:56:11.0483 4252  seclogon - ok
21:56:11.0497 4252  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
21:56:11.0532 4252  SENS - ok
21:56:11.0554 4252  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:56:11.0603 4252  Serenum - ok
21:56:11.0618 4252  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
21:56:11.0667 4252  Serial - ok
21:56:11.0679 4252  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:56:11.0711 4252  sermouse - ok
21:56:11.0737 4252  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:56:11.0770 4252  SessionEnv - ok
21:56:11.0781 4252  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:56:11.0814 4252  sffdisk - ok
21:56:11.0832 4252  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:56:11.0865 4252  sffp_mmc - ok
21:56:11.0878 4252  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:56:11.0910 4252  sffp_sd - ok
21:56:11.0925 4252  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:56:11.0976 4252  sfloppy - ok
21:56:12.0030 4252  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:56:12.0046 4252  ShellHWDetection - ok
21:56:12.0056 4252  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:56:12.0069 4252  SiSRaid2 - ok
21:56:12.0083 4252  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:56:12.0098 4252  SiSRaid4 - ok
21:56:12.0217 4252  [ 4CA43B85F22C7739311788B651A779CB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:56:12.0334 4252  Skype C2C Service - ok
21:56:12.0398 4252  [ 2F5AF9D91D51E832773D4A9EAF65CB33 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:56:12.0409 4252  SkypeUpdate - ok
21:56:12.0496 4252  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
21:56:12.0618 4252  slsvc - ok
21:56:12.0649 4252  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:56:12.0675 4252  SLUINotify - ok
21:56:12.0727 4252  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:56:12.0753 4252  Smb - ok
21:56:12.0774 4252  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:56:12.0788 4252  SNMPTRAP - ok
21:56:12.0836 4252  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
21:56:12.0849 4252  spldr - ok
21:56:12.0902 4252  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
21:56:12.0934 4252  Spooler - ok
21:56:12.0949 4252  SRTSP - ok
21:56:12.0954 4252  SRTSPX - ok
21:56:13.0008 4252  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:56:13.0074 4252  srv - ok
21:56:13.0090 4252  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:56:13.0117 4252  srv2 - ok
21:56:13.0155 4252  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:56:13.0169 4252  srvnet - ok
21:56:13.0190 4252  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:56:13.0227 4252  SSDPSRV - ok
21:56:13.0304 4252  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:56:13.0319 4252  SstpSvc - ok
21:56:13.0395 4252  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:56:13.0412 4252  Stereo Service - ok
21:56:13.0476 4252  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
21:56:13.0511 4252  stisvc - ok
21:56:13.0554 4252  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:56:13.0567 4252  swenum - ok
21:56:13.0630 4252  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
21:56:13.0660 4252  swprv - ok
21:56:13.0685 4252  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:56:13.0698 4252  Symc8xx - ok
21:56:13.0714 4252  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:56:13.0726 4252  Sym_hi - ok
21:56:13.0740 4252  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:56:13.0752 4252  Sym_u3 - ok
21:56:13.0811 4252  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
21:56:13.0861 4252  SysMain - ok
21:56:13.0891 4252  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:56:13.0912 4252  TabletInputService - ok
21:56:13.0958 4252  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:56:13.0989 4252  TapiSrv - ok
21:56:14.0003 4252  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
21:56:14.0037 4252  TBS - ok
21:56:14.0086 4252  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:56:14.0126 4252  Tcpip - ok
21:56:14.0187 4252  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:56:14.0242 4252  Tcpip6 - ok
21:56:14.0291 4252  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:56:14.0318 4252  tcpipreg - ok
21:56:14.0333 4252  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:56:14.0365 4252  TDPIPE - ok
21:56:14.0375 4252  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:56:14.0407 4252  TDTCP - ok
21:56:14.0452 4252  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:56:14.0477 4252  tdx - ok
21:56:14.0524 4252  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:56:14.0538 4252  TermDD - ok
21:56:14.0588 4252  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
21:56:14.0624 4252  TermService - ok
21:56:14.0654 4252  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
21:56:14.0670 4252  Themes - ok
21:56:14.0692 4252  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:56:14.0725 4252  THREADORDER - ok
21:56:14.0747 4252  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
21:56:14.0781 4252  TrkWks - ok
21:56:14.0848 4252  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:56:14.0875 4252  TrustedInstaller - ok
21:56:14.0897 4252  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:56:14.0929 4252  tssecsrv - ok
21:56:14.0945 4252  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:56:14.0971 4252  tunmp - ok
21:56:15.0031 4252  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:56:15.0044 4252  tunnel - ok
21:56:15.0061 4252  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:56:15.0074 4252  uagp35 - ok
21:56:15.0120 4252  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:56:15.0147 4252  udfs - ok
21:56:15.0211 4252  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:56:15.0244 4252  UI0Detect - ok
21:56:15.0273 4252  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:56:15.0287 4252  uliagpkx - ok
21:56:15.0311 4252  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:56:15.0327 4252  uliahci - ok
21:56:15.0363 4252  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:56:15.0376 4252  UlSata - ok
21:56:15.0392 4252  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:56:15.0406 4252  ulsata2 - ok
21:56:15.0425 4252  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:56:15.0458 4252  umbus - ok
21:56:15.0470 4252  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
21:56:15.0512 4252  upnphost - ok
21:56:15.0544 4252  [ 9E58997A211C8C9AC9E6CFFA53614A73 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:56:15.0562 4252  USBAAPL64 - ok
21:56:15.0610 4252  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:56:15.0635 4252  usbaudio - ok
21:56:15.0673 4252  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:56:15.0697 4252  usbccgp - ok
21:56:15.0712 4252  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:56:15.0762 4252  usbcir - ok
21:56:15.0818 4252  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:56:15.0842 4252  usbehci - ok
21:56:15.0887 4252  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:56:15.0913 4252  usbhub - ok
21:56:15.0929 4252  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:56:15.0978 4252  usbohci - ok
21:56:15.0995 4252  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:56:16.0029 4252  usbprint - ok
21:56:16.0056 4252  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:56:16.0080 4252  usbscan - ok
21:56:16.0108 4252  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:56:16.0132 4252  USBSTOR - ok
21:56:16.0173 4252  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:56:16.0198 4252  usbuhci - ok
21:56:16.0283 4252  [ FC33099877790D51B0927B7039059855 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:56:16.0316 4252  usbvideo - ok
21:56:16.0365 4252  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
21:56:16.0390 4252  UxSms - ok
21:56:16.0448 4252  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
21:56:16.0478 4252  vds - ok
21:56:16.0504 4252  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:56:16.0538 4252  vga - ok
21:56:16.0556 4252  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:56:16.0587 4252  VgaSave - ok
21:56:16.0599 4252  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
21:56:16.0611 4252  viaide - ok
21:56:16.0623 4252  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:56:16.0636 4252  volmgr - ok
21:56:16.0692 4252  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:56:16.0712 4252  volmgrx - ok
21:56:16.0776 4252  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:56:16.0792 4252  volsnap - ok
21:56:16.0851 4252  [ 80E63B86C40C5E067475DC98F845A6DD ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
21:56:16.0871 4252  vpnagent - ok
21:56:16.0924 4252  [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva           C:\Windows\system32\DRIVERS\vpnva64.sys
21:56:16.0936 4252  vpnva - ok
21:56:16.0955 4252  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:56:16.0969 4252  vsmraid - ok
21:56:17.0038 4252  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
21:56:17.0094 4252  VSS - ok
21:56:17.0138 4252  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
21:56:17.0169 4252  W32Time - ok
21:56:17.0205 4252  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:56:17.0255 4252  WacomPen - ok
21:56:17.0305 4252  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:56:17.0329 4252  Wanarp - ok
21:56:17.0333 4252  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:56:17.0359 4252  Wanarpv6 - ok
21:56:17.0373 4252  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:56:17.0395 4252  wcncsvc - ok
21:56:17.0433 4252  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:56:17.0458 4252  WcsPlugInService - ok
21:56:17.0475 4252  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
21:56:17.0487 4252  Wd - ok
21:56:17.0518 4252  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:56:17.0547 4252  Wdf01000 - ok
21:56:17.0581 4252  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:56:17.0615 4252  WdiServiceHost - ok
21:56:17.0619 4252  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:56:17.0655 4252  WdiSystemHost - ok
21:56:17.0671 4252  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
21:56:17.0687 4252  WebClient - ok
21:56:17.0712 4252  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:56:17.0729 4252  Wecsvc - ok
21:56:17.0742 4252  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:56:17.0767 4252  wercplsupport - ok
21:56:17.0779 4252  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
21:56:17.0804 4252  WerSvc - ok
21:56:17.0812 4252  WinHttpAutoProxySvc - ok
21:56:17.0900 4252  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:56:17.0927 4252  Winmgmt - ok
21:56:17.0981 4252  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:56:18.0078 4252  WinRM - ok
21:56:18.0116 4252  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:56:18.0152 4252  Wlansvc - ok
21:56:18.0286 4252  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:56:18.0431 4252  wlidsvc - ok
21:56:18.0478 4252  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:56:18.0505 4252  WmiAcpi - ok
21:56:18.0574 4252  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:56:18.0600 4252  wmiApSrv - ok
21:56:18.0631 4252  WMPNetworkSvc - ok
21:56:18.0656 4252  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:56:18.0682 4252  WPCSvc - ok
21:56:18.0740 4252  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:56:18.0756 4252  WPDBusEnum - ok
21:56:18.0804 4252  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
21:56:18.0834 4252  WpdUsb - ok
21:56:19.0232 4252  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:56:19.0262 4252  WPFFontCache_v0400 - ok
21:56:19.0296 4252  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:56:19.0329 4252  ws2ifsl - ok
21:56:19.0333 4252  WSearch - ok
21:56:19.0365 4252  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:56:19.0395 4252  WudfPf - ok
21:56:19.0423 4252  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:56:19.0437 4252  WUDFRd - ok
21:56:19.0447 4252  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:56:19.0463 4252  wudfsvc - ok
21:56:19.0472 4252  yyca - ok
21:56:19.0492 4252  ================ Scan global ===============================
21:56:19.0520 4252  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
21:56:19.0560 4252  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
21:56:19.0577 4252  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
21:56:19.0617 4252  [ B8844F93D2C5F1DCDB179AAA9AF134B7 ] C:\Windows\system32\services.exe
21:56:19.0623 4252  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
21:56:19.0623 4252  C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
21:56:19.0624 4252  ================ Scan MBR ==================================
21:56:19.0638 4252  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
21:56:20.0099 4252  \Device\Harddisk0\DR0 - ok
21:56:20.0099 4252  ================ Scan VBR ==================================
21:56:20.0103 4252  [ 73B88313EEEC8D1935C176FCC911E938 ] \Device\Harddisk0\DR0\Partition1
21:56:20.0104 4252  \Device\Harddisk0\DR0\Partition1 - ok
21:56:20.0113 4252  [ D8FAEC64F54C85571B13B1BAF41E9665 ] \Device\Harddisk0\DR0\Partition2
21:56:20.0114 4252  \Device\Harddisk0\DR0\Partition2 - ok
21:56:20.0114 4252  ============================================================
21:56:20.0114 4252  Scan finished
21:56:20.0114 4252  ============================================================
21:56:20.0129 3580  Detected object count: 8
21:56:20.0129 3580  Actual detected object count: 8
21:56:26.0659 3580  !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:26.0659 3580  !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:56:26.0663 3580  ASGT ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:26.0663 3580  ASGT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:56:26.0665 3580  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:26.0665 3580  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:56:26.0667 3580  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:26.0668 3580  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:56:26.0669 3580  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:26.0669 3580  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:56:26.0671 3580  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:26.0671 3580  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:56:26.0673 3580  matlabserver ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:26.0673 3580  matlabserver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:56:26.0732 3580  C:\Windows\system32\services.exe - copied to quarantine
21:56:27.0532 3580  C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
21:56:27.0562 3580  C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
21:56:27.0589 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\@ - copied to quarantine
21:56:27.0624 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\L\00000004.@ - copied to quarantine
21:56:27.0633 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\L\76603ac3 - copied to quarantine
21:56:27.0634 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\00000004.@ - copied to quarantine
21:56:27.0635 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\00000008.@ - copied to quarantine
21:56:27.0637 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\000000cb.@ - copied to quarantine
21:56:27.0639 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\80000000.@ - copied to quarantine
21:56:27.0641 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\80000032.@ - copied to quarantine
21:56:27.0643 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\80000064.@ - copied to quarantine
21:58:29.0990 3580  Backup copy not found, trying to cure infected file..
21:58:29.0990 3580  Cure success, using it..
21:58:30.0732 3580  C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
21:58:30.0733 3580  C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
21:58:30.0754 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\@ - will be deleted on reboot
21:58:30.0755 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\00000004.@ - will be deleted on reboot
21:58:30.0755 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\00000008.@ - will be deleted on reboot
21:58:30.0756 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\000000cb.@ - will be deleted on reboot
21:58:30.0756 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\80000000.@ - will be deleted on reboot
21:58:30.0756 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\80000032.@ - will be deleted on reboot
21:58:30.0756 3580  C:\Windows\installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U\80000064.@ - will be deleted on reboot
21:58:30.0917 3580  C:\Windows\system32\services.exe - will be cured on reboot
21:58:30.0917 3580  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure 
21:58:47.0808 2432  Deinitialize success

Danke für die Hilfe

nach dem neustart kam diese log-datei dazu

Code:

ATTFilter

22:00:28.0090 2868  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:00:30.0102 2868  ============================================================
22:00:30.0102 2868  Current date / time: 2013/06/08 22:00:30.0102
22:00:30.0102 2868  SystemInfo:
22:00:30.0102 2868  
22:00:30.0102 2868  OS Version: 6.0.6002 ServicePack: 2.0
22:00:30.0102 2868  Product type: Workstation
22:00:30.0102 2868  ComputerName: xxx-PC
22:00:30.0102 2868  UserName: xxx
22:00:30.0102 2868  Windows directory: C:\Windows
22:00:30.0102 2868  System windows directory: C:\Windows
22:00:30.0102 2868  Running under WOW64
22:00:30.0102 2868  Processor architecture: Intel x64
22:00:30.0102 2868  Number of processors: 4
22:00:30.0102 2868  Page size: 0x1000
22:00:30.0102 2868  Boot type: Normal boot
22:00:30.0102 2868  ============================================================
22:00:43.0991 2868  BG loaded
22:00:44.0522 2868  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:00:44.0537 2868  ============================================================
22:00:44.0537 2868  \Device\Harddisk0\DR0:
22:00:44.0553 2868  MBR partitions:
22:00:44.0553 2868  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48B46A59
22:00:44.0553 2868  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B46A98, BlocksNum 0x1D10429
22:00:44.0553 2868  ============================================================
22:00:44.0584 2868  C: <-> \Device\Harddisk0\DR0\Partition1
22:00:44.0927 2868  D: <-> \Device\Harddisk0\DR0\Partition2
22:00:44.0927 2868  ============================================================
22:00:44.0927 2868  Initialize success
22:00:44.0927 2868  ============================================================
22:08:15.0687 2808  Deinitialize success

Der Sicherheitscenter von Windows kann weiterhin nicht gestartet werden.

schrauber · 09.06.2013, 06:48

Zitat:

Der Sicherheitscenter von Windows kann weiterhin nicht gestartet werden.

Ich bin schnell, aber nit so schnell

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Nil11 · 09.06.2013, 06:55

Moin! Ich werde mich um ca 13.00 uhr um diesen schritt kümmern. Danke weiterhin

schrauber · 09.06.2013, 06:56

Alles klar

Nil11 · 09.06.2013, 13:44

Combofix braucht ewig und bricht nicht ab oder so.

Letzte meldung im fenster: system file is infected !! Attempting to restore /windows/system32/services.exe

schrauber · 09.06.2013, 15:21

Hm die sollte eigentlich von TDSSKiller gefixt sein. Wenn CF in 20 min immer noch läuft abschiessen, reboot, frischer Scan mit TDSSKiller.

Nil11 · 09.06.2013, 18:06

Nabend.

Ich war ne Zeit unterwegs und habe combofix weiterlaufen lassen. Und der Durchlauf wurde korrekt beendet!

Hier das log

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-06-08.02 - XXXX 09.06.2013  13:51:37.2.4 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.4094.1866 [GMT 2:00]
ausgeführt von:: c:\users\XXXX\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\playercachelines.tmp
c:\programdata\sortedcards.tmp
c:\users\XXXX\AppData\Roaming\Roaming
c:\users\XXXX\AppData\Roaming\Roaming\HoldemManager\config\FTPRushTables.xml
c:\windows\SysWow64\xpvss-readme.htm
.
c:\windows\system32\Services.exe . . . ist infiziert!!
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-09 bis 2013-06-09  ))))))))))))))))))))))))))))))
.
.
2013-06-09 13:48 . 2013-06-09 13:48	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-06-09 13:48 . 2013-06-09 13:48	--------	d-----w-	c:\users\postgres\AppData\Local\temp
2013-06-09 13:48 . 2013-06-09 13:48	--------	d-----w-	c:\users\Default\AppData\Local\tempA
2013-06-08 19:56 . 2013-06-08 19:56	--------	d-----w-	C:\TDSSKiller_Quarantine
2013-06-08 13:48 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{CA2E74C8-CCB7-4047-BBE5-C2686777475B}\mpengine.dll
2013-06-03 17:47 . 2013-06-03 18:01	--------	d-----w-	c:\program files (x86)\BeCyPDFMetaEdit
2013-05-19 11:22 . 2013-05-19 11:22	--------	d-----w-	c:\users\XXXX\AppData\Local\Cisco
2013-05-19 11:22 . 2013-05-19 11:22	--------	d-----w-	c:\programdata\Cisco
2013-05-19 11:22 . 2013-05-19 11:22	--------	d-----w-	c:\program files (x86)\Cisco
2013-05-15 21:02 . 2013-04-09 01:55	2774016	----a-w-	c:\windows\system32\win32k.sys
2013-05-15 21:02 . 2013-04-15 14:17	901496	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 21:02 . 2013-04-13 03:34	47104	----a-w-	c:\windows\system32\cdd.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-08 19:59 . 2009-12-03 16:39	380928	----a-w-	c:\windows\system32\services.exe
2013-05-16 09:01 . 2006-11-02 12:35	75016696	----a-w-	c:\windows\system32\mrt.exe
2013-05-16 08:51 . 2012-01-20 18:29	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-14 21:46 . 2012-04-26 12:59	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 21:46 . 2011-07-06 07:40	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-02 00:06 . 2009-10-02 23:43	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-04 12:50 . 2010-11-17 16:03	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-03-23 01:09 . 2013-03-23 01:09	354656	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-04-11 . 934E0B7D77FF78C18D9F8891221B6DE3 . 384512 . . [6.0.6002.18005] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[7] 2008-01-21 . DFAC660F0F139276CC9299812DE42719 . 384512 . . [6.0.6001.18000] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe
[-] 2013-06-08 . F8DCE3BED869F69C9F7C562B943BC255 . 380928 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
2011-05-09 08:49	176936	----a-w-	c:\program files (x86)\Winload\prxtbWinl.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files (x86)\Winload\prxtbWinl.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"F.lux"="c:\users\XXXX\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-05-09 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2013-05-11 3478600]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-04-15 450560]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-08-03 685048]
.
c:\users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 acsint;acsint;c:\windows\system32\DRIVERS\acsint64.sys;c:\windows\SYSNATIVE\DRIVERS\acsint64.sys [x]
R3 acsmux;acsmux;c:\windows\system32\DRIVERS\acsmux64.sys;c:\windows\SYSNATIVE\DRIVERS\acsmux64.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 21:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt
mLocal Page = c:\windows\system32\blank.htm
uSearchAssistant = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=43daec26-4aa8-4fef-a72a-029f14216055&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
Trusted Zone: asc.at\*.uibk
Trusted Zone: uibk.ac.at
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\jcwd05qk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.google.de/search?q=
FF - prefs.js: network.proxy.http - 50.22.206.179
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2009-09-15 02:25; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-42504932.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
WebBrowser-{40C3CC16-7269-4B32-9531-17F2950FB06F} - (no file)
AddRemove-Windows XP Video Screensaver Powertoy_is1 - c:\windows\system32\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ASGT.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\progra~2\WinTV\TVServer\HAUPPA~1.EXE
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\MATLAB71\webserver\bin\win32\matlabserver.exe
c:\progra~2\WinTV\TVServer\CAPTUR~4.EXE
c:\program files (x86)\MATLAB71\bin\win32\MATLAB.exe
c:\program files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-09  19:01:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-06-09 17:01
.
Vor Suchlauf: 15 Verzeichnis(se), 365.421.244.416 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 365.911.875.584 Bytes frei
.
- - End Of File - - 9EA16EE71BBEA0355B02B6DCFC3D3071

--- --- ---
81CD5EC01DB0CE57EDD853F82462EF27

schrauber · 09.06.2013, 18:25

Frisches Scanlog mit TDSSKiller bitte.

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Scan.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Nil11 · 09.06.2013, 19:05

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2013
Ran by Sason (administrator) on 09-06-2013 19:59:22
Running from C:\Users\Sason\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hauppauge Computer Works) C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
(Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\MATLAB71\webserver\bin\win32\matlabserver.exe
(Hauppauge Computer Works) C:\PROGRA~2\WinTV\TVServer\CAPTUR~4.EXE
(The MathWorks Inc.) C:\Program Files (x86)\MATLAB71\bin\win32\MATLAB.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\xxxx\Local Settings\Apps\F.lux\flux.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [F.lux] "C:\Users\xxxx\Local Settings\Apps\F.lux\flux.exe" /noshow [966656 2009-08-29] ()
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-05-09] (Skype Technologies S.A.)
HKLM-x32\...\Run: [AVMWlanClient] "C:\Program Files (x86)\avmwlanstick\wlangui.exe" [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [3478600 2013-05-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263952 2013-02-13] ()
HKLM-x32\...\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [685048 2012-08-03] (Cisco Systems, Inc.)
HKU\Default\...\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\Default User\...\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\UpdatusUser\...\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt
HKLM SearchScopes: DefaultScope {017A66CC-3985-4911-A97F-FECB0BCC95B0} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {017A66CC-3985-4911-A97F-FECB0BCC95B0} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {58235107-16C5-49E2-98F1-21B363368353} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM - {9E85F70F-E0D6-4AD4-823C-1BC5B6AE763C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
HKLM-x32 SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_22\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.6.0_22\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [304128] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\jcwd05qk.default
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://www.google.de/search?q=
FF NetworkProxy: "http", "50.22.206.179"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_38 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre1.6.0_22\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: FoxyProxy Basic - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\jcwd05qk.default\Extensions\foxyproxy@eric.h.jung
FF Extension: Microsoft .NET Framework Assistant - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\jcwd05qk.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: No Name - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\jcwd05qk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\jcwd05qk.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 HauppaugeTVServer; C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE [602624 2010-03-29] (Hauppauge Computer Works)
R2 matlabserver; C:\Program Files (x86)\MATLAB71\webserver\bin\win32\matlabserver.exe [536576 2005-07-27] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]
S2 Norton Internet Security; "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 [x]
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [x]

==================== Drivers (Whitelisted) ====================

S3 acsint; C:\Windows\System32\DRIVERS\acsint64.sys [45480 2012-08-03] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux64.sys [69544 2012-08-03] (Cisco Systems, Inc.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658944 2011-04-04] (Hauppauge Computer Works, Inc.)
R3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19840 2011-04-04] (Hauppauge Computer Works, Inc.)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15168 2012-03-10] ()
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15168 2012-03-10] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 Beep; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S0 ildid; system32\drivers\icbpzwk.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 lvpepf64; system32\DRIVERS\lv302a64.sys [x]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [x]
S3 LVUSBS64; system32\drivers\LVUSBS64.sys [x]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\ENG64.SYS [x]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\EX64.SYS [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PID_PEPI; system32\DRIVERS\LV302V64.SYS [x]
S0 sboliv; system32\drivers\giecpry.sys [x]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [x]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [x]
S0 yyca; system32\drivers\txgtym.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-09 19:58 - 2013-06-09 19:58 - 00000000 ____D C:\FRST
2013-06-09 19:56 - 2013-06-09 19:57 - 01919988 ____A (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2013-06-09 19:01 - 2013-06-09 19:01 - 00022091 ____A C:\ComboFix.txt
2013-06-09 13:48 - 2013-06-09 19:01 - 00000000 ____D C:\ComboFix
2013-06-09 12:57 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-09 12:57 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-09 12:57 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-09 12:57 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-09 12:57 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-09 12:57 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-09 12:57 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-09 12:57 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-09 12:53 - 2013-06-09 19:01 - 00000000 ____D C:\Qoobox
2013-06-09 12:53 - 2013-06-09 18:58 - 00000000 ____D C:\Windows\erdnt
2013-06-09 12:49 - 2013-06-09 12:49 - 05078680 ____R (Swearware) C:\Users\xxx\Desktop\ComboFix.exe
2013-06-08 23:59 - 2013-06-08 23:59 - 00000134 ____A C:\Users\xxx\Desktop\Internet Explorer-Problembehebung.url
2013-06-08 22:57 - 2013-06-08 22:57 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-08 22:57 - 2013-06-08 22:57 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-08 22:57 - 2013-06-08 22:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 22:57 - 2013-06-08 22:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 22:57 - 2013-06-08 22:57 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-08 22:57 - 2013-06-08 22:57 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-08 22:57 - 2013-06-08 22:57 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-08 22:57 - 2013-06-08 22:57 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-08 22:57 - 2013-06-08 22:57 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00114176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-08 22:57 - 2013-06-08 22:57 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-08 22:57 - 2013-06-08 22:57 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-08 22:51 - 2013-06-09 00:00 - 00010750 ____A C:\Windows\IE9_main.log
2013-06-08 21:56 - 2013-06-08 21:56 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-06-08 18:55 - 2013-04-11 10:19 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\xxx\Desktop\001.exe
2013-06-03 20:03 - 2013-06-03 20:03 - 00000845 ____A C:\Users\UpdatusUser\Desktop\PDF Password Remover v3.1.lnk
2013-06-03 20:03 - 2013-06-03 20:03 - 00000845 ____A C:\Users\postgres\Desktop\PDF Password Remover v3.1.lnk
2013-06-03 20:03 - 2013-06-03 20:03 - 00000845 ____A C:\Users\elephant\Desktop\PDF Password Remover v3.1.lnk
2013-06-03 19:47 - 2013-06-03 20:01 - 00000000 ____D C:\Program Files (x86)\BeCyPDFMetaEdit
2013-05-22 22:55 - 2013-05-22 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-21 09:01 - 2013-04-25 14:17 - 00025363 ____A C:\Users\xxx\Desktop\Auswertung Gesamtenergieabgabe zu Tech_Report_E-0925_07.xlsx
2013-05-19 18:54 - 2013-05-19 18:54 - 00000154 ____A C:\Users\xxx\.appletviewer
2013-05-19 13:22 - 2013-05-19 13:22 - 00000000 ____D C:\Users\xxx\AppData\Local\Cisco
2013-05-19 13:22 - 2013-05-19 13:22 - 00000000 ____D C:\ProgramData\Cisco
2013-05-19 13:22 - 2013-05-19 13:22 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-05-15 23:55 - 2013-05-15 23:55 - 00000000 ____A C:\END
2013-05-15 23:02 - 2013-04-15 16:17 - 00901496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 23:02 - 2013-04-13 05:34 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 23:02 - 2013-04-09 03:55 - 02774016 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

==================== One Month Modified Files and Folders =======

2013-06-09 19:58 - 2013-06-09 19:58 - 00000000 ____D C:\FRST
2013-06-09 19:57 - 2013-06-09 19:56 - 01919988 ____A (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2013-06-09 19:45 - 2012-04-26 14:59 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-09 19:26 - 2011-04-25 19:40 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2013-06-09 19:01 - 2013-06-09 19:01 - 00022091 ____A C:\ComboFix.txt
2013-06-09 19:01 - 2013-06-09 13:48 - 00000000 ____D C:\ComboFix
2013-06-09 19:01 - 2013-06-09 12:53 - 00000000 ____D C:\Qoobox
2013-06-09 19:01 - 2006-11-02 15:33 - 00000000 __RHD C:\users\Default
2013-06-09 18:59 - 2009-07-22 10:36 - 01289392 ____A C:\Windows\WindowsUpdate.log
2013-06-09 18:58 - 2013-06-09 12:53 - 00000000 ____D C:\Windows\erdnt
2013-06-09 18:57 - 2011-12-12 03:13 - 00000000 ___RD C:\Users\xxx\Dropbox
2013-06-09 18:57 - 2011-12-12 03:10 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Dropbox
2013-06-09 18:56 - 2006-11-02 14:34 - 00000215 ____A C:\Windows\system.ini
2013-06-09 15:50 - 2006-11-02 17:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-09 15:50 - 2006-11-02 17:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-09 15:49 - 2012-02-11 13:15 - 00119556 ____A C:\Windows\PFRO.log
2013-06-09 15:49 - 2009-05-19 06:30 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-09 15:49 - 2006-11-02 17:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-09 15:48 - 2006-11-02 17:42 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-09 13:03 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2013-06-09 12:49 - 2013-06-09 12:49 - 05078680 ____R (Swearware) C:\Users\xxx\Desktop\ComboFix.exe
2013-06-09 12:38 - 2012-05-08 18:07 - 00000000 ____D C:\Program Files (x86)\2012MalwarebytesAnti-Malware
2013-06-09 00:59 - 2006-11-02 15:33 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-06-09 00:59 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-09 00:00 - 2013-06-08 22:51 - 00010750 ____A C:\Windows\IE9_main.log
2013-06-08 23:59 - 2013-06-08 23:59 - 00000134 ____A C:\Users\xxx\Desktop\Internet Explorer-Problembehebung.url
2013-06-08 23:59 - 2012-05-08 18:07 - 00000928 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-08 22:57 - 2013-06-08 22:57 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-08 22:57 - 2013-06-08 22:57 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-08 22:57 - 2013-06-08 22:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 22:57 - 2013-06-08 22:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 22:57 - 2013-06-08 22:57 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-08 22:57 - 2013-06-08 22:57 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-08 22:57 - 2013-06-08 22:57 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-08 22:57 - 2013-06-08 22:57 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-08 22:57 - 2013-06-08 22:57 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00114176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-08 22:57 - 2013-06-08 22:57 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-08 22:57 - 2013-06-08 22:57 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-08 22:57 - 2013-06-08 22:57 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-08 22:57 - 2013-06-08 22:57 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-08 22:57 - 2006-11-02 14:16 - 00008798 ____A C:\Windows\SysWOW64\icrav03.rat
2013-06-08 22:57 - 2006-11-02 14:16 - 00001988 ____A C:\Windows\SysWOW64\ticrf.rat
2013-06-08 22:57 - 2006-11-02 08:36 - 00008798 ____A C:\Windows\System32\icrav03.rat
2013-06-08 22:57 - 2006-11-02 08:36 - 00001988 ____A C:\Windows\System32\ticrf.rat
2013-06-08 21:59 - 2009-12-03 18:39 - 00380928 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2013-06-08 21:56 - 2013-06-08 21:56 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-06-07 08:05 - 2009-05-19 14:37 - 00674972 ____A C:\Windows\System32\perfh007.dat
2013-06-07 08:05 - 2009-05-19 14:37 - 00145640 ____A C:\Windows\System32\perfc007.dat
2013-06-07 08:05 - 2006-11-02 14:46 - 01568904 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-03 20:03 - 2013-06-03 20:03 - 00000845 ____A C:\Users\UpdatusUser\Desktop\PDF Password Remover v3.1.lnk
2013-06-03 20:03 - 2013-06-03 20:03 - 00000845 ____A C:\Users\postgres\Desktop\PDF Password Remover v3.1.lnk
2013-06-03 20:03 - 2013-06-03 20:03 - 00000845 ____A C:\Users\elephant\Desktop\PDF Password Remover v3.1.lnk
2013-06-03 20:01 - 2013-06-03 19:47 - 00000000 ____D C:\Program Files (x86)\BeCyPDFMetaEdit
2013-06-02 17:44 - 2012-07-19 20:28 - 00000000 ____D C:\Users\xxx\Desktop\Projekt
2013-06-02 16:57 - 2010-10-13 15:54 - 00000000 ____D C:\Users\xxx\Desktop\Stuff
2013-05-23 21:03 - 2011-04-25 19:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-05-23 21:03 - 2011-04-25 19:36 - 00000000 ____D C:\ProgramData\Skype
2013-05-23 20:58 - 2012-04-25 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-22 23:19 - 2013-05-22 22:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-20 22:12 - 2010-04-09 23:30 - 00000000 ____D C:\users\postgres
2013-05-19 18:54 - 2013-05-19 18:54 - 00000154 ____A C:\Users\xxx\.appletviewer
2013-05-19 18:54 - 2009-09-14 13:56 - 00000000 ____D C:\users\xxx
2013-05-19 13:50 - 2011-06-06 18:38 - 00000000 ____D C:\Users\xxx\Desktop\Bücher Maschinenbau
2013-05-19 13:48 - 2012-11-01 20:52 - 00000000 ____D C:\Users\xxx\Desktop\Masterarbeit
2013-05-19 13:22 - 2013-05-19 13:22 - 00000000 ____D C:\Users\xxx\AppData\Local\Cisco
2013-05-19 13:22 - 2013-05-19 13:22 - 00000000 ____D C:\ProgramData\Cisco
2013-05-19 13:22 - 2013-05-19 13:22 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-05-18 12:26 - 2012-06-10 11:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 23:24 - 2010-04-11 14:44 - 00125808 ____A C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2013-05-16 20:48 - 2006-11-02 17:21 - 00460928 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 11:05 - 2013-01-07 04:24 - 00000039 ____A C:\Windows\vbaddin.ini
2013-05-16 11:01 - 2006-11-02 14:35 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-05-16 10:56 - 2012-01-10 23:36 - 00001883 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2013-05-16 10:53 - 2013-01-03 14:25 - 00125808 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2013-05-15 23:59 - 2010-08-01 13:49 - 00000000 ____D C:\ProgramData\DivX
2013-05-15 23:59 - 2010-08-01 13:49 - 00000000 ____D C:\Program Files (x86)\DivX
2013-05-15 23:58 - 2010-08-01 13:52 - 00000000 ____D C:\Program Files\DivX
2013-05-15 23:55 - 2013-05-15 23:55 - 00000000 ____A C:\END
2013-05-14 23:46 - 2012-04-26 14:59 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-14 23:46 - 2011-07-06 09:40 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-14 22:23 - 2013-02-23 22:57 - 00010421 ____A C:\Windows\avmfwlanci.log

ZeroAccess:
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\L
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\L\00000004.@
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\L\76603ac3

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2009-12-03 18:39] - [2013-06-08 21:59] - 0380928 ____A (Microsoft Corporation) F8DCE3BED869F69C9F7C562B943BC255

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-09 16:07

==================== End Of Log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2013
Ran by Sason at 2013-06-09 19:59:54 Run:
Running from C:\Users\xxx\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe Acrobat XI Pro (Version: 11.0.03)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader 9.5.5 - Deutsch (Version: 9.5.5)
Apple Application Support (Version: 1.1.0)
Apple Mobile Device Support (Version: 2.6.0.32)
ASUS GPU Tweak (Version: 2.1.0.1)
AVM FRITZ!WLAN
AVR Studio 5.0 (Version: 5.0.1223)
Benutzerhandbuch EPSON SX235 Series
Bonjour (Version: 1.0.106)
CameraHelperMsi (Version: 13.51.815.0)
CCleaner (Version: 2.27)
Cisco AnyConnect Secure Mobility Client  (Version: 3.1.00495)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.00495)
Citavi (Version: 3.4.0.2)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite Deluxe (Version: 6.0.2602)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
DivX-Setup (Version: 2.6.1.41)
Dropbox (Version: 1.6.18)
Epson Easy Photo Print 2 (Version: 2.2.4.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 2.50.0000)
EPSON Scan
EPSON SX235 Series Printer Uninstall
EPSON-Drucker-Software
EpsonNet Print (Version: 2.4j)
erLT (Version: 1.20.138.34)
F.lux
Freemake Video Converter Version 3.0.2 (Version: 3.0.2)
Full Tilt Poker (Version: 4.20.11.WIN.FullTilt.COM)
G*Power 3.1.3 (Version: 3.1.3)
GIMP 2.6.8
Hauppauge WinTV 7 (Version: 7.0.28130)
Hauppauge WinTV Infrared Remote (Version: 2.66.28078)
Holdem Manager
HP Odometer (Version: 2.10.0000)
HP Recovery Manager RSS (Version: 92.0.0.11)
HP Support Information (Version: 10.1.0001)
ICM Trainer (Version: 1.0.0)
ICM Trainer Light (Version: 1.1)
IrfanView (remove only) (Version: 4.35)
IsoBuster 3.1 (Version: 3.1)
iTunes (Version: 9.0.2.25)
Java 7 Update 15 (Version: 7.0.150)
Java(TM) 6 Update 22 (Version: 6.0.220)
LightScribe System Software (Version: 1.18.3.2)
Logitech Webcam-Software (Version: 2.51)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.51.827.0)
LWS Help_main (Version: 13.51.828.0)
LWS Launcher (Version: 13.51.828.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.51.815.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Webcam Software (Version: 13.51.815.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
MathType 6 (Version: 6.6)
MATLAB 7.1 (Version: 7.1)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft IntelliPoint 6.3 (Version: 6.31.258.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Media Content (Version: 10.0.2619.0)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
Netzwerkhandbuch EPSON SX235 Series
NVIDIA 3D Vision Controller-Treiber 296.16 (Version: 296.16)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.11.9793)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
PartyPoker (Version: 147)
Pixum Fotobuch
PokerStars
PokerStrategy Equilator (Version: 1.7)
PokerStrategy.com Equilab (Version: 1.1.0.195)
PostgreSQL 8.4 (Version: 8.4)
Power2Go (Version: 6.0.2602)
PowerDirector (Version: 7.0.2611)
PVSonyDll (Version: 1.00.0001)
Python 2.6 pywin32-212 (Version: 2.12)
Python 2.6.1 (Version: 2.6.1150)
QuickTime (Version: 7.65.17.80)
RAR File Open Knife - Free Opener (Version: 1.00)
Realtek High Definition Audio Driver (Version: 6.0.1.5789)
Secure Download Manager (Version: 3.1.0)
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 6.0.10201)
Skype™ 6.3 (Version: 6.3.107)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 4.45.1000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VBA (3821b) (Version: 6.01.00.1234)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.9 (Version: 1.1.9)
Winamp (Version: 5.61 )
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Video Screensaver Powertoy
Winload Toolbar (Version: 6.8.5.1)
Yahoo! Detect

==================== Restore Points  =========================

02-05-2013 21:34:01 Geplanter Prüfpunkt
03-05-2013 11:23:58 Geplanter Prüfpunkt
05-05-2013 18:27:01 Geplanter Prüfpunkt
06-05-2013 21:25:04 Geplanter Prüfpunkt
07-05-2013 20:19:46 Windows Update
12-05-2013 15:23:04 Windows Update
13-05-2013 17:57:56 Geplanter Prüfpunkt
16-05-2013 09:05:41 Windows-Modulinstallation
16-05-2013 19:03:01 Windows Update
18-05-2013 10:22:18 Windows Update
19-05-2013 11:21:32 Installed Cisco AnyConnect Secure Mobility Client
21-05-2013 19:37:12 Geplanter Prüfpunkt
24-05-2013 19:46:00 Windows Update
25-05-2013 13:28:57 Geplanter Prüfpunkt
26-05-2013 12:35:46 Geplanter Prüfpunkt
27-05-2013 19:59:39 Geplanter Prüfpunkt
28-05-2013 18:16:37 Windows Update
30-05-2013 20:37:28 Geplanter Prüfpunkt
31-05-2013 20:27:29 Geplanter Prüfpunkt
01-06-2013 22:15:57 Geplanter Prüfpunkt
02-06-2013 14:02:38 Geplanter Prüfpunkt
06-06-2013 19:44:06 Windows Update
08-06-2013 20:52:46 Windows-Modulinstallation

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2013 03:50:07 PM) (Source: PostgreSQL) (User: )
Description: 2013-06-09 15:50:07 CESTFATAL:  the database system is starting up

Error: (06/09/2013 03:50:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2013 01:37:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2013 00:40:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2013 10:03:25 PM) (Source: matlabserver) (User: )
Description: matlabserver error: 0Engine wait timeout 180 reached for instance 0.

Error: (06/08/2013 10:02:30 PM) (Source: matlabserver) (User: )
Description: matlabserver error: 0EngOpen() WORKER_THREAD_PROC failed.

Error: (06/08/2013 10:01:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2013 09:58:21 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x7594a57d,
Prozess-ID 0xcac, Anwendungsstartzeit svchost.exe0.

Error: (06/08/2013 09:57:14 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x7594a57d,
Prozess-ID 0x1208, Anwendungsstartzeit svchost.exe0.

Error: (06/08/2013 09:56:07 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x7594a57d,
Prozess-ID 0x618, Anwendungsstartzeit svchost.exe0.


System errors:
=============
Error: (06/09/2013 03:52:17 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (06/09/2013 03:52:17 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (06/09/2013 03:50:14 PM) (Source: Service Control Manager) (User: )
Description: Beep
ildid
sboliv
SRTSP
SRTSPX
yyca

Error: (06/09/2013 03:50:06 PM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3

Error: (06/09/2013 03:48:48 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (06/09/2013 03:48:46 PM) (Source: Service Control Manager) (User: )
Description: Computerbrowser%%1060

Error: (06/09/2013 03:47:45 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/09/2013 01:57:25 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (06/09/2013 01:51:35 PM) (Source: Service Control Manager) (User: )
Description: MATLAB Server1

Error: (06/09/2013 01:51:35 PM) (Source: Service Control Manager) (User: )
Description: ASGT1


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-06-09 15:47:45.120
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-09 15:47:44.839
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-13 15:20:43.343
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-13 15:20:43.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-13 15:20:42.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-13 15:20:42.560
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-13 15:20:42.308
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-13 15:20:42.057
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-13 15:20:41.766
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-03-13 15:20:41.517
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 73%
Total physical RAM: 4094.26 MB
Available physical RAM: 1088.73 MB
Total Pagefile: 8379.8 MB
Available Pagefile: 5065.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (COMPAQ) (Fixed) (Total:581.64 GB) (Free:339.47 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.53 GB) (Free:2.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=582 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Nil11 · 09.06.2013, 19:18

TDSS Killer:

Code:

ATTFilter

20:15:25.0383 5308  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:15:27.0390 5308  ============================================================
20:15:27.0390 5308  Current date / time: 2013/06/09 20:15:27.0390
20:15:27.0391 5308  SystemInfo:
20:15:27.0391 5308  
20:15:27.0391 5308  OS Version: 6.0.6002 ServicePack: 2.0
20:15:27.0391 5308  Product type: Workstation
20:15:27.0391 5308  ComputerName: xxx-PC
20:15:27.0391 5308  UserName: xxx
20:15:27.0391 5308  Windows directory: C:\Windows
20:15:27.0391 5308  System windows directory: C:\Windows
20:15:27.0391 5308  Running under WOW64
20:15:27.0391 5308  Processor architecture: Intel x64
20:15:27.0391 5308  Number of processors: 4
20:15:27.0391 5308  Page size: 0x1000
20:15:27.0391 5308  Boot type: Normal boot
20:15:27.0391 5308  ============================================================
20:15:28.0351 5308  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:15:28.0365 5308  ============================================================
20:15:28.0365 5308  \Device\Harddisk0\DR0:
20:15:28.0365 5308  MBR partitions:
20:15:28.0365 5308  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48B46A59
20:15:28.0365 5308  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B46A98, BlocksNum 0x1D10429
20:15:28.0365 5308  ============================================================
20:15:28.0387 5308  C: <-> \Device\Harddisk0\DR0\Partition1
20:15:28.0435 5308  D: <-> \Device\Harddisk0\DR0\Partition2
20:15:28.0436 5308  ============================================================
20:15:28.0436 5308  Initialize success
20:15:28.0436 5308  ============================================================
20:15:34.0157 5396  ============================================================
20:15:34.0157 5396  Scan started
20:15:34.0157 5396  Mode: Manual; SigCheck; TDLFS; 
20:15:34.0157 5396  ============================================================
20:15:34.0941 5396  ================ Scan system memory ========================
20:15:34.0941 5396  System memory - ok
20:15:34.0942 5396  ================ Scan services =============================
20:15:35.0013 5396  [ A0709B82FA3B5AFAD1467E565B8B3BA0 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:15:35.0126 5396  !SASCORE ( UnsignedFile.Multi.Generic ) - warning
20:15:35.0126 5396  !SASCORE - detected UnsignedFile.Multi.Generic (1)
20:15:35.0411 5396  [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
20:15:35.0448 5396  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
20:15:35.0582 5396  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:15:35.0606 5396  ACPI - ok
20:15:35.0636 5396  [ A19C69ABB22525D11E9C3E45DFA20850 ] acsint          C:\Windows\system32\DRIVERS\acsint64.sys
20:15:35.0657 5396  acsint - ok
20:15:35.0691 5396  [ 3AAFC0ACF51C45605256D3BC4EB6C4FB ] acsmux          C:\Windows\system32\DRIVERS\acsmux64.sys
20:15:35.0702 5396  acsmux - ok
20:15:35.0762 5396  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:15:35.0775 5396  AdobeARMservice - ok
20:15:35.0876 5396  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:15:35.0890 5396  AdobeFlashPlayerUpdateSvc - ok
20:15:35.0934 5396  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:15:35.0961 5396  adp94xx - ok
20:15:36.0015 5396  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:15:36.0036 5396  adpahci - ok
20:15:36.0081 5396  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:15:36.0096 5396  adpu160m - ok
20:15:36.0115 5396  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:15:36.0130 5396  adpu320 - ok
20:15:36.0164 5396  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:15:36.0280 5396  AeLookupSvc - ok
20:15:36.0330 5396  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
20:15:36.0392 5396  AFD - ok
20:15:36.0414 5396  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:15:36.0427 5396  agp440 - ok
20:15:36.0466 5396  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:15:36.0480 5396  aic78xx - ok
20:15:36.0493 5396  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
20:15:36.0620 5396  ALG - ok
20:15:36.0648 5396  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:15:36.0662 5396  aliide - ok
20:15:36.0676 5396  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
20:15:36.0687 5396  amdide - ok
20:15:36.0701 5396  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:15:36.0749 5396  AmdK8 - ok
20:15:36.0776 5396  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
20:15:36.0813 5396  Appinfo - ok
20:15:36.0939 5396  [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:15:36.0950 5396  Apple Mobile Device - ok
20:15:36.0967 5396  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
20:15:36.0982 5396  arc - ok
20:15:37.0008 5396  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:15:37.0022 5396  arcsas - ok
20:15:37.0053 5396  [ E536856E96A7605EBF580D62A868E5FE ] ASGT            C:\Windows\SysWOW64\ASGT.exe
20:15:37.0057 5396  ASGT ( UnsignedFile.Multi.Generic ) - warning
20:15:37.0057 5396  ASGT - detected UnsignedFile.Multi.Generic (1)
20:15:37.0189 5396  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:15:37.0201 5396  aspnet_state - ok
20:15:37.0230 5396  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:37.0277 5396  AsyncMac - ok
20:15:37.0330 5396  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:15:37.0343 5396  atapi - ok
20:15:37.0416 5396  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:37.0478 5396  AudioEndpointBuilder - ok
20:15:37.0499 5396  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:15:37.0530 5396  AudioSrv - ok
20:15:37.0588 5396  [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
20:15:37.0627 5396  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
20:15:37.0627 5396  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
20:15:37.0661 5396  [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject        C:\Windows\system32\drivers\avmeject.sys
20:15:37.0670 5396  avmeject - ok
20:15:37.0695 5396  Beep - ok
20:15:37.0751 5396  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
20:15:37.0808 5396  BFE - ok
20:15:37.0864 5396  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\system32\qmgr.dll
20:15:37.0957 5396  BITS - ok
20:15:37.0985 5396  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:15:38.0019 5396  blbdrive - ok
20:15:38.0053 5396  [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:15:38.0075 5396  Bonjour Service - ok
20:15:38.0125 5396  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:15:38.0162 5396  bowser - ok
20:15:38.0189 5396  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:15:38.0228 5396  BrFiltLo - ok
20:15:38.0249 5396  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:15:38.0290 5396  BrFiltUp - ok
20:15:38.0331 5396  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
20:15:38.0385 5396  Browser - ok
20:15:38.0404 5396  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:15:38.0551 5396  Brserid - ok
20:15:38.0570 5396  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:15:38.0643 5396  BrSerWdm - ok
20:15:38.0658 5396  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:15:38.0728 5396  BrUsbMdm - ok
20:15:38.0742 5396  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:15:38.0814 5396  BrUsbSer - ok
20:15:38.0832 5396  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:15:38.0899 5396  BTHMODEM - ok
20:15:38.0931 5396  catchme - ok
20:15:38.0946 5396  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:15:38.0994 5396  cdfs - ok
20:15:39.0044 5396  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:15:39.0089 5396  cdrom - ok
20:15:39.0147 5396  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:15:39.0187 5396  CertPropSvc - ok
20:15:39.0204 5396  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:15:39.0255 5396  circlass - ok
20:15:39.0305 5396  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
20:15:39.0327 5396  CLFS - ok
20:15:39.0388 5396  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:39.0401 5396  clr_optimization_v2.0.50727_32 - ok
20:15:39.0463 5396  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:15:39.0475 5396  clr_optimization_v2.0.50727_64 - ok
20:15:39.0593 5396  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:15:39.0606 5396  clr_optimization_v4.0.30319_32 - ok
20:15:39.0660 5396  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:15:39.0673 5396  clr_optimization_v4.0.30319_64 - ok
20:15:39.0689 5396  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:15:39.0701 5396  cmdide - ok
20:15:39.0716 5396  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:15:39.0729 5396  Compbatt - ok
20:15:39.0734 5396  COMSysApp - ok
20:15:39.0757 5396  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:15:39.0770 5396  crcdisk - ok
20:15:39.0812 5396  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:15:39.0858 5396  CryptSvc - ok
20:15:39.0921 5396  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:15:40.0033 5396  DcomLaunch - ok
20:15:40.0087 5396  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:15:40.0129 5396  DfsC - ok
20:15:40.0241 5396  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
20:15:40.0391 5396  DFSR - ok
20:15:40.0450 5396  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:15:40.0489 5396  Dhcp - ok
20:15:40.0545 5396  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
20:15:40.0560 5396  disk - ok
20:15:40.0634 5396  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:15:40.0661 5396  Dnscache - ok
20:15:40.0745 5396  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:15:40.0791 5396  dot3svc - ok
20:15:40.0818 5396  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
20:15:40.0872 5396  DPS - ok
20:15:40.0908 5396  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:15:40.0951 5396  drmkaud - ok
20:15:40.0993 5396  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:15:41.0071 5396  DXGKrnl - ok
20:15:41.0135 5396  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
20:15:41.0172 5396  E1G60 - ok
20:15:41.0196 5396  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
20:15:41.0238 5396  EapHost - ok
20:15:41.0285 5396  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:15:41.0303 5396  Ecache - ok
20:15:41.0341 5396  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:15:41.0382 5396  ehRecvr - ok
20:15:41.0403 5396  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
20:15:41.0432 5396  ehSched - ok
20:15:41.0455 5396  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
20:15:41.0500 5396  ehstart - ok
20:15:41.0521 5396  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:15:41.0543 5396  elxstor - ok
20:15:41.0659 5396  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:15:41.0715 5396  EMDMgmt - ok
20:15:41.0895 5396  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
20:15:41.0943 5396  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
20:15:41.0943 5396  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
20:15:41.0958 5396  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:15:41.0998 5396  ErrDev - ok
20:15:42.0061 5396  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
20:15:42.0146 5396  EventSystem - ok
20:15:42.0254 5396  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:15:42.0336 5396  exfat - ok
20:15:42.0373 5396  ezSharedSvc - ok
20:15:42.0458 5396  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:15:42.0508 5396  fastfat - ok
20:15:42.0536 5396  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:15:42.0571 5396  fdc - ok
20:15:42.0606 5396  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
20:15:42.0655 5396  fdPHost - ok
20:15:42.0671 5396  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
20:15:42.0742 5396  FDResPub - ok
20:15:42.0763 5396  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:15:42.0788 5396  FileInfo - ok
20:15:42.0812 5396  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:15:42.0873 5396  Filetrace - ok
20:15:42.0891 5396  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:42.0926 5396  flpydisk - ok
20:15:42.0974 5396  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:15:43.0005 5396  FltMgr - ok
20:15:43.0232 5396  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
20:15:43.0314 5396  FontCache - ok
20:15:43.0402 5396  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:15:43.0412 5396  FontCache3.0.0.0 - ok
20:15:43.0458 5396  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:15:43.0501 5396  Fs_Rec - ok
20:15:43.0602 5396  [ 15585492E45E2F30768B2D5B57929D99 ] fwlanusbn       C:\Windows\system32\DRIVERS\fwlanusbn.sys
20:15:43.0660 5396  fwlanusbn - ok
20:15:43.0699 5396  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:15:43.0713 5396  gagp30kx - ok
20:15:43.0786 5396  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:15:43.0795 5396  GEARAspiWDM - ok
20:15:43.0947 5396  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:15:43.0990 5396  gpsvc - ok
20:15:44.0035 5396  [ 1DBBF9BE473F6CA2F2F4182FCCF563DC ] HauppaugeTVServer C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE
20:15:44.0104 5396  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - warning
20:15:44.0104 5396  HauppaugeTVServer - detected UnsignedFile.Multi.Generic (1)
20:15:44.0150 5396  [ 7927EB9E64902FCAF126538F009C824C ] hcw95bda        C:\Windows\system32\Drivers\hcw95bda.sys
20:15:44.0223 5396  hcw95bda - ok
20:15:44.0274 5396  [ 6CC035E4B3FD9702ABEB71D3FF8B899E ] hcw95rc         C:\Windows\system32\DRIVERS\hcw95rc.sys
20:15:44.0298 5396  hcw95rc - ok
20:15:44.0349 5396  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:15:44.0381 5396  HdAudAddService - ok
20:15:44.0612 5396  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:15:44.0703 5396  HDAudBus - ok
20:15:44.0736 5396  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:15:44.0819 5396  HidBth - ok
20:15:44.0850 5396  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:15:44.0921 5396  HidIr - ok
20:15:44.0965 5396  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\System32\hidserv.dll
20:15:45.0008 5396  hidserv - ok
20:15:45.0061 5396  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:15:45.0106 5396  HidUsb - ok
20:15:45.0145 5396  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:15:45.0193 5396  hkmsvc - ok
20:15:45.0227 5396  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:15:45.0240 5396  HpCISSs - ok
20:15:45.0334 5396  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:15:45.0430 5396  HTTP - ok
20:15:45.0441 5396  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:15:45.0455 5396  i2omp - ok
20:15:45.0485 5396  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:15:45.0518 5396  i8042prt - ok
20:15:45.0540 5396  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:15:45.0556 5396  iaStorV - ok
20:15:45.0621 5396  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:45.0679 5396  idsvc - ok
20:15:45.0698 5396  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:15:45.0709 5396  iirsp - ok
20:15:45.0765 5396  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
20:15:45.0823 5396  IKEEXT - ok
20:15:45.0853 5396  ildid - ok
20:15:45.0910 5396  [ 1EDAB7F9B9DE4424BECCDEF950CE2FF0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:15:45.0975 5396  IntcAzAudAddService - ok
20:15:46.0011 5396  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
20:15:46.0023 5396  intelide - ok
20:15:46.0034 5396  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:15:46.0087 5396  intelppm - ok
20:15:46.0115 5396  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:15:46.0165 5396  IPBusEnum - ok
20:15:46.0207 5396  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:46.0251 5396  IpFilterDriver - ok
20:15:46.0317 5396  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:15:46.0357 5396  iphlpsvc - ok
20:15:46.0362 5396  IpInIp - ok
20:15:46.0376 5396  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:15:46.0440 5396  IPMIDRV - ok
20:15:46.0462 5396  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:15:46.0519 5396  IPNAT - ok
20:15:46.0599 5396  [ 006597773BE583D1CCF6A913477937E0 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:15:46.0635 5396  iPod Service - ok
20:15:46.0685 5396  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:15:46.0732 5396  IRENUM - ok
20:15:46.0764 5396  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:15:46.0776 5396  isapnp - ok
20:15:46.0832 5396  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:15:46.0847 5396  iScsiPrt - ok
20:15:46.0860 5396  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:15:46.0871 5396  iteatapi - ok
20:15:46.0893 5396  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:15:46.0903 5396  iteraid - ok
20:15:46.0931 5396  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:15:46.0958 5396  kbdclass - ok
20:15:47.0015 5396  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:15:47.0062 5396  kbdhid - ok
20:15:47.0105 5396  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
20:15:47.0154 5396  KeyIso - ok
20:15:47.0301 5396  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:15:47.0362 5396  KSecDD - ok
20:15:47.0385 5396  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:15:47.0433 5396  ksthunk - ok
20:15:47.0478 5396  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:15:47.0518 5396  KtmRm - ok
20:15:47.0605 5396  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:15:47.0665 5396  LanmanServer - ok
20:15:47.0697 5396  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:15:47.0721 5396  LanmanWorkstation - ok
20:15:47.0766 5396  [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:15:47.0784 5396  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
20:15:47.0784 5396  LightScribeService - detected UnsignedFile.Multi.Generic (1)
20:15:47.0803 5396  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:15:47.0853 5396  lltdio - ok
20:15:47.0886 5396  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:15:47.0937 5396  lltdsvc - ok
20:15:47.0958 5396  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:15:47.0993 5396  lmhosts - ok
20:15:48.0030 5396  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:15:48.0042 5396  LSI_FC - ok
20:15:48.0064 5396  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:15:48.0077 5396  LSI_SAS - ok
20:15:48.0102 5396  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:15:48.0116 5396  LSI_SCSI - ok
20:15:48.0135 5396  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:15:48.0186 5396  luafv - ok
20:15:48.0223 5396  [ 701223C663019B62029FAB1A2385EE81 ] LUMDriver       C:\Windows\system32\drivers\LUMDriver.sys
20:15:48.0232 5396  LUMDriver - ok
20:15:48.0244 5396  lvpepf64 - ok
20:15:48.0253 5396  LVPr2M64 - ok
20:15:48.0287 5396  [ A401CFF74982D8DF851F20307C806073 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
20:15:48.0305 5396  LVRS64 - ok
20:15:48.0309 5396  LVUSBS64 - ok
20:15:48.0461 5396  [ 13384CB5F5813E65F31078D6ABFAAF38 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
20:15:48.0813 5396  LVUVC64 - ok
20:15:48.0930 5396  [ BDD577BD14B8F1D909AAD45AD729108C ] matlabserver    C:\Program Files (x86)\MATLAB71\webserver\bin\win32\matlabserver.exe
20:15:48.0958 5396  matlabserver ( UnsignedFile.Multi.Generic ) - warning
20:15:48.0958 5396  matlabserver - detected UnsignedFile.Multi.Generic (1)
20:15:49.0025 5396  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:15:49.0050 5396  Mcx2Svc - ok
20:15:49.0123 5396  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
20:15:49.0135 5396  megasas - ok
20:15:49.0178 5396  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:15:49.0201 5396  MegaSR - ok
20:15:49.0258 5396  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:15:49.0268 5396  Microsoft Office Groove Audit Service - ok
20:15:49.0286 5396  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
20:15:49.0329 5396  MMCSS - ok
20:15:49.0349 5396  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
20:15:49.0380 5396  Modem - ok
20:15:49.0414 5396  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:15:49.0445 5396  monitor - ok
20:15:49.0456 5396  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:15:49.0467 5396  mouclass - ok
20:15:49.0481 5396  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:15:49.0526 5396  mouhid - ok
20:15:49.0545 5396  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:15:49.0557 5396  MountMgr - ok
20:15:49.0592 5396  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:15:49.0605 5396  MozillaMaintenance - ok
20:15:49.0637 5396  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:15:49.0650 5396  mpio - ok
20:15:49.0671 5396  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:15:49.0710 5396  mpsdrv - ok
20:15:49.0759 5396  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:15:49.0838 5396  MpsSvc - ok
20:15:49.0856 5396  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:15:49.0868 5396  Mraid35x - ok
20:15:49.0925 5396  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:15:49.0954 5396  MRxDAV - ok
20:15:49.0993 5396  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:50.0036 5396  mrxsmb - ok
20:15:50.0060 5396  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:50.0096 5396  mrxsmb10 - ok
20:15:50.0120 5396  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:50.0135 5396  mrxsmb20 - ok
20:15:50.0148 5396  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
20:15:50.0161 5396  msahci - ok
20:15:50.0186 5396  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:15:50.0200 5396  msdsm - ok
20:15:50.0223 5396  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
20:15:50.0274 5396  MSDTC - ok
20:15:50.0314 5396  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:15:50.0364 5396  Msfs - ok
20:15:50.0395 5396  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:15:50.0406 5396  msisadrv - ok
20:15:50.0427 5396  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:15:50.0460 5396  MSiSCSI - ok
20:15:50.0465 5396  msiserver - ok
20:15:50.0489 5396  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:15:50.0533 5396  MSKSSRV - ok
20:15:50.0555 5396  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:50.0586 5396  MSPCLOCK - ok
20:15:50.0597 5396  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:15:50.0639 5396  MSPQM - ok
20:15:50.0794 5396  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:15:50.0813 5396  MsRPC - ok
20:15:50.0826 5396  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:15:50.0839 5396  mssmbios - ok
20:15:50.0853 5396  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:15:50.0902 5396  MSTEE - ok
20:15:50.0923 5396  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:15:50.0937 5396  Mup - ok
20:15:50.0986 5396  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
20:15:51.0059 5396  napagent - ok
20:15:51.0118 5396  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:15:51.0145 5396  NativeWifiP - ok
20:15:51.0193 5396  NAVENG - ok
20:15:51.0197 5396  NAVEX15 - ok
20:15:51.0260 5396  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:15:51.0300 5396  NDIS - ok
20:15:51.0335 5396  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:51.0378 5396  NdisTapi - ok
20:15:51.0400 5396  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:51.0448 5396  Ndisuio - ok
20:15:51.0466 5396  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:51.0509 5396  NdisWan - ok
20:15:51.0530 5396  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:15:51.0574 5396  NDProxy - ok
20:15:51.0591 5396  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:15:51.0629 5396  NetBIOS - ok
20:15:51.0681 5396  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:15:51.0711 5396  netbt - ok
20:15:51.0715 5396  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
20:15:51.0729 5396  Netlogon - ok
20:15:51.0756 5396  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
20:15:51.0844 5396  Netman - ok
20:15:51.0898 5396  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:15:51.0911 5396  NetMsmqActivator - ok
20:15:51.0915 5396  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:15:51.0926 5396  NetPipeActivator - ok
20:15:51.0942 5396  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
20:15:51.0983 5396  netprofm - ok
20:15:51.0988 5396  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:15:52.0000 5396  NetTcpActivator - ok
20:15:52.0004 5396  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:15:52.0015 5396  NetTcpPortSharing - ok
20:15:52.0026 5396  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:15:52.0037 5396  nfrd960 - ok
20:15:52.0053 5396  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:15:52.0106 5396  NlaSvc - ok
20:15:52.0121 5396  Norton Internet Security - ok
20:15:52.0179 5396  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:15:52.0214 5396  Npfs - ok
20:15:52.0232 5396  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
20:15:52.0275 5396  nsi - ok
20:15:52.0290 5396  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:15:52.0335 5396  nsiproxy - ok
20:15:52.0393 5396  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:15:52.0461 5396  Ntfs - ok
20:15:52.0485 5396  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
20:15:52.0533 5396  Null - ok
20:15:52.0567 5396  [ 57C718139D52E017331806BAF4A1100A ] NVFLASH         C:\Windows\system32\drivers\nvflash.sys
20:15:52.0578 5396  NVFLASH - ok
20:15:52.0610 5396  [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
20:15:52.0624 5396  NVHDA - ok
20:15:52.0853 5396  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:15:53.0226 5396  nvlddmkm - ok
20:15:53.0245 5396  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:15:53.0261 5396  nvraid - ok
20:15:53.0277 5396  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:15:53.0290 5396  nvstor - ok
20:15:53.0326 5396  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:15:53.0366 5396  nvsvc - ok
20:15:53.0450 5396  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:15:53.0504 5396  nvUpdatusService - ok
20:15:53.0520 5396  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:15:53.0535 5396  nv_agp - ok
20:15:53.0540 5396  NwlnkFlt - ok
20:15:53.0547 5396  NwlnkFwd - ok
20:15:53.0614 5396  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:15:53.0635 5396  odserv - ok
20:15:53.0656 5396  [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:15:53.0711 5396  ohci1394 - ok
20:15:53.0752 5396  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:15:53.0764 5396  ose - ok
20:15:53.0904 5396  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:15:54.0086 5396  osppsvc - ok
20:15:54.0138 5396  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:15:54.0221 5396  p2pimsvc - ok
20:15:54.0252 5396  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
20:15:54.0282 5396  p2psvc - ok
20:15:54.0310 5396  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
20:15:54.0372 5396  Parport - ok
20:15:54.0405 5396  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:15:54.0420 5396  partmgr - ok
20:15:54.0439 5396  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:15:54.0490 5396  PcaSvc - ok
20:15:54.0584 5396  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
20:15:54.0617 5396  pci - ok
20:15:54.0664 5396  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:15:54.0691 5396  pciide - ok
20:15:54.0716 5396  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:15:54.0732 5396  pcmcia - ok
20:15:54.0754 5396  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:15:54.0830 5396  PEAUTH - ok
20:15:55.0064 5396  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:15:55.0115 5396  PerfHost - ok
20:15:55.0137 5396  PID_PEPI - ok
20:15:55.0187 5396  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
20:15:55.0301 5396  pla - ok
20:15:55.0350 5396  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:15:55.0382 5396  PlugPlay - ok
20:15:55.0405 5396  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:15:55.0445 5396  PNRPAutoReg - ok
20:15:55.0497 5396  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:15:55.0524 5396  PNRPsvc - ok
20:15:55.0588 5396  [ 147938DA9605668EC48B8419E819CAF1 ] Point64         C:\Windows\system32\DRIVERS\point64k.sys
20:15:55.0600 5396  Point64 - ok
20:15:55.0670 5396  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:15:55.0751 5396  PolicyAgent - ok
20:15:55.0808 5396  postgresql-8.4 - ok
20:15:55.0861 5396  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:15:55.0900 5396  PptpMiniport - ok
20:15:55.0933 5396  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
20:15:55.0974 5396  Processor - ok
20:15:56.0025 5396  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
20:15:56.0067 5396  ProfSvc - ok
20:15:56.0088 5396  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
20:15:56.0100 5396  ProtectedStorage - ok
20:15:56.0156 5396  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:15:56.0181 5396  PSched - ok
20:15:56.0225 5396  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:15:56.0279 5396  ql2300 - ok
20:15:56.0301 5396  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:15:56.0315 5396  ql40xx - ok
20:15:56.0343 5396  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
20:15:56.0379 5396  QWAVE - ok
20:15:56.0401 5396  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:15:56.0415 5396  QWAVEdrv - ok
20:15:56.0424 5396  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:15:56.0477 5396  RasAcd - ok
20:15:56.0494 5396  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
20:15:56.0544 5396  RasAuto - ok
20:15:56.0591 5396  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:56.0634 5396  Rasl2tp - ok
20:15:56.0665 5396  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
20:15:56.0694 5396  RasMan - ok
20:15:56.0756 5396  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:56.0779 5396  RasPppoe - ok
20:15:56.0829 5396  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:15:56.0841 5396  RasSstp - ok
20:15:56.0892 5396  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:15:56.0920 5396  rdbss - ok
20:15:56.0926 5396  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:56.0959 5396  RDPCDD - ok
20:15:56.0995 5396  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:15:57.0053 5396  rdpdr - ok
20:15:57.0057 5396  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:15:57.0090 5396  RDPENCDD - ok
20:15:57.0127 5396  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:15:57.0168 5396  RDPWD - ok
20:15:57.0187 5396  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:15:57.0232 5396  RemoteAccess - ok
20:15:57.0287 5396  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:15:57.0324 5396  RemoteRegistry - ok
20:15:57.0351 5396  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
20:15:57.0394 5396  RpcLocator - ok
20:15:57.0452 5396  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
20:15:57.0486 5396  RpcSs - ok
20:15:57.0530 5396  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:15:57.0567 5396  rspndr - ok
20:15:57.0604 5396  [ D53C84EC99AB4D78A90001E5CE5386EC ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys
20:15:57.0659 5396  RTL8169 - ok
20:15:57.0688 5396  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
20:15:57.0701 5396  SamSs - ok
20:15:57.0750 5396  [ 99DF79C258B3342B6C8A5F802998DE56 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:15:57.0759 5396  SASDIFSV - ok
20:15:57.0763 5396  [ 2859C35C0651E8EB0D86D48E740388F2 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:15:57.0773 5396  SASKUTIL - ok
20:15:57.0776 5396  sboliv - ok
20:15:57.0798 5396  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:15:57.0811 5396  sbp2port - ok
20:15:57.0999 5396  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
20:15:58.0048 5396  SBSDWSCService - ok
20:15:58.0097 5396  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:15:58.0126 5396  SCardSvr - ok
20:15:58.0240 5396  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
20:15:58.0313 5396  Schedule - ok
20:15:58.0370 5396  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:15:58.0396 5396  SCPolicySvc - ok
20:15:58.0459 5396  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:15:58.0540 5396  SDRSVC - ok
20:15:58.0563 5396  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:15:58.0643 5396  secdrv - ok
20:15:58.0676 5396  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
20:15:58.0724 5396  seclogon - ok
20:15:58.0748 5396  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\system32\sens.dll
20:15:58.0802 5396  SENS - ok
20:15:58.0830 5396  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:15:58.0892 5396  Serenum - ok
20:15:58.0936 5396  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
20:15:59.0014 5396  Serial - ok
20:15:59.0055 5396  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:15:59.0109 5396  sermouse - ok
20:15:59.0163 5396  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:15:59.0221 5396  SessionEnv - ok
20:15:59.0240 5396  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:15:59.0286 5396  sffdisk - ok
20:15:59.0308 5396  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:15:59.0343 5396  sffp_mmc - ok
20:15:59.0354 5396  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:15:59.0389 5396  sffp_sd - ok
20:15:59.0401 5396  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:15:59.0466 5396  sfloppy - ok
20:15:59.0507 5396  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:15:59.0593 5396  SharedAccess - ok
20:15:59.0667 5396  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:15:59.0708 5396  ShellHWDetection - ok
20:15:59.0757 5396  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:15:59.0786 5396  SiSRaid2 - ok
20:15:59.0826 5396  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:15:59.0856 5396  SiSRaid4 - ok
20:15:59.0986 5396  [ 4CA43B85F22C7739311788B651A779CB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:16:00.0131 5396  Skype C2C Service - ok
20:16:00.0199 5396  [ 2F5AF9D91D51E832773D4A9EAF65CB33 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:16:00.0209 5396  SkypeUpdate - ok
20:16:00.0314 5396  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
20:16:00.0501 5396  slsvc - ok
20:16:00.0542 5396  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:16:00.0585 5396  SLUINotify - ok
20:16:00.0637 5396  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:16:00.0684 5396  Smb - ok
20:16:00.0725 5396  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:16:00.0753 5396  SNMPTRAP - ok
20:16:00.0820 5396  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
20:16:00.0834 5396  spldr - ok
20:16:00.0903 5396  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
20:16:00.0935 5396  Spooler - ok
20:16:00.0992 5396  SRTSP - ok
20:16:00.0998 5396  SRTSPX - ok
20:16:01.0068 5396  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:16:01.0108 5396  srv - ok
20:16:01.0125 5396  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:16:01.0169 5396  srv2 - ok
20:16:01.0206 5396  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:16:01.0221 5396  srvnet - ok
20:16:01.0233 5396  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:16:01.0287 5396  SSDPSRV - ok
20:16:01.0305 5396  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:16:01.0338 5396  SstpSvc - ok
20:16:01.0387 5396  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:16:01.0405 5396  Stereo Service - ok
20:16:01.0461 5396  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
20:16:01.0512 5396  stisvc - ok
20:16:01.0546 5396  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:16:01.0557 5396  swenum - ok
20:16:01.0606 5396  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
20:16:01.0674 5396  swprv - ok
20:16:01.0719 5396  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:16:01.0732 5396  Symc8xx - ok
20:16:01.0748 5396  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:16:01.0761 5396  Sym_hi - ok
20:16:01.0774 5396  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:16:01.0786 5396  Sym_u3 - ok
20:16:01.0846 5396  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
20:16:01.0949 5396  SysMain - ok
20:16:01.0967 5396  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:16:01.0997 5396  TabletInputService - ok
20:16:02.0126 5396  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:16:02.0184 5396  TapiSrv - ok
20:16:02.0204 5396  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
20:16:02.0256 5396  TBS - ok
20:16:02.0379 5396  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:16:02.0468 5396  Tcpip - ok
20:16:02.0489 5396  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:16:02.0530 5396  Tcpip6 - ok
20:16:02.0584 5396  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:16:02.0661 5396  tcpipreg - ok
20:16:02.0701 5396  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:16:02.0746 5396  TDPIPE - ok
20:16:02.0776 5396  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:16:02.0823 5396  TDTCP - ok
20:16:02.0887 5396  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:16:02.0963 5396  tdx - ok
20:16:03.0009 5396  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:16:03.0023 5396  TermDD - ok
20:16:03.0230 5396  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
20:16:03.0294 5396  TermService - ok
20:16:03.0356 5396  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
20:16:03.0373 5396  Themes - ok
20:16:03.0451 5396  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:16:03.0487 5396  THREADORDER - ok
20:16:03.0531 5396  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
20:16:03.0589 5396  TrkWks - ok
20:16:03.0683 5396  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:16:03.0726 5396  TrustedInstaller - ok
20:16:03.0756 5396  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:16:03.0803 5396  tssecsrv - ok
20:16:03.0829 5396  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:16:03.0860 5396  tunmp - ok
20:16:03.0973 5396  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:16:04.0005 5396  tunnel - ok
20:16:04.0054 5396  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:16:04.0073 5396  uagp35 - ok
20:16:04.0172 5396  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:16:04.0221 5396  udfs - ok
20:16:04.0245 5396  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:16:04.0299 5396  UI0Detect - ok
20:16:04.0324 5396  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:16:04.0352 5396  uliagpkx - ok
20:16:04.0379 5396  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:16:04.0397 5396  uliahci - ok
20:16:04.0430 5396  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:16:04.0444 5396  UlSata - ok
20:16:04.0460 5396  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:16:04.0475 5396  ulsata2 - ok
20:16:04.0492 5396  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:16:04.0526 5396  umbus - ok
20:16:04.0655 5396  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
20:16:04.0717 5396  upnphost - ok
20:16:04.0787 5396  [ 9E58997A211C8C9AC9E6CFFA53614A73 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:16:04.0838 5396  USBAAPL64 - ok
20:16:04.0919 5396  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:16:04.0991 5396  usbaudio - ok
20:16:05.0065 5396  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:16:05.0105 5396  usbccgp - ok
20:16:05.0147 5396  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:16:05.0239 5396  usbcir - ok
20:16:05.0335 5396  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:16:05.0384 5396  usbehci - ok
20:16:05.0505 5396  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:16:05.0573 5396  usbhub - ok
20:16:05.0589 5396  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:16:05.0654 5396  usbohci - ok
20:16:05.0704 5396  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:16:05.0746 5396  usbprint - ok
20:16:05.0824 5396  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:16:05.0889 5396  usbscan - ok
20:16:05.0932 5396  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:16:05.0985 5396  USBSTOR - ok
20:16:06.0032 5396  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:16:06.0081 5396  usbuhci - ok
20:16:06.0150 5396  [ FC33099877790D51B0927B7039059855 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:16:06.0223 5396  usbvideo - ok
20:16:06.0283 5396  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
20:16:06.0328 5396  UxSms - ok
20:16:06.0474 5396  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
20:16:06.0522 5396  vds - ok
20:16:06.0538 5396  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:16:06.0573 5396  vga - ok
20:16:06.0615 5396  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:16:06.0650 5396  VgaSave - ok
20:16:06.0666 5396  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
20:16:06.0678 5396  viaide - ok
20:16:06.0707 5396  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:16:06.0721 5396  volmgr - ok
20:16:06.0934 5396  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:16:06.0967 5396  volmgrx - ok
20:16:07.0119 5396  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:16:07.0135 5396  volsnap - ok
20:16:07.0504 5396  [ 80E63B86C40C5E067475DC98F845A6DD ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
20:16:07.0535 5396  vpnagent - ok
20:16:07.0617 5396  [ A8D4FED106B4BD337DF3DA20BA44E18E ] vpnva           C:\Windows\system32\DRIVERS\vpnva64.sys
20:16:07.0650 5396  vpnva - ok
20:16:07.0698 5396  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:16:07.0713 5396  vsmraid - ok
20:16:08.0072 5396  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
20:16:08.0184 5396  VSS - ok
20:16:08.0339 5396  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
20:16:08.0414 5396  W32Time - ok
20:16:08.0480 5396  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:16:08.0556 5396  WacomPen - ok
20:16:08.0672 5396  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:16:08.0701 5396  Wanarp - ok
20:16:08.0705 5396  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:16:08.0731 5396  Wanarpv6 - ok
20:16:08.0932 5396  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:16:09.0020 5396  wcncsvc - ok
20:16:09.0125 5396  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:16:09.0155 5396  WcsPlugInService - ok
20:16:09.0201 5396  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
20:16:09.0214 5396  Wd - ok
20:16:09.0278 5396  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:16:09.0318 5396  Wdf01000 - ok
20:16:09.0348 5396  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:16:09.0382 5396  WdiServiceHost - ok
20:16:09.0386 5396  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:16:09.0418 5396  WdiSystemHost - ok
20:16:09.0446 5396  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
20:16:09.0477 5396  WebClient - ok
20:16:09.0547 5396  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:16:09.0592 5396  Wecsvc - ok
20:16:09.0618 5396  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:16:09.0655 5396  wercplsupport - ok
20:16:09.0697 5396  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
20:16:09.0731 5396  WerSvc - ok
20:16:09.0745 5396  WinDefend - ok
20:16:09.0753 5396  WinHttpAutoProxySvc - ok
20:16:09.0942 5396  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:16:09.0994 5396  Winmgmt - ok
20:16:10.0123 5396  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:16:10.0270 5396  WinRM - ok
20:16:10.0475 5396  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:16:10.0551 5396  Wlansvc - ok
20:16:10.0679 5396  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:16:10.0781 5396  wlidsvc - ok
20:16:10.0837 5396  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:16:10.0863 5396  WmiAcpi - ok
20:16:10.0925 5396  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:16:10.0956 5396  wmiApSrv - ok
20:16:11.0015 5396  WMPNetworkSvc - ok
20:16:11.0039 5396  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:16:11.0082 5396  WPCSvc - ok
20:16:11.0166 5396  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:16:11.0190 5396  WPDBusEnum - ok
20:16:11.0246 5396  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:16:11.0259 5396  WpdUsb - ok
20:16:11.0425 5396  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:16:11.0464 5396  WPFFontCache_v0400 - ok
20:16:11.0488 5396  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:16:11.0533 5396  ws2ifsl - ok
20:16:11.0580 5396  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\system32\wscsvc.dll
20:16:11.0597 5396  wscsvc - ok
20:16:11.0605 5396  WSearch - ok
20:16:11.0686 5396  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:16:11.0838 5396  wuauserv - ok
20:16:11.0866 5396  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:16:11.0904 5396  WudfPf - ok
20:16:11.0932 5396  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:16:11.0961 5396  WUDFRd - ok
20:16:11.0980 5396  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:16:12.0009 5396  wudfsvc - ok
20:16:12.0017 5396  yyca - ok
20:16:12.0043 5396  ================ Scan global ===============================
20:16:12.0062 5396  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
20:16:12.0102 5396  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
20:16:12.0125 5396  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
20:16:12.0159 5396  [ F8DCE3BED869F69C9F7C562B943BC255 ] C:\Windows\system32\services.exe
20:16:12.0165 5396  [Global] - ok
20:16:12.0165 5396  ================ Scan MBR ==================================
20:16:12.0172 5396  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
20:16:12.0625 5396  \Device\Harddisk0\DR0 - ok
20:16:12.0625 5396  ================ Scan VBR ==================================
20:16:12.0629 5396  [ 73B88313EEEC8D1935C176FCC911E938 ] \Device\Harddisk0\DR0\Partition1
20:16:12.0634 5396  \Device\Harddisk0\DR0\Partition1 - ok
20:16:12.0637 5396  [ D8FAEC64F54C85571B13B1BAF41E9665 ] \Device\Harddisk0\DR0\Partition2
20:16:12.0639 5396  \Device\Harddisk0\DR0\Partition2 - ok
20:16:12.0639 5396  ============================================================
20:16:12.0639 5396  Scan finished
20:16:12.0639 5396  ============================================================
20:16:12.0655 6004  Detected object count: 7
20:16:12.0655 6004  Actual detected object count: 7
20:16:39.0469 6004  !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:39.0469 6004  !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:39.0471 6004  ASGT ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:39.0471 6004  ASGT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:39.0474 6004  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:39.0474 6004  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:39.0477 6004  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:39.0477 6004  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:39.0489 6004  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:39.0489 6004  HauppaugeTVServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:39.0492 6004  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:39.0492 6004  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:39.0495 6004  matlabserver ( UnsignedFile.Multi.Generic ) - skipped by user
20:16:39.0495 6004  matlabserver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:16:42.0721 3748  Deinitialize success

schrauber · 10.06.2013, 06:45

Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ZeroAccess:
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\L
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\U
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\L\00000004.@
C:\Windows\Installer\{67c21535-6ec6-6f5a-4922-46c54ea5f30a}\L\76603ac3

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

09.06.2013, 06:56	#8
schrauber /// the machine /// TB-Ausbilder	$TR/ATRAPS.Gen2 gefunden in Windows\installer - Standard$ TR/ATRAPS.Gen2 gefunden in Windows\installer Alles klar __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

TR/ATRAPS.Gen2 gefunden in Windows\installer

Plagegeister aller Art und deren Bekämpfung: TR/ATRAPS.Gen2 gefunden in Windows\installer