Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: wssetup.exe erscheint beim Starten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.06.2013, 16:24   #1
Seoman1958
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Ich habe auch das Problem mit dem wssetup.exe beim Starten meines Notebooks. Vielen Dank für eure Hilfe!

Hier meine beiden Logfiles:

PHP-Code:
OTL logfile created on6/9/2013 5:15:58 PM Run 1
OTL by OldTimer 
Version 3.2.69.0     Folder C:\Users\Michael\Downloads
 Home Premium Edition Service Pack 1 
(Version 6.1.7601) - Type NTWorkstation
Internet Explorer 
(Version 9.10.9200.16576)
Locale00000409 CountryDeutschland LanguageDEU Date Formatdd.MM.yyyy
 
2.97 Gb Total Physical Memory 
1.69 Gb Available Physical Memory 56.85Memory free
5.93 Gb Paging File 
4.57 Gb Available in Paging File 77.17Paging File free
Paging file location
(s): ?:\pagefile.sys [binary data]
 
%
SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C
: | 63.09 Gb Total Space 27.74 Gb Free Space 43.96Space Free Partition TypeNTFS
Drive D
: | 387.57 Gb Total Space 46.73 Gb Free Space 12.06Space Free Partition TypeNTFS
 
Computer Name
MICHAEL-PC User Name: ** | Logged in as Administrator.
Boot ModeNormal Scan ModeAll users
Company Name Whitelist
Off Skip Microsoft FilesOff No Company Name WhitelistOn File Age 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/06/09 17:11:35 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Downloads\OTL.exe
PRC 
- [2013/06/04 20:01:31 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC 
- [2013/05/26 15:49:40 001,855,880 | ---- | M] (Adobe SystemsInc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC 
- [2013/05/14 00:54:12 004,937,264 | ---- | M] (AVG Technologies CZs.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC 
- [2013/04/29 00:58:42 004,408,368 | ---- | M] (AVG Technologies CZs.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC 
- [2013/04/18 04:34:38 000,283,136 | ---- | M] (AVG Technologies CZs.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC 
- [2013/04/04 03:15:08 001,117,232 | ---- | M] (AVG Technologies CZs.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC 
- [2013/03/28 02:48:36 000,763,952 | ---- | M] (AVG Technologies CZs.r.o.) -- C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
PRC 
- [2013/03/18 02:38:48 000,799,280 | ---- | M] (AVG Technologies CZs.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC 
- [2013/02/19 04:00:58 000,448,560 | ---- | M] (AVG Technologies CZs.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC 
- [2012/11/30 04:55:25 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC 
- [2012/08/19 14:14:35 003,246,040 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC 
- [2012/08/15 19:08:34 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC 
- [2011/09/22 22:21:12 000,395,344 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC 
- [2011/09/22 22:21:10 000,805,032 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC 
- [2011/09/22 22:20:44 005,587,832 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC 
- [2011/09/22 16:00:52 002,571,032 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
PRC 
- [2011/03/14 17:27:28 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC 
- [2011/03/14 17:27:28 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC 
- [2011/02/25 07:30:54 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC 
- [2010/07/14 15:20:22 000,150,096 | ---- | M] (Paragon Software Group) -- C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhservice.exe
PRC 
- [2010/07/14 15:20:22 000,068,176 | ---- | M] (Paragon Software Group) -- C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhagent.exe
PRC 
- [2010/06/29 06:00:16 000,074,752 | ---- | M] (NullsoftInc.) -- C:\Program Files\Winamp\winampa.exe
PRC 
- [2010/02/26 18:19:54 003,623,424 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC 
- [2009/12/17 14:25:08 000,149,136 | ---- | M] () -- C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe
PRC 
- [2009/12/17 14:25:02 001,148,560 | ---- | M] () -- C:\Program Files\TwonkyMedia\TwonkyMediaServer.exe
PRC 
- [2009/11/04 06:11:48 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC 
- [2009/10/26 13:53:14 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC 
- [2009/10/13 12:03:04 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC 
- [2009/10/07 03:31:56 002,246,144 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC 
- [2009/08/27 17:09:10 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC 
- [2009/08/13 21:58:10 000,044,312 | ---- | M] () -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
PRC 
- [2009/06/03 13:59:02 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC 
- [2009/04/15 16:52:06 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/06/04 20:01:30 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD 
- [2013/05/26 15:49:39 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD 
- [2011/10/05 04:52:30 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD 
- [2011/09/22 22:20:28 011,233,136 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\Common\ti_managers.dll
MOD 
- [2011/06/22 12:46:12 000,434,016 | ---- | M] () -- C:\PROGRA~1\MICROS~3\Office12\ADDINS\UMOUTL~1.DLL
MOD 
- [2009/06/03 13:59:14 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD 
- [2009/06/03 13:59:02 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD 
- [2009/02/27 12:56:34 000,016,768 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll
MOD 
- [2009/02/26 14:46:56 000,064,344 | ---- | M] () -- C:\PROGRA~1\MICROS~3\Office12\ADDINS\COLLEA~1.DLL
MOD 
- [2006/08/12 05:48:40 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013/06/04 20:01:30 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/26 15:49:52 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/14 00:54:12 004,937,264 | ---- | M] (AVG Technologies CZs.r.o.) [Auto Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/18 04:34:38 000,283,136 | ---- | M] (AVG Technologies CZs.r.o.) [Auto Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/08/19 14:14:35 003,246,040 | ---- | M] (Acronis) [Auto Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012/04/26 11:14:06 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV - [2011/09/22 22:21:10 000,805,032 | ---- | M] (Acronis) [Auto Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/03/14 17:27:28 000,271,712 | ---- | M] () [Auto Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010/07/14 15:20:22 000,150,096 | ---- | M] (Paragon Software Group) [On_Demand Running] -- C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhservice.exe -- (Paragon System Backup Dienst)
SRV - [2010/02/26 18:19:54 003,623,424 | ---- | M] (Native Instruments GmbH) [Auto Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2009/12/17 14:25:08 000,149,136 | ---- | M] () [Auto Running] -- C:\Program Files\TwonkyMedia\twonkymediaserverwatchdog.exe -- (TwonkyMedia)
SRV - [2009/08/27 17:09:10 001,253,376 | ---- | M] (MAGIX AG) [Auto Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/08/24 21:16:36 000,406,016 | ---- | M] (mst software GmbHGermany) [On_Demand Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS.exe -- (DfSdkS)
SRV - [2009/08/13 21:58:10 000,044,312 | ---- | M] () [Auto Running] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/07/14 03:16:13 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008/08/07 11:10:02 003,276,800 | ---- | M] (MAGIX®) [On_Demand Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/05/31 16:21:24 000,379,784 | ---- | M] (Microsoft Corporation) [Auto Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:21:18 000,183,688 | ---- | M] (Microsoft Corporation) [Auto Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
[
color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2013/05/01 12:47:56 000,016,048 | ---- | M] (G Data Software) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\GdPhyMem.sys -- (GdPhyMem)
DRV - [2013/03/29 02:53:48 000,208,184 | ---- | M] (AVG Technologies CZs.r.o.) [Kernel System Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/03/21 03:08:24 000,182,072 | ---- | M] (AVG Technologies CZs.r.o.) [Kernel System Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/01 10:32:20 000,022,328 | ---- | M] (AVG Technologies CZs.r.o.) [Kernel System Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/02/18 10:22:18 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013/02/08 04:37:58 000,096,568 | ---- | M] (AVG Technologies CZs.r.o.) [File_System Boot Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/02/08 04:37:56 000,245,048 | ---- | M] (AVG Technologies CZs.r.o.) [Kernel Boot Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/02/08 04:37:52 000,060,216 | ---- | M] (AVG Technologies CZs.r.o.) [Kernel Boot Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/02/08 04:37:44 000,170,808 | ---- | M] (AVG Technologies CZs.r.o.) [Kernel System Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/02/08 04:37:40 000,039,224 | ---- | M] (AVG Technologies CZs.r.o.) [File_System Boot Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/09/27 22:16:09 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2012/09/27 22:16:09 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012/09/27 22:16:09 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2012/09/27 22:16:09 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012/09/27 22:16:09 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2012/09/27 22:16:09 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2012/08/23 16:44:32 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 16:40:25 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/08/19 14:14:36 000,167,968 | ---- | M] (Acronis) [File_System On_Demand Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2012/08/19 14:14:34 000,752,128 | ---- | M] (Acronis) [Kernel Boot Running] -- C:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273)
DRV - [2012/08/19 14:14:33 000,600,928 | ---- | M] (Acronis) [Kernel Boot Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2012/08/19 14:14:29 000,170,528 | ---- | M] (Acronis) [Kernel Boot Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2011/12/15 20:29:42 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2011/12/13 04:32:24 002,228,224 | ---- | M] (Atheros CommunicationsInc.) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/11/20 11:59:44 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel On_Demand Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010/07/14 15:20:22 000,395,464 | ---- | M] (Paragon) [Kernel System Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/07/14 15:20:20 000,056,208 | ---- | M] (Paragon Software Group) [Kernel Boot Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2010/07/14 15:20:20 000,037,080 | ---- | M] (Windows (R2000 DDK provider) [Kernel System Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2009/11/06 06:07:10 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/28 11:22:00 000,315,392 | ---- | M] () [Kernel On_Demand Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 01:52:10 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel On_Demand Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
 
 
[
color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings"ProxyEnable" 0
IE 
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings"ProxyOverride" = *.local
 
IE 
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings"ProxyEnable" 0
IE 
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings"ProxyOverride" = *.local
 
 
 
IE 
HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_deDE387
IE HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings"ProxyEnable" 0
IE 
HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings"ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF prefs.js..browser.startup.homepage"hxxp://www.htp.net/"
FF prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF 
prefs.js..extensions.enabledAddons: %7Bd49175b3-3fd8-43b8-b28e-da5d47f3c398%7D:1.0.49
FF 
prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF 
prefs.js..extensions.enabledItemslinkfilter@kaspersky.ru:9.0.0.747
FF 
prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF 
prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF 
prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF 
prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF 
prefs.js..extensions.enabledItemsfirefox@tvunetworks.com:2
FF 
prefs.js..extensions.enabledItems5
FF 
prefs.js..extensions.enabledItems3
FF 
prefs.js..extensions.enabledItems1
FF 
prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF 
prefs.js..extensions.enabledItems: {d49175b3-3fd8-43b8-b28e-da5d47f3c398}:1.0.36
FF 
prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF 
prefs.js..keyword.URL"hxxp://search.sweetim.com/search.asp?src=2&q="
 
 
FF HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayerC:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPluginC:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll Microsoft Corporation)
FF HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayerC:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPluginC:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.comInc.)
 
FF HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ruC:\Program Files\Kaspersky Security Suite CBE 12\FFExt\linkfilter@kaspersky.ru
FF 
HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\ComponentsC:\Program Files\Mozilla Firefox\components [2013/06/04 20:01:32 000,000,000 | ---M]
FF HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\PluginsC:\Program Files\Mozilla Firefox\plugins [2013/06/04 20:01:24 000,000,000 | ---M]
FF HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\ComponentsC:\Program Files\Mozilla Firefox\components [2013/06/04 20:01:32 000,000,000 | ---M]
FF HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\PluginsC:\Program Files\Mozilla Firefox\plugins [2013/06/04 20:01:24 000,000,000 | ---M]
 
[
2010/07/06 16:14:27 000,000,000 | ---M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions
[2013/05/31 01:04:03 000,000,000 | ---M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\mulazplg.default\extensions
[2011/03/06 18:58:05 000,000,000 | ---M] (TVU Web Player) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\mulazplg.default\extensions\firefox@tvunetworks.com
[2013/01/01 15:35:38 000,036,098 | ---- | M] () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\mulazplg.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013/05/31 01:04:03 000,395,933 | ---- | M] () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\mulazplg.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi
[2012/10/05 19:03:56 000,003,915 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\mulazplg.default\searchplugins\sweetim.xml
[2013/06/04 20:01:32 000,000,000 | ---M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/06/04 20:01:23 000,000,000 | ---M] (Anti-Banner) -- C:\Program Files\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2013/06/04 20:01:23 000,000,000 | ---M] (Modul zur Link-Untersuchung) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak2
[2013/06/04 20:01:32 000,000,000 | ---M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013/06/04 20:01:32 000,000,000 | ---M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[
2012/02/18 13:37:19 000,476,904 | ---- | M] (Sun MicrosystemsInc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/06/29 06:01:22 000,012,800 | ---- | M] (NullsoftInc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
 
O1 HOSTS File
: ([2009/06/10 23:39:37 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 
HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 HKLM\..\Toolbar: (no name) - Locked No CLSID value found.
O3 HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 HKLM..\Run: [Acronis Scheduler2 ServiceC:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 HKLM..\Run: [APLangAppC:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft)
O4 HKLM..\Run: [APSDaemonC:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 HKLM..\Run: [AVG_UIC:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZs.r.o.)
O4 HKLM..\Run: [CLMLServerC:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 HKLM..\Run: [DBHAgentC:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhagent.exe (Paragon Software Group)
O4 HKLM..\Run: [Nikon Message Center 2C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 HKLM..\Run: [PDVD8LanguageShortcutC:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 HKLM..\Run: [RemoteControl8C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 HKLM..\Run: [SAOB MonitorC:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 HKLM..\Run: [Sweetpacks CommunicatorC:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 HKLM..\Run: [TrueImageMonitor.exeC:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 HKLM..\Run: [UpdateLBPShortCutC:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 HKLM..\Run: [UpdateP2GoShortCutC:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 HKLM..\Run: [UpdatePDRShortCutC:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 HKLM..\Run: [UpdatePPShortCutC:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 HKLM..\Run: [UpdatePSTShortCutC:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 HKLM..\Run: [WinampAgentC:\Program Files\Winamp\winampa.exe (NullsoftInc.)
O4 HKU\S-1-5-19..\RunOnce: [mctadminC:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 HKU\S-1-5-20..\RunOnce: [mctadminC:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\SystemConsentPromptBehaviorAdmin 5
O6 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\SystemConsentPromptBehaviorUser 3
O6 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\SystemEnableLinkedConnections 1
O8 
Extra context menu itemGoogle Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 Extra context menu itemNach Microsoft E&xel exportieren res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 Extra ButtonAn OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 Extra 'Tools' menuitem An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 Extra ButtonResearch - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 gopher Prefixmissing
O17 
HKLM\System\CCS\Services\Tcpip\ParametersDhcpNameServer 192.168.178.1
O17 
HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B615BCA-6C96-4AC0-99A9-F03F078B60B1}: DhcpNameServer 192.168.178.1
O17 
HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4BDC275-5456-4B8E-AD67-E39D988F8DBC}: NameServer 139.7.30.125 139.7.30.126
O18 
Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 HKLM WinlogonShell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 HKLM WinlogonUserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 HKLM WinlogonVMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 Winlogon\Notify\klogonDllName - (C:\windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 SSODLWebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 HKLM CDRomAutoRun 1
O32 
AutoRun File - [2009/06/10 23:42:20 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 MountPoints2\{49486541-08dd-11e2-b70a-00245466819f}\Shell "" AutoRun
O33 
MountPoints2\{49486541-08dd-11e2-b70a-00245466819f}\Shell\AutoRun\command "" F:\AutoRun.exe
O33 
MountPoints2\{49486564-08dd-11e2-b70a-00245466819f}\Shell "" AutoRun
O33 
MountPoints2\{49486564-08dd-11e2-b70a-00245466819f}\Shell\AutoRun\command "" F:\AutoRun.exe
O34 
HKLM BootExecute: (autocheck autochk *)
O35 HKLM\..comfile [open] -- "%1" %*
O35 HKLM\..exefile [open] -- "%1" %*
O37 HKLM\...com [@ = comfile] -- "%1" %*
O37 HKLM\...exe [@ = exefile] -- "%1" %*
O38 SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[
color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/06/04 20:01:23 000,000,000 | ---C] -- C:\Program Files\Mozilla Firefox
[2013/05/26 20:58:30 000,000,000 | ---C] -- C:\ProgramData\Nikon
[2013/05/26 16:15:28 000,000,000 | ---C] -- C:\ProgramData\Multipressor
[2013/05/26 16:10:30 000,000,000 | ---C] -- C:\Users\Michael\AppData\Roaming\Nikon
[2013/05/26 16:10:30 000,000,000 | ---C] -- C:\Users\Michael\AppData\Local\Nikon
[2013/05/26 15:57:29 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/05/26 15:57:28 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/05/26 15:57:28 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/05/26 15:57:27 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/05/26 15:57:27 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2013/05/26 15:57:26 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013/05/26 15:57:26 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2013/05/26 15:57:26 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2013/05/26 15:57:26 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2013/05/26 15:57:26 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2013/05/26 15:50:07 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013/05/26 15:49:55 000,000,000 | ---C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
[2013/05/26 15:49:54 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\authui.dll
[2013/05/26 15:49:54 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe
[2013/05/26 15:49:44 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wwanprotdim.dll
[2013/05/26 15:48:34 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys
[2013/05/26 15:45:27 000,000,000 RH-C] -- C:\ProgramData\Extensions
[2013/05/26 15:44:15 000,000,000 | ---C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2
[2013/05/26 15:44:14 000,000,000 | ---C] -- C:\Program Files\Common Files\Nikon
[2013/05/26 15:44:05 000,000,000 | ---C] -- C:\Program Files\Nikon
[2013/05/26 15:43:54 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ATL71.DLL
[2013/05/26 15:43:38 000,000,000 | ---C] -- C:\ProgramData\Ultima_T15
[2013/05/26 15:43:38 000,000,000 | ---C] -- C:\ProgramData\Flags
[2013/05/26 15:43:38 000,000,000 | ---C] -- C:\ProgramData\EnterNHelp
[2013/05/26 15:43:38 000,000,000 | ---C] -- C:\ProgramData\Electric Clav
[2013/05/26 15:41:19 000,000,000 | ---C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
[2013/05/26 15:37:57 000,000,000 | ---C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
[
color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/06/09 17:13:38 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/09 17:13:38 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/09 17:06:48 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/09 17:05:44 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/06/09 17:05:41 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/07 18:49:00 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/06/07 18:40:01 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/04 19:48:32 000,694,664 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2013/06/04 19:48:32 000,689,342 | ---- | M] () -- C:\windows\System32\perfh010.dat
[2013/06/04 19:48:32 000,654,400 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013/06/04 19:48:32 000,616,242 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/06/04 19:48:32 000,130,374 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2013/06/04 19:48:32 000,130,240 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013/06/04 19:48:32 000,127,378 | ---- | M] () -- C:\windows\System32\perfc010.dat
[2013/06/04 19:48:32 000,106,622 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/05/26 20:39:24 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2013/05/26 20:32:39 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2013/05/26 20:30:57 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/05/26 16:16:09 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\ViewNX 2.lnk
[2013/05/26 16:15:29 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLeo.DAT
[2013/05/26 16:15:28 000,000,268 RH-- | M] () -- C:\ProgramData\Font Book
[2013/05/26 16:15:28 000,000,268 RH-- | M] () -- C:\Users\Michael\AppData\Roaming\Flanger
[2013/05/26 16:06:57 000,431,480 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/05/26 15:49:40 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/05/26 15:49:40 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013/05/26 15:45:27 000,000,268 RH-- | M] () -- C:\Users\Michael\AppData\Roaming\Enhance Tuning
[2013/05/26 15:45:27 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2013/05/26 15:43:38 000,000,268 RH-- | M] () -- C:\ProgramData\External Build System
[2013/05/26 15:43:38 000,000,268 RH-- | M] () -- C:\ProgramData\Examples
[2013/05/26 15:43:38 000,000,268 RH-- | M] () -- C:\Users\Michael\AppData\Roaming\Equalizer
[2013/05/26 15:43:38 000,000,268 RH-- | M] () -- C:\Users\Michael\AppData\Roaming\Enhance Timing
[2013/05/26 15:43:05 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ATL71.DLL
[2013/05/26 15:37:57 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/05/11 12:44:31 000,012,931 | ---- | M] () -- C:\Users\Michael\Documents\i can't dance.p2g
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/05/26 20:30:57 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/05/26 16:15:28 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Font Book
[2013/05/26 16:15:28 | 000,000,268 | RH-- | C] () -- C:\Users\Michael\AppData\Roaming\Flanger
[2013/05/26 16:15:28 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2013/05/26 15:45:27 | 000,000,268 | RH-- | C] () -- C:\Users\Michael\AppData\Roaming\Enhance Tuning
[2013/05/26 15:45:27 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013/05/26 15:44:15 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\ViewNX 2.lnk
[2013/05/26 15:43:38 | 000,000,268 | RH-- | C] () -- C:\ProgramData\External Build System
[2013/05/26 15:43:38 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Examples
[2013/05/26 15:43:38 | 000,000,268 | RH-- | C] () -- C:\Users\Michael\AppData\Roaming\Equalizer
[2013/05/26 15:43:38 | 000,000,268 | RH-- | C] () -- C:\Users\Michael\AppData\Roaming\Enhance Timing
[2013/05/26 15:43:38 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013/05/26 15:43:38 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013/05/11 12:44:31 | 000,012,931 | ---- | C] () -- C:\Users\Michael\Documents\i can'
t dance.p2g
[2013/04/12 19:35:43 000,000,011 | ---- | C] () -- C:\ProgramData\.tv5
[2012/10/13 11:46:01 001,057,387 | ---- | C] () -- C:\windows\System32\sig.bin
[2012/05/17 17:44:44 000,017,408 | ---- | C] () -- C:\Users\Michael\AppData\Local\WebpageIcons.db
[2010/08/14 13:37:27 000,000,000 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\wklnhst.dat
[2010/07/06 14:37:11 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 06:42:31 000,000,227 RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[
HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[
HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" Both

End of report 
Code:
ATTFilter
OTL Extras logfile created on: 6/9/2013 5:15:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Michael\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 56.85% Memory free
5.93 Gb Paging File | 4.57 Gb Available in Paging File | 77.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 63.09 Gb Total Space | 27.74 Gb Free Space | 43.96% Space Free | Partition Type: NTFS
Drive D: | 387.57 Gb Total Space | 46.73 Gb Free Space | 12.06% Space Free | Partition Type: NTFS
 
Computer Name: MICHAEL-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02007219-019D-403E-88A4-952E741C9CC1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0A50BF23-04D0-42C9-93CA-A3595CA55164}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0C4F788F-267B-4FE3-847F-FB7613332A8A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{12650E80-432B-45B4-8E93-787FCBD611F1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{12AFA8F1-5038-4BCC-B83C-93358FFB8A87}" = rport=139 | protocol=6 | dir=out | app=system | 
"{22D614AD-9D2C-427E-A0C4-AC0A7640002F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{351FC438-771F-48E5-9A5A-906CF83C4542}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{54F88E13-9654-4076-B8E8-1E9BC366FC0C}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{65A897A6-3CC7-41BE-97F8-423A51A3ED69}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{69602ACA-E7E8-4D83-B419-9AD56023F2D4}" = rport=138 | protocol=17 | dir=out | app=system | 
"{6C94FBAF-F0E8-462D-A654-DD7AA421F10A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{84573A3C-B22B-44C1-8A66-21EE82C3D30A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{89BDDA84-D493-4419-BEB6-2B81C485F501}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8F941594-30BF-43E7-A526-CA1677C26944}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8FAAA6CE-7CEA-4D05-811B-77401B96121A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9996150D-BD90-42DB-8C2F-8C9B59D89CAE}" = lport=137 | protocol=17 | dir=in | app=system | 
"{BD3D0AAA-C20D-44E0-89DA-177D1A809651}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BEBBAFCC-C378-4538-A25B-D8CD17275F88}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CD77EAFD-9E6A-4B9E-AA6A-622B5DD32F8D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E0E65A92-1A11-470E-9573-F5AED7272A7D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E707D949-21B7-4DDB-AB15-18F9DACE9149}" = lport=139 | protocol=6 | dir=in | app=system | 
"{EBDC79C4-D918-4489-BB5A-377607B332E2}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F0AFA054-05CD-4EA9-BBA3-1652941CBECE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{FA1E46EF-A2AC-4215-BDBF-23480B411B0F}" = lport=80 | protocol=6 | dir=in | name=http | 
"{FB278F6B-870D-40A5-A1EB-ABDF9805F64D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FE773393-B80E-4DB7-B63D-AD76C2CC6EA7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07FF0C04-61B6-4636-88A9-62D4F2C8501A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{19343F13-8E89-435A-9584-389B97760D84}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{1B4A8D63-D7D1-415C-803A-98E0DFD28F92}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe | 
"{1D016E15-9399-43DA-AAAF-ABF09A2A148C}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | 
"{24473C82-A8DB-4C8A-B6F8-C07A3D23DA75}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{24695B1C-78E2-4193-BEB4-FE946B07F25C}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{30A83205-1B78-444C-9848-013FDB7B2DD2}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{3AAE6E3D-BE39-4B8F-A765-0B08DEEAC5E3}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{3AC32F33-032B-4C10-AFC3-CF4481176F36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3DACFF25-E8C1-4282-9D70-D0F517597324}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe | 
"{4704FFD6-4E89-40F2-B643-69F2A7C562B8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{473F9866-9F55-49F2-9B46-F4E6D93CFF9C}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe | 
"{49248FA3-EDAC-4FA6-8C0E-18FDD61F7DAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{49681F09-7951-4A5F-B98B-0689CD81B66A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4A94F875-C6D6-402C-9567-D653C4E2F3BF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{4E7F96FE-AFE7-4C15-AE44-5114CD500060}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{58BB822B-E7B0-44D6-844D-7D3A2E7CB4ED}" = protocol=6 | dir=out | app=system | 
"{5A98B02A-5DA7-42D1-A1B2-707051DC7DE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5E8196E4-077D-43F1-9E18-18A6A584FDF1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{61A6D4DA-827D-4C02-B7CA-4AFD0E4AE122}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{6460FA0D-7431-490B-B9C7-1996EEED2C58}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{64C81CC3-87F1-4071-83FE-EAF36E6EB822}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{71C4185A-B78C-48A2-B834-3F549396A112}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{73E30D35-EBEB-47D4-ACE6-826D49B10E29}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{773D060E-70CF-406C-B2C8-DFFBDB44FFAA}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{79FB855A-DED3-4D86-9035-50014026B1B7}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{7AFDE651-8994-4005-ABEC-A69564F85953}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | 
"{7C8817A0-7E0E-4D97-8CEA-32EA6802A1BE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7E0A1F95-A6EA-483C-8E58-00CEB1357C73}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7F14DD2C-450C-44EE-946B-C3ED9A5835F9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{80763932-6272-4EC3-922F-91E8FFCFF411}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{8753B019-D0E2-4D88-A5CC-7A0C30DED381}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{87AE0E9B-CD23-42BF-8F0F-1032707CD17E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{88435862-6516-40F6-B4EF-7068AF053E42}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8C050D42-9A64-47A7-AAA8-D48D3659EBFE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{A0F5BE82-46D9-458F-86DD-8C3A1B5424B0}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"{B15FED65-ECC3-4682-B20C-A5C9F0692518}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B97F9BF1-EB95-47DD-A3B5-3FFB4003B672}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe | 
"{C30B77C3-2880-4046-BFE0-A6A8B6E34B36}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CA839932-BF4B-47B3-9992-D9C03A8417EF}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"{CB180A22-9E7C-4988-AC8E-4FCB1A5F9A36}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{D40D6DEB-B149-42FD-B816-41E6CFF08A6F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D7B208A4-CC9C-43EF-956C-E574EBAB0D5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D8AABC73-EB37-4062-82CF-E334CAFD07E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{D8D81B36-CC17-44DE-A7E5-C9396826FCF2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{D9372FFC-6512-48D0-8D3A-84826B0502AF}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{DE85B61E-4C86-4186-A0A1-7B49450DA460}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E1A7A75B-BFED-40C7-9BED-8BDFE4CD3012}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E5E208BE-54AF-4BC0-892F-77BAB4540047}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{E796C6B6-E1AB-46D1-8CA8-8A89FB51BDC6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{EDF44AE9-AC13-4076-B3C7-A4A7CFE05609}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{F853473A-DB82-4BBA-A563-79CF19DC6EF5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{FBA2E909-CB10-4A09-BE75-1F3036E26D6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FF66BC49-C837-4E0B-8F85-55C11C43F8B5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | 
"{FF9FC9D6-D175-4F2F-9207-3D32F2EC24B3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{3B0C904E-34B5-4323-AF4B-9938FBBD0350}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe | 
"TCP Query User{64C46CDD-02FD-497E-8CB9-9529989442F6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{92BF445E-7F77-4FBE-98CD-A0E7885D00DD}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{B4D2D7BB-EB02-4253-878C-E75794D54C3C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{BD32B906-FDBB-4460-8C39-11C1B9A4710D}C:\program files\twonkymedia\mediamanager\twonkymediamanager.exe" = protocol=6 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
"TCP Query User{D88CF36C-DC63-4038-A9A5-8F01B49DE664}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{1745FE50-91E2-485B-9714-E8E71E7FED68}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{53A5D169-2125-4DE7-B678-B17980493692}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{82F89C51-B686-4FAD-8A7D-6966A6B8D591}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{BFE650E5-6BF5-4B45-A232-FB8892069E2C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{C23DC4B5-E8E5-4C35-B58C-A9451DBCCAA2}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{C9E321A2-465D-4E10-B534-287A2747F803}C:\program files\twonkymedia\mediamanager\twonkymediamanager.exe" = protocol=17 | dir=in | app=c:\program files\twonkymedia\mediamanager\twonkymediamanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013CCA52-DA56-4133-AC2B-1988A9568C30}" = Native Instruments Audio 4 DJ Driver
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis*True*Image*Home 2011
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{09D29DA8-F155-4AEA-A110-FA5F10895D88}" = COMPUTERBILD-Abzockschutz
"{0AFCF5C4-D09B-4BAA-8C4D-1F61CF67BD65}" = mufin player 2.0
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1E1DFF42-2EE8-4852-A7AB-C5174321D68F}" = Paragon Backup & Recovery™ 11 Kompakt
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ Driver
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{2AE79B77-E3FA-4F9C-93D7-4FC643516D6A}" = AVG 2013
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4209F371-7B85-60AD-E5CE-E4409D39E3DE}_is1" = Ashampoo WinOptimizer 2013 v.1.0.0
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612601db-4776-4127-bab5-d84b8644e530}" = Native Instruments Traktor Kontrol X1 Driver
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CC673E7-5271-409D-B196-BB76DA60300B}" = TwonkyMedia Windows Components
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5675A9E-F073-414A-9A04-F9BCD50459D7}" = Easy Network Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5089197-5B15-44AD-B0FC-2E94EE9ECB63}" = WinSysClean X
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}" = Samsung Support Center
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{DEE76D44-8D7C-4A32-8FAE-A813817631FC}" = AVG 2013
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E64C137C-D0B7-467A-B47F-460AAB30F0A3}" = ViewNX 2
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Allway Sync_is1" = Allway Sync version 12.12.13
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AVG" = AVG 2013
"CCleaner" = CCleaner
"CdCoverCreator" = CdCoverCreator 2.5.3
"CDex" = CDex - Open Source Digital Audio CD Extractor
"CyberGhost VPN_is1" = CyberGhost VPN
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.419
"Imperium Romanum" = Imperium Romanum 1.04 Gold Edition
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"MAGIX_MSI_mufin_player_2" = mufin player 2.0
"Marvell Miniport Driver" = Marvell Miniport Driver
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"TwonkyMedia Manager" = TwonkyMedia Manager
"Veetle TV" = Veetle TV 0.9.18
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"Virtual DJ Home Edition - Atomix Productions" = Virtual DJ Home Edition - Atomix Productions
"VLC media player" = VLC media player 1.1.0
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4/28/2013 1:33:42 PM | Computer Name = Michael-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 4/28/2013 2:20:05 PM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,
 Zeitstempel: 0x51650aee  Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,
 Zeitstempel: 0x51650a09  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b10e8  ID des fehlerhaften
 Prozesses: 0x1404  Startzeit der fehlerhaften Anwendung: 0x01ce443bcbf6f4c4  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 3fba5bee-b030-11e2-b742-00245466819f
 
Error - 5/1/2013 6:31:43 AM | Computer Name = Michael-PC | Source = Windows Search Service | ID = 3100
Description = 
 
Error - 5/1/2013 7:17:44 AM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0x156c  Startzeit der fehlerhaften Anwendung: 0x01ce465d78c7a824  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 be356ea9-b250-11e2-acf3-00245466819f
 
Error - 5/1/2013 7:19:30 AM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0x14f0  Startzeit der fehlerhaften Anwendung: 0x01ce465db9349c17  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 fdc03fe1-b250-11e2-acf3-00245466819f
 
Error - 5/1/2013 7:20:46 AM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0x324  Startzeit der fehlerhaften Anwendung: 0x01ce465de641dd1e  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 2ab5da36-b251-11e2-acf3-00245466819f
 
Error - 5/1/2013 8:37:38 AM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0xa68  Startzeit der fehlerhaften Anwendung: 0x01ce4668a1f8e0e8  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 e78f1ed1-b25b-11e2-9f27-00245466819f
 
Error - 5/1/2013 12:00:25 PM | Computer Name = Michael-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Name des fehlerhaften Moduls: presetup.exe, Version: 13.6.0.940,
 Zeitstempel: 0x5136228d  Ausnahmecode: 0x40000015  Fehleroffset: 0x001bdc0f  ID des fehlerhaften
 Prozesses: 0x150c  Startzeit der fehlerhaften Anwendung: 0x01ce4684f70936b2  Pfad der
 fehlerhaften Anwendung: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Michael\AppData\Local\Temp\RarSFX0\presetup.exe
Berichtskennung:
 3bd51fa4-b278-11e2-93b8-00245466819f
 
Error - 5/5/2013 1:59:31 PM | Computer Name = Michael-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 5/26/2013 9:42:47 AM | Computer Name = Michael-PC | Source = Windows Backup | ID = 4103
Description = 
 
[ System Events ]
Error - 6/7/2013 12:13:38 PM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86f-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/7/2013 12:15:16 PM | Computer Name = Michael-PC | Source = Microsoft-Windows-Application-Experience | ID = 205
Description = Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht
 initialisieren.
 
Error - 6/7/2013 1:07:33 PM | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 6/9/2013 10:58:29 AM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86e-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/9/2013 10:58:29 AM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86f-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/9/2013 11:04:37 AM | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 6/9/2013 11:05:48 AM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86e-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/9/2013 11:05:48 AM | Computer Name = Michael-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
 "\\?\Volume{8a99a86f-e1bd-11de-8c60-806e6f6e6963}" können nicht gelesen werden.
 
Error - 6/9/2013 11:07:23 AM | Computer Name = Michael-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
Error - 6/9/2013 11:07:23 AM | Computer Name = Michael-PC | Source = VDS Basic Provider | ID = 33554433
Description = 
 
 
< End of report >
         

Alt 09.06.2013, 16:27   #2
markusg
/// Malware-holic
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 09.06.2013, 19:49   #3
Seoman1958
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Hier bitte:

Code:
ATTFilter
20:48:48.0674 5528  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:48:48.0861 5528  ============================================================
20:48:48.0861 5528  Current date / time: 2013/06/09 20:48:48.0861
20:48:48.0861 5528  SystemInfo:
20:48:48.0861 5528  
20:48:48.0861 5528  OS Version: 6.1.7601 ServicePack: 1.0
20:48:48.0861 5528  Product type: Workstation
20:48:48.0861 5528  ComputerName: MICHAEL-PC
20:48:48.0861 5528  UserName: Michael
20:48:48.0861 5528  Windows directory: C:\windows
20:48:48.0861 5528  System windows directory: C:\windows
20:48:48.0861 5528  Processor architecture: Intel x86
20:48:48.0861 5528  Number of processors: 2
20:48:48.0861 5528  Page size: 0x1000
20:48:48.0861 5528  Boot type: Normal boot
20:48:48.0861 5528  ============================================================
20:48:49.0298 5528  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:48:49.0298 5528  ============================================================
20:48:49.0298 5528  \Device\Harddisk0\DR0:
20:48:49.0298 5528  MBR partitions:
20:48:49.0298 5528  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
20:48:49.0298 5528  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x7E2F000
20:48:49.0298 5528  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9C61800, BlocksNum 0x30724000
20:48:49.0298 5528  ============================================================
20:48:49.0329 5528  C: <-> \Device\Harddisk0\DR0\Partition2
20:48:49.0392 5528  D: <-> \Device\Harddisk0\DR0\Partition3
20:48:49.0392 5528  ============================================================
20:48:49.0392 5528  Initialize success
20:48:49.0392 5528  ============================================================
20:48:57.0956 4288  ============================================================
20:48:57.0956 4288  Scan started
20:48:57.0956 4288  Mode: Manual; 
20:48:57.0956 4288  ============================================================
20:48:58.0315 4288  ================ Scan system memory ========================
20:48:58.0315 4288  System memory - ok
20:48:58.0315 4288  ================ Scan services =============================
20:48:58.0486 4288  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
20:48:58.0486 4288  1394ohci - ok
20:48:58.0518 4288  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:48:58.0518 4288  ACPI - ok
20:48:58.0564 4288  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
20:48:58.0564 4288  AcpiPmi - ok
20:48:58.0689 4288  [ 49C47EBF1C9EF2C5D4988450D79FD544 ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
20:48:58.0705 4288  AcrSch2Svc - ok
20:48:58.0783 4288  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:48:58.0783 4288  AdobeFlashPlayerUpdateSvc - ok
20:48:58.0845 4288  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
20:48:58.0845 4288  adp94xx - ok
20:48:58.0861 4288  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
20:48:58.0892 4288  adpahci - ok
20:48:58.0892 4288  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
20:48:58.0908 4288  adpu320 - ok
20:48:58.0939 4288  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:48:58.0939 4288  AeLookupSvc - ok
20:48:59.0001 4288  [ 53696AD8FFC5FAC51949A525FF65A689 ] afcdp           C:\windows\system32\DRIVERS\afcdp.sys
20:48:59.0001 4288  afcdp - ok
20:48:59.0110 4288  [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv        C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
20:48:59.0126 4288  afcdpsrv - ok
20:48:59.0173 4288  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\windows\system32\drivers\afd.sys
20:48:59.0188 4288  AFD - ok
20:48:59.0204 4288  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\drivers\agp440.sys
20:48:59.0204 4288  agp440 - ok
20:48:59.0251 4288  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\windows\system32\DRIVERS\djsvs.sys
20:48:59.0251 4288  aic78xx - ok
20:48:59.0282 4288  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\windows\System32\alg.exe
20:48:59.0282 4288  ALG - ok
20:48:59.0298 4288  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\drivers\aliide.sys
20:48:59.0313 4288  aliide - ok
20:48:59.0313 4288  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\drivers\amdagp.sys
20:48:59.0329 4288  amdagp - ok
20:48:59.0360 4288  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\drivers\amdide.sys
20:48:59.0360 4288  amdide - ok
20:48:59.0391 4288  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
20:48:59.0391 4288  AmdK8 - ok
20:48:59.0391 4288  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
20:48:59.0391 4288  AmdPPM - ok
20:48:59.0422 4288  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:48:59.0422 4288  amdsata - ok
20:48:59.0438 4288  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
20:48:59.0438 4288  amdsbs - ok
20:48:59.0469 4288  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:48:59.0469 4288  amdxata - ok
20:48:59.0500 4288  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\windows\system32\drivers\appid.sys
20:48:59.0516 4288  AppID - ok
20:48:59.0547 4288  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:48:59.0547 4288  AppIDSvc - ok
20:48:59.0578 4288  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\windows\System32\appinfo.dll
20:48:59.0594 4288  Appinfo - ok
20:48:59.0641 4288  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:48:59.0656 4288  Apple Mobile Device - ok
20:48:59.0688 4288  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\windows\system32\DRIVERS\arc.sys
20:48:59.0688 4288  arc - ok
20:48:59.0688 4288  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
20:48:59.0703 4288  arcsas - ok
20:48:59.0703 4288  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:48:59.0703 4288  AsyncMac - ok
20:48:59.0734 4288  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\windows\system32\drivers\atapi.sys
20:48:59.0750 4288  atapi - ok
20:48:59.0812 4288  [ 49F17A2E79469BE6581D491706720671 ] athr            C:\windows\system32\DRIVERS\athr.sys
20:48:59.0859 4288  athr - ok
20:48:59.0906 4288  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:48:59.0906 4288  AudioEndpointBuilder - ok
20:48:59.0922 4288  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\windows\System32\Audiosrv.dll
20:48:59.0922 4288  Audiosrv - ok
20:49:00.0140 4288  [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
20:49:00.0171 4288  AVGIDSAgent - ok
20:49:00.0218 4288  [ 4750A2A188D39034F5DDDDAE1BF38BF8 ] AVGIDSDriver    C:\windows\system32\DRIVERS\avgidsdriverx.sys
20:49:00.0218 4288  AVGIDSDriver - ok
20:49:00.0265 4288  [ B0DEF92F4E1E6B9242E6C8FAB82703F7 ] AVGIDSHX        C:\windows\system32\DRIVERS\avgidshx.sys
20:49:00.0265 4288  AVGIDSHX - ok
20:49:00.0296 4288  [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim      C:\windows\system32\DRIVERS\avgidsshimx.sys
20:49:00.0296 4288  AVGIDSShim - ok
20:49:00.0327 4288  [ 08FA13787D77A75DC413E27FD92B44E8 ] Avgldx86        C:\windows\system32\DRIVERS\avgldx86.sys
20:49:00.0327 4288  Avgldx86 - ok
20:49:00.0374 4288  [ 3E587EE55C70E6DB78A98D7121D3052E ] Avglogx         C:\windows\system32\DRIVERS\avglogx.sys
20:49:00.0390 4288  Avglogx - ok
20:49:00.0405 4288  [ 5AC56B2CF8EE751796C5A8FC5C631B66 ] Avgmfx86        C:\windows\system32\DRIVERS\avgmfx86.sys
20:49:00.0405 4288  Avgmfx86 - ok
20:49:00.0436 4288  [ C29E6070396E437FDE184D739CCBA2C7 ] Avgrkx86        C:\windows\system32\DRIVERS\avgrkx86.sys
20:49:00.0436 4288  Avgrkx86 - ok
20:49:00.0452 4288  [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix         C:\windows\system32\DRIVERS\avgtdix.sys
20:49:00.0452 4288  Avgtdix - ok
20:49:00.0483 4288  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
20:49:00.0499 4288  avgwd - ok
20:49:00.0514 4288  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:49:00.0530 4288  AxInstSV - ok
20:49:00.0561 4288  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\windows\system32\DRIVERS\bxvbdx.sys
20:49:00.0561 4288  b06bdrv - ok
20:49:00.0608 4288  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
20:49:00.0624 4288  b57nd60x - ok
20:49:00.0795 4288  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
20:49:00.0795 4288  BDESVC - ok
20:49:00.0826 4288  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
20:49:00.0826 4288  Beep - ok
20:49:00.0858 4288  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\windows\System32\bfe.dll
20:49:00.0873 4288  BFE - ok
20:49:00.0904 4288  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\windows\System32\qmgr.dll
20:49:00.0920 4288  BITS - ok
20:49:00.0920 4288  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
20:49:00.0936 4288  blbdrive - ok
20:49:01.0014 4288  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:49:01.0014 4288  Bonjour Service - ok
20:49:01.0060 4288  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:49:01.0060 4288  bowser - ok
20:49:01.0092 4288  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
20:49:01.0092 4288  BrFiltLo - ok
20:49:01.0107 4288  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
20:49:01.0107 4288  BrFiltUp - ok
20:49:01.0138 4288  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\windows\System32\browser.dll
20:49:01.0138 4288  Browser - ok
20:49:01.0170 4288  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\windows\System32\Drivers\Brserid.sys
20:49:01.0170 4288  Brserid - ok
20:49:01.0185 4288  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
20:49:01.0185 4288  BrSerWdm - ok
20:49:01.0201 4288  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
20:49:01.0201 4288  BrUsbMdm - ok
20:49:01.0216 4288  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
20:49:01.0216 4288  BrUsbSer - ok
20:49:01.0232 4288  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
20:49:01.0232 4288  BTHMODEM - ok
20:49:01.0263 4288  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\windows\system32\bthserv.dll
20:49:01.0263 4288  bthserv - ok
20:49:01.0279 4288  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:49:01.0279 4288  cdfs - ok
20:49:01.0310 4288  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
20:49:01.0326 4288  cdrom - ok
20:49:01.0372 4288  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\windows\System32\certprop.dll
20:49:01.0372 4288  CertPropSvc - ok
20:49:01.0482 4288  [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
20:49:01.0575 4288  CGVPNCliSrvc - ok
20:49:01.0606 4288  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
20:49:01.0606 4288  circlass - ok
20:49:01.0638 4288  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
20:49:01.0638 4288  CLFS - ok
20:49:01.0700 4288  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:49:01.0716 4288  clr_optimization_v2.0.50727_32 - ok
20:49:01.0778 4288  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:49:01.0778 4288  clr_optimization_v4.0.30319_32 - ok
20:49:01.0794 4288  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
20:49:01.0794 4288  CmBatt - ok
20:49:01.0809 4288  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\drivers\cmdide.sys
20:49:01.0809 4288  cmdide - ok
20:49:01.0840 4288  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\windows\system32\Drivers\cng.sys
20:49:01.0840 4288  CNG - ok
20:49:01.0872 4288  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
20:49:01.0872 4288  Compbatt - ok
20:49:01.0918 4288  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
20:49:01.0918 4288  CompositeBus - ok
20:49:01.0934 4288  COMSysApp - ok
20:49:01.0934 4288  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
20:49:01.0950 4288  crcdisk - ok
20:49:01.0965 4288  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:49:01.0965 4288  CryptSvc - ok
20:49:01.0996 4288  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\windows\system32\rpcss.dll
20:49:01.0996 4288  DcomLaunch - ok
20:49:02.0028 4288  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\windows\System32\defragsvc.dll
20:49:02.0043 4288  defragsvc - ok
20:49:02.0074 4288  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
20:49:02.0074 4288  DfsC - ok
20:49:02.0199 4288  [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS          C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS.exe
20:49:02.0230 4288  DfSdkS - ok
20:49:02.0262 4288  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\windows\system32\dhcpcore.dll
20:49:02.0277 4288  Dhcp - ok
20:49:02.0293 4288  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
20:49:02.0293 4288  discache - ok
20:49:02.0324 4288  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\DRIVERS\disk.sys
20:49:02.0340 4288  Disk - ok
20:49:02.0371 4288  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:49:02.0371 4288  Dnscache - ok
20:49:02.0402 4288  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\windows\System32\dot3svc.dll
20:49:02.0402 4288  dot3svc - ok
20:49:02.0449 4288  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\windows\system32\dps.dll
20:49:02.0449 4288  DPS - ok
20:49:02.0480 4288  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:49:02.0480 4288  drmkaud - ok
20:49:02.0511 4288  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
20:49:02.0511 4288  DXGKrnl - ok
20:49:02.0542 4288  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\windows\System32\eapsvc.dll
20:49:02.0542 4288  EapHost - ok
20:49:02.0636 4288  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\windows\system32\DRIVERS\evbdx.sys
20:49:02.0745 4288  ebdrv - ok
20:49:02.0761 4288  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\windows\System32\lsass.exe
20:49:02.0761 4288  EFS - ok
20:49:02.0823 4288  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
20:49:02.0839 4288  ehRecvr - ok
20:49:02.0870 4288  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\windows\ehome\ehsched.exe
20:49:02.0886 4288  ehSched - ok
20:49:02.0932 4288  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
20:49:02.0932 4288  elxstor - ok
20:49:02.0964 4288  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\drivers\errdev.sys
20:49:02.0964 4288  ErrDev - ok
20:49:03.0010 4288  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\windows\system32\es.dll
20:49:03.0026 4288  EventSystem - ok
20:49:03.0073 4288  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\windows\system32\DRIVERS\ew_hwusbdev.sys
20:49:03.0088 4288  ew_hwusbdev - ok
20:49:03.0120 4288  [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\windows\system32\DRIVERS\ew_usbenumfilter.sys
20:49:03.0120 4288  ew_usbenumfilter - ok
20:49:03.0135 4288  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\windows\system32\drivers\exfat.sys
20:49:03.0151 4288  exfat - ok
20:49:03.0198 4288  Fabs - ok
20:49:03.0229 4288  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\windows\system32\drivers\fastfat.sys
20:49:03.0229 4288  fastfat - ok
20:49:03.0276 4288  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\windows\system32\fxssvc.exe
20:49:03.0291 4288  Fax - ok
20:49:03.0307 4288  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\windows\system32\DRIVERS\fdc.sys
20:49:03.0307 4288  fdc - ok
20:49:03.0338 4288  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\windows\system32\fdPHost.dll
20:49:03.0338 4288  fdPHost - ok
20:49:03.0354 4288  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
20:49:03.0354 4288  FDResPub - ok
20:49:03.0369 4288  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:49:03.0369 4288  FileInfo - ok
20:49:03.0385 4288  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
20:49:03.0385 4288  Filetrace - ok
20:49:03.0494 4288  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
20:49:03.0588 4288  FirebirdServerMAGIXInstance - ok
20:49:03.0619 4288  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
20:49:03.0619 4288  flpydisk - ok
20:49:03.0650 4288  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:49:03.0650 4288  FltMgr - ok
20:49:03.0697 4288  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\windows\system32\FntCache.dll
20:49:03.0697 4288  FontCache - ok
20:49:03.0744 4288  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:49:03.0744 4288  FontCache3.0.0.0 - ok
20:49:03.0759 4288  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
20:49:03.0775 4288  FsDepends - ok
20:49:03.0806 4288  [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
20:49:03.0806 4288  fssfltr - ok
20:49:03.0868 4288  [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:49:03.0884 4288  fsssvc - ok
20:49:03.0915 4288  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:49:03.0915 4288  Fs_Rec - ok
20:49:03.0946 4288  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:49:03.0946 4288  fvevol - ok
20:49:03.0993 4288  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
20:49:03.0993 4288  gagp30kx - ok
20:49:04.0071 4288  [ 4AD4C21D7B82180B0E8CC722E07891B0 ] GdPhyMem        C:\windows\system32\drivers\GdPhyMem.sys
20:49:04.0071 4288  GdPhyMem - ok
20:49:04.0102 4288  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:49:04.0118 4288  GEARAspiWDM - ok
20:49:04.0149 4288  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\windows\System32\gpsvc.dll
20:49:04.0149 4288  gpsvc - ok
20:49:04.0227 4288  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:49:04.0227 4288  gupdate - ok
20:49:04.0258 4288  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:49:04.0258 4288  gupdatem - ok
20:49:04.0290 4288  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
20:49:04.0290 4288  hcw85cir - ok
20:49:04.0336 4288  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:49:04.0336 4288  HdAudAddService - ok
20:49:04.0368 4288  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
20:49:04.0383 4288  HDAudBus - ok
20:49:04.0399 4288  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
20:49:04.0399 4288  HidBatt - ok
20:49:04.0414 4288  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
20:49:04.0414 4288  HidBth - ok
20:49:04.0430 4288  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
20:49:04.0430 4288  HidIr - ok
20:49:04.0461 4288  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\windows\system32\hidserv.dll
20:49:04.0461 4288  hidserv - ok
20:49:04.0477 4288  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
20:49:04.0492 4288  HidUsb - ok
20:49:04.0508 4288  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:49:04.0508 4288  hkmsvc - ok
20:49:04.0524 4288  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:49:04.0539 4288  HomeGroupListener - ok
20:49:04.0555 4288  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:49:04.0555 4288  HomeGroupProvider - ok
20:49:04.0602 4288  [ 39AE0BE51F51A660CE2B14AF9BE8548F ] hotcore3        C:\windows\system32\DRIVERS\hotcore3.sys
20:49:04.0602 4288  hotcore3 - ok
20:49:04.0633 4288  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
20:49:04.0633 4288  HpSAMD - ok
20:49:04.0680 4288  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:49:04.0680 4288  HTTP - ok
20:49:04.0726 4288  [ 3170044AA8090F80839D3D4330BF733A ] huawei_cdcacm   C:\windows\system32\DRIVERS\ew_jucdcacm.sys
20:49:04.0726 4288  huawei_cdcacm - ok
20:49:04.0758 4288  [ F44461E66F1B7DD267957FE9BAA63ED0 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
20:49:04.0758 4288  huawei_enumerator - ok
20:49:04.0773 4288  [ 69A103138B77AC0950EC3846E2E6F655 ] huawei_ext_ctrl C:\windows\system32\DRIVERS\ew_juextctrl.sys
20:49:04.0773 4288  huawei_ext_ctrl - ok
20:49:04.0820 4288  [ 7DE001BAB4056257E1792AF1FCFA489F ] huawei_wwanecm  C:\windows\system32\DRIVERS\ew_juwwanecm.sys
20:49:04.0820 4288  huawei_wwanecm - ok
20:49:04.0945 4288  [ 5EF3427AE503B5C03A48F7C9FF458B69 ] HWDeviceService.exe C:\ProgramData\DatacardService\HWDeviceService.exe
20:49:04.0945 4288  HWDeviceService.exe - ok
20:49:04.0992 4288  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:49:04.0992 4288  hwpolicy - ok
20:49:05.0038 4288  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
20:49:05.0038 4288  i8042prt - ok
20:49:05.0085 4288  [ 0BAA4115DFFFD6A6D809A89D65E1281A ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
20:49:05.0085 4288  iaStor - ok
20:49:05.0116 4288  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
20:49:05.0132 4288  iaStorV - ok
20:49:05.0210 4288  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:49:05.0226 4288  IDriverT - ok
20:49:05.0272 4288  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:49:05.0304 4288  idsvc - ok
20:49:05.0460 4288  [ AD626F6964F4D364D226C39E06872DD3 ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
20:49:05.0600 4288  igfx - ok
20:49:05.0631 4288  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
20:49:05.0631 4288  iirsp - ok
20:49:05.0662 4288  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\windows\System32\ikeext.dll
20:49:05.0694 4288  IKEEXT - ok
20:49:05.0787 4288  [ 3202E26501E5E18C35DC2CC74709A704 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
20:49:05.0803 4288  IntcAzAudAddService - ok
20:49:05.0850 4288  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\drivers\intelide.sys
20:49:05.0850 4288  intelide - ok
20:49:05.0881 4288  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
20:49:05.0881 4288  intelppm - ok
20:49:05.0912 4288  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
20:49:05.0912 4288  IPBusEnum - ok
20:49:05.0943 4288  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:49:05.0943 4288  IpFilterDriver - ok
20:49:05.0990 4288  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
20:49:06.0006 4288  iphlpsvc - ok
20:49:06.0037 4288  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
20:49:06.0037 4288  IPMIDRV - ok
20:49:06.0068 4288  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\windows\system32\drivers\ipnat.sys
20:49:06.0068 4288  IPNAT - ok
20:49:06.0099 4288  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:49:06.0099 4288  IRENUM - ok
20:49:06.0130 4288  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\drivers\isapnp.sys
20:49:06.0130 4288  isapnp - ok
20:49:06.0146 4288  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
20:49:06.0162 4288  iScsiPrt - ok
20:49:06.0193 4288  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
20:49:06.0193 4288  kbdclass - ok
20:49:06.0208 4288  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
20:49:06.0208 4288  kbdhid - ok
20:49:06.0224 4288  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\windows\system32\lsass.exe
20:49:06.0224 4288  KeyIso - ok
20:49:06.0255 4288  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:49:06.0255 4288  KSecDD - ok
20:49:06.0286 4288  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
20:49:06.0286 4288  KSecPkg - ok
20:49:06.0318 4288  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\windows\system32\msdtckrm.dll
20:49:06.0333 4288  KtmRm - ok
20:49:06.0396 4288  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\windows\system32\srvsvc.dll
20:49:06.0396 4288  LanmanServer - ok
20:49:06.0411 4288  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:49:06.0427 4288  LanmanWorkstation - ok
20:49:06.0458 4288  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:49:06.0458 4288  lltdio - ok
20:49:06.0489 4288  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\windows\System32\lltdsvc.dll
20:49:06.0489 4288  lltdsvc - ok
20:49:06.0505 4288  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\windows\System32\lmhsvc.dll
20:49:06.0520 4288  lmhosts - ok
20:49:06.0536 4288  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
20:49:06.0536 4288  LSI_FC - ok
20:49:06.0567 4288  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
20:49:06.0583 4288  LSI_SAS - ok
20:49:06.0583 4288  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
20:49:06.0583 4288  LSI_SAS2 - ok
20:49:06.0614 4288  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
20:49:06.0614 4288  LSI_SCSI - ok
20:49:06.0630 4288  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\windows\system32\drivers\luafv.sys
20:49:06.0630 4288  luafv - ok
20:49:06.0676 4288  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
20:49:06.0676 4288  Mcx2Svc - ok
20:49:06.0692 4288  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
20:49:06.0708 4288  megasas - ok
20:49:06.0723 4288  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
20:49:06.0739 4288  MegaSR - ok
20:49:06.0801 4288  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:49:06.0801 4288  Microsoft Office Groove Audit Service - ok
20:49:06.0832 4288  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\windows\system32\mmcss.dll
20:49:06.0832 4288  MMCSS - ok
20:49:06.0864 4288  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\windows\system32\drivers\modem.sys
20:49:06.0879 4288  Modem - ok
20:49:06.0895 4288  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
20:49:06.0895 4288  monitor - ok
20:49:06.0910 4288  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
20:49:06.0910 4288  mouclass - ok
20:49:06.0957 4288  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
20:49:06.0957 4288  mouhid - ok
20:49:06.0988 4288  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:49:06.0988 4288  mountmgr - ok
20:49:07.0066 4288  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:49:07.0066 4288  MozillaMaintenance - ok
20:49:07.0098 4288  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\windows\system32\drivers\mpio.sys
20:49:07.0098 4288  mpio - ok
20:49:07.0129 4288  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:49:07.0129 4288  mpsdrv - ok
20:49:07.0176 4288  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\windows\system32\mpssvc.dll
20:49:07.0176 4288  MpsSvc - ok
20:49:07.0207 4288  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:49:07.0207 4288  MRxDAV - ok
20:49:07.0254 4288  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:49:07.0269 4288  mrxsmb - ok
20:49:07.0300 4288  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:49:07.0300 4288  mrxsmb10 - ok
20:49:07.0316 4288  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:49:07.0316 4288  mrxsmb20 - ok
20:49:07.0332 4288  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\windows\system32\drivers\msahci.sys
20:49:07.0332 4288  msahci - ok
20:49:07.0347 4288  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\windows\system32\drivers\msdsm.sys
20:49:07.0347 4288  msdsm - ok
20:49:07.0363 4288  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\windows\System32\msdtc.exe
20:49:07.0378 4288  MSDTC - ok
20:49:07.0410 4288  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:49:07.0410 4288  Msfs - ok
20:49:07.0410 4288  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
20:49:07.0410 4288  mshidkmdf - ok
20:49:07.0441 4288  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
20:49:07.0441 4288  msisadrv - ok
20:49:07.0472 4288  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
20:49:07.0472 4288  MSiSCSI - ok
20:49:07.0488 4288  msiserver - ok
20:49:07.0503 4288  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:49:07.0503 4288  MSKSSRV - ok
20:49:07.0519 4288  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:49:07.0519 4288  MSPCLOCK - ok
20:49:07.0519 4288  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:49:07.0519 4288  MSPQM - ok
20:49:07.0550 4288  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
20:49:07.0550 4288  MsRPC - ok
20:49:07.0566 4288  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
20:49:07.0566 4288  mssmbios - ok
20:49:07.0581 4288  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
20:49:07.0581 4288  MSTEE - ok
20:49:07.0597 4288  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
20:49:07.0597 4288  MTConfig - ok
20:49:07.0612 4288  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\windows\system32\Drivers\mup.sys
20:49:07.0612 4288  Mup - ok
20:49:07.0644 4288  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\windows\system32\qagentRT.dll
20:49:07.0644 4288  napagent - ok
20:49:07.0675 4288  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
20:49:07.0675 4288  NativeWifiP - ok
20:49:07.0722 4288  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\windows\system32\drivers\ndis.sys
20:49:07.0722 4288  NDIS - ok
20:49:07.0753 4288  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
20:49:07.0753 4288  NdisCap - ok
20:49:07.0768 4288  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:49:07.0784 4288  NdisTapi - ok
20:49:07.0815 4288  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:49:07.0815 4288  Ndisuio - ok
20:49:07.0846 4288  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:49:07.0846 4288  NdisWan - ok
20:49:07.0878 4288  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:49:07.0878 4288  NDProxy - ok
20:49:07.0909 4288  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:49:07.0909 4288  NetBIOS - ok
20:49:07.0940 4288  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:49:07.0940 4288  NetBT - ok
20:49:07.0956 4288  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\windows\system32\lsass.exe
20:49:07.0956 4288  Netlogon - ok
20:49:08.0002 4288  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
20:49:08.0002 4288  Netman - ok
20:49:08.0034 4288  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
20:49:08.0034 4288  netprofm - ok
20:49:08.0049 4288  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:49:08.0065 4288  NetTcpPortSharing - ok
20:49:08.0096 4288  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
20:49:08.0096 4288  nfrd960 - ok
20:49:08.0252 4288  [ 60D2F9D8EF710DAD628B4DDCD759F0BC ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
20:49:08.0283 4288  NIHardwareService - ok
20:49:08.0314 4288  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\windows\System32\nlasvc.dll
20:49:08.0314 4288  NlaSvc - ok
20:49:08.0330 4288  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:49:08.0330 4288  Npfs - ok
20:49:08.0361 4288  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\windows\system32\nsisvc.dll
20:49:08.0361 4288  nsi - ok
20:49:08.0377 4288  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:49:08.0377 4288  nsiproxy - ok
20:49:08.0439 4288  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:49:08.0455 4288  Ntfs - ok
20:49:08.0486 4288  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
20:49:08.0486 4288  Null - ok
20:49:08.0517 4288  [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA           C:\windows\system32\drivers\nvhda32v.sys
20:49:08.0517 4288  NVHDA - ok
20:49:08.0736 4288  [ 104C0FE08DD64965CF788D91CCBB2CC6 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
20:49:08.0798 4288  nvlddmkm - ok
20:49:08.0829 4288  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:49:08.0845 4288  nvraid - ok
20:49:08.0860 4288  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:49:08.0860 4288  nvstor - ok
20:49:08.0907 4288  [ 63A9CACE87C31A46BDF4AD448D9A033A ] nvsvc           C:\windows\system32\nvvsvc.exe
20:49:08.0907 4288  nvsvc - ok
20:49:08.0938 4288  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
20:49:08.0938 4288  nv_agp - ok
20:49:08.0985 4288  [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
20:49:09.0001 4288  OberonGameConsoleService - ok
20:49:09.0079 4288  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:49:09.0094 4288  odserv - ok
20:49:09.0126 4288  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
20:49:09.0126 4288  ohci1394 - ok
20:49:09.0172 4288  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:49:09.0172 4288  ose - ok
20:49:09.0204 4288  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:49:09.0204 4288  p2pimsvc - ok
20:49:09.0250 4288  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
20:49:09.0250 4288  p2psvc - ok
20:49:09.0328 4288  [ 85DDEEB05D78E2E0B3C43B233D46A8E0 ] Paragon System Backup Dienst C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhservice.exe
20:49:09.0344 4288  Paragon System Backup Dienst - ok
20:49:09.0375 4288  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\windows\system32\DRIVERS\parport.sys
20:49:09.0375 4288  Parport - ok
20:49:09.0406 4288  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\windows\system32\drivers\partmgr.sys
20:49:09.0406 4288  partmgr - ok
20:49:09.0422 4288  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
20:49:09.0422 4288  Parvdm - ok
20:49:09.0453 4288  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
20:49:09.0453 4288  PcaSvc - ok
20:49:09.0484 4288  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\windows\system32\drivers\pci.sys
20:49:09.0484 4288  pci - ok
20:49:09.0500 4288  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\drivers\pciide.sys
20:49:09.0500 4288  pciide - ok
20:49:09.0547 4288  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
20:49:09.0547 4288  pcmcia - ok
20:49:09.0578 4288  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\windows\system32\drivers\pcw.sys
20:49:09.0578 4288  pcw - ok
20:49:09.0625 4288  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:49:09.0625 4288  PEAUTH - ok
20:49:09.0703 4288  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\windows\system32\pla.dll
20:49:09.0750 4288  pla - ok
20:49:09.0781 4288  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:49:09.0796 4288  PlugPlay - ok
20:49:09.0812 4288  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
20:49:09.0812 4288  PNRPAutoReg - ok
20:49:09.0843 4288  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
20:49:09.0843 4288  PNRPsvc - ok
20:49:09.0890 4288  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
20:49:09.0890 4288  PolicyAgent - ok
20:49:09.0937 4288  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\windows\system32\umpo.dll
20:49:09.0937 4288  Power - ok
20:49:09.0968 4288  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:49:09.0968 4288  PptpMiniport - ok
20:49:09.0984 4288  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\windows\system32\DRIVERS\processr.sys
20:49:09.0984 4288  Processor - ok
20:49:10.0015 4288  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\windows\system32\profsvc.dll
20:49:10.0030 4288  ProfSvc - ok
20:49:10.0046 4288  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
20:49:10.0046 4288  ProtectedStorage - ok
20:49:10.0077 4288  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:49:10.0093 4288  Psched - ok
20:49:10.0124 4288  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
20:49:10.0155 4288  ql2300 - ok
20:49:10.0171 4288  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
20:49:10.0171 4288  ql40xx - ok
20:49:10.0202 4288  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\windows\system32\qwave.dll
20:49:10.0202 4288  QWAVE - ok
20:49:10.0218 4288  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:49:10.0218 4288  QWAVEdrv - ok
20:49:10.0280 4288  [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr         C:\windows\WindowsMobile\rapimgr.dll
20:49:10.0280 4288  RapiMgr - ok
20:49:10.0296 4288  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:49:10.0296 4288  RasAcd - ok
20:49:10.0327 4288  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
20:49:10.0327 4288  RasAgileVpn - ok
20:49:10.0358 4288  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\windows\System32\rasauto.dll
20:49:10.0374 4288  RasAuto - ok
20:49:10.0374 4288  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
20:49:10.0374 4288  Rasl2tp - ok
20:49:10.0420 4288  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\windows\System32\rasmans.dll
20:49:10.0420 4288  RasMan - ok
20:49:10.0436 4288  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:49:10.0436 4288  RasPppoe - ok
20:49:10.0452 4288  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
20:49:10.0452 4288  RasSstp - ok
20:49:10.0483 4288  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:49:10.0483 4288  rdbss - ok
20:49:10.0514 4288  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
20:49:10.0514 4288  rdpbus - ok
20:49:10.0530 4288  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
20:49:10.0530 4288  RDPCDD - ok
20:49:10.0561 4288  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
20:49:10.0561 4288  RDPENCDD - ok
20:49:10.0592 4288  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
20:49:10.0592 4288  RDPREFMP - ok
20:49:10.0639 4288  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
20:49:10.0639 4288  RdpVideoMiniport - ok
20:49:10.0670 4288  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
20:49:10.0670 4288  RDPWD - ok
20:49:10.0701 4288  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:49:10.0717 4288  rdyboost - ok
20:49:10.0732 4288  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
20:49:10.0748 4288  RemoteAccess - ok
20:49:10.0764 4288  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:49:10.0764 4288  RemoteRegistry - ok
20:49:10.0842 4288  [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
20:49:10.0842 4288  RichVideo - ok
20:49:10.0873 4288  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:49:10.0873 4288  RpcEptMapper - ok
20:49:10.0904 4288  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
20:49:10.0904 4288  RpcLocator - ok
20:49:10.0920 4288  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\windows\system32\rpcss.dll
20:49:10.0935 4288  RpcSs - ok
20:49:10.0982 4288  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:49:10.0982 4288  rspndr - ok
20:49:11.0013 4288  [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167         C:\windows\system32\DRIVERS\Rt86win7.sys
20:49:11.0013 4288  RTL8167 - ok
20:49:11.0044 4288  [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI            C:\windows\system32\Drivers\SABI.sys
20:49:11.0060 4288  SABI - ok
20:49:11.0060 4288  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\windows\system32\lsass.exe
20:49:11.0076 4288  SamSs - ok
20:49:11.0107 4288  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
20:49:11.0107 4288  sbp2port - ok
20:49:11.0154 4288  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:49:11.0154 4288  SCardSvr - ok
20:49:11.0185 4288  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:49:11.0185 4288  scfilter - ok
20:49:11.0232 4288  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\windows\system32\schedsvc.dll
20:49:11.0232 4288  Schedule - ok
20:49:11.0263 4288  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\windows\System32\certprop.dll
20:49:11.0263 4288  SCPolicySvc - ok
20:49:11.0278 4288  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\windows\System32\SDRSVC.dll
20:49:11.0294 4288  SDRSVC - ok
20:49:11.0310 4288  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:49:11.0325 4288  secdrv - ok
20:49:11.0341 4288  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
20:49:11.0341 4288  seclogon - ok
20:49:11.0372 4288  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\System32\sens.dll
20:49:11.0372 4288  SENS - ok
20:49:11.0403 4288  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:49:11.0403 4288  SensrSvc - ok
20:49:11.0434 4288  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
20:49:11.0434 4288  Serenum - ok
20:49:11.0450 4288  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\DRIVERS\serial.sys
20:49:11.0466 4288  Serial - ok
20:49:11.0481 4288  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
20:49:11.0481 4288  sermouse - ok
20:49:11.0512 4288  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\windows\system32\sessenv.dll
20:49:11.0528 4288  SessionEnv - ok
20:49:11.0544 4288  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
20:49:11.0544 4288  sffdisk - ok
20:49:11.0559 4288  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
20:49:11.0559 4288  sffp_mmc - ok
20:49:11.0575 4288  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
20:49:11.0575 4288  sffp_sd - ok
20:49:11.0575 4288  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
20:49:11.0575 4288  sfloppy - ok
20:49:11.0622 4288  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:49:11.0622 4288  SharedAccess - ok
20:49:11.0653 4288  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:49:11.0653 4288  ShellHWDetection - ok
20:49:11.0668 4288  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\drivers\sisagp.sys
20:49:11.0668 4288  sisagp - ok
20:49:11.0700 4288  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
20:49:11.0700 4288  SiSRaid2 - ok
20:49:11.0715 4288  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
20:49:11.0715 4288  SiSRaid4 - ok
20:49:11.0731 4288  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\windows\system32\DRIVERS\smb.sys
20:49:11.0731 4288  Smb - ok
20:49:11.0793 4288  [ EB49860E776CE860DC3CFB9EDB1BA517 ] snapman         C:\windows\system32\DRIVERS\snapman.sys
20:49:11.0793 4288  snapman - ok
20:49:11.0824 4288  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:49:11.0840 4288  SNMPTRAP - ok
20:49:11.0840 4288  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\windows\system32\drivers\spldr.sys
20:49:11.0856 4288  spldr - ok
20:49:11.0887 4288  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\windows\System32\spoolsv.exe
20:49:11.0887 4288  Spooler - ok
20:49:11.0949 4288  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\windows\system32\sppsvc.exe
20:49:12.0058 4288  sppsvc - ok
20:49:12.0090 4288  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\windows\system32\sppuinotify.dll
20:49:12.0090 4288  sppuinotify - ok
20:49:12.0105 4288  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\windows\system32\DRIVERS\srv.sys
20:49:12.0105 4288  srv - ok
20:49:12.0152 4288  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:49:12.0152 4288  srv2 - ok
20:49:12.0168 4288  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:49:12.0168 4288  srvnet - ok
20:49:12.0183 4288  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:49:12.0199 4288  SSDPSRV - ok
20:49:12.0214 4288  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\windows\system32\sstpsvc.dll
20:49:12.0214 4288  SstpSvc - ok
20:49:12.0246 4288  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
20:49:12.0246 4288  stexstor - ok
20:49:12.0292 4288  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\windows\System32\wiaservc.dll
20:49:12.0308 4288  StiSvc - ok
20:49:12.0339 4288  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\drivers\swenum.sys
20:49:12.0339 4288  swenum - ok
20:49:12.0355 4288  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\windows\System32\swprv.dll
20:49:12.0370 4288  swprv - ok
20:49:12.0417 4288  [ 215A45246C6E2D0A9C263CE1786C8D8A ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
20:49:12.0417 4288  SynTP - ok
20:49:12.0464 4288  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\windows\system32\sysmain.dll
20:49:12.0480 4288  SysMain - ok
20:49:12.0526 4288  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
20:49:12.0526 4288  TabletInputService - ok
20:49:12.0573 4288  [ 8CF6E2AE1707D82E904ECCA68CEF8B87 ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
20:49:12.0573 4288  tap0901 - ok
20:49:12.0604 4288  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\windows\System32\tapisrv.dll
20:49:12.0620 4288  TapiSrv - ok
20:49:12.0651 4288  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\windows\System32\tbssvc.dll
20:49:12.0651 4288  TBS - ok
20:49:12.0714 4288  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
20:49:12.0729 4288  Tcpip - ok
20:49:12.0776 4288  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:49:12.0776 4288  TCPIP6 - ok
20:49:12.0807 4288  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:49:12.0807 4288  tcpipreg - ok
20:49:12.0838 4288  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
20:49:12.0838 4288  TDPIPE - ok
20:49:12.0901 4288  [ 431801FCC97034E04A6EFF81136578D7 ] tdrpman273      C:\windows\system32\DRIVERS\tdrpm273.sys
20:49:12.0932 4288  tdrpman273 - ok
20:49:12.0948 4288  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
20:49:12.0948 4288  TDTCP - ok
20:49:12.0979 4288  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
20:49:12.0979 4288  tdx - ok
20:49:13.0010 4288  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\windows\system32\drivers\termdd.sys
20:49:13.0010 4288  TermDD - ok
20:49:13.0057 4288  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\windows\System32\termsrv.dll
20:49:13.0072 4288  TermService - ok
20:49:13.0104 4288  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
20:49:13.0104 4288  Themes - ok
20:49:13.0135 4288  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\windows\system32\mmcss.dll
20:49:13.0135 4288  THREADORDER - ok
20:49:13.0197 4288  [ A34D7024BB7140EC785C86BC065D4F60 ] timounter       C:\windows\system32\DRIVERS\timntr.sys
20:49:13.0228 4288  timounter - ok
20:49:13.0260 4288  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
20:49:13.0260 4288  TrkWks - ok
20:49:13.0306 4288  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:49:13.0322 4288  TrustedInstaller - ok
20:49:13.0338 4288  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
20:49:13.0338 4288  tssecsrv - ok
20:49:13.0384 4288  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
20:49:13.0400 4288  TsUsbFlt - ok
20:49:13.0431 4288  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:49:13.0431 4288  tunnel - ok
20:49:13.0494 4288  TwonkyMedia - ok
20:49:13.0525 4288  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
20:49:13.0525 4288  uagp35 - ok
20:49:13.0540 4288  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:49:13.0556 4288  udfs - ok
20:49:13.0587 4288  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\windows\system32\UI0Detect.exe
20:49:13.0603 4288  UI0Detect - ok
20:49:13.0634 4288  [ E0E3268453C3D4ED68A632099482B543 ] UimBus          C:\windows\system32\DRIVERS\UimBus.sys
20:49:13.0634 4288  UimBus - ok
20:49:13.0665 4288  [ 71FC84677AF3F6416338B14EFE02DDD7 ] Uim_IM          C:\windows\system32\Drivers\Uim_IM.sys
20:49:13.0665 4288  Uim_IM - ok
20:49:13.0696 4288  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
20:49:13.0696 4288  uliagpkx - ok
20:49:13.0728 4288  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\windows\system32\DRIVERS\umbus.sys
20:49:13.0728 4288  umbus - ok
20:49:13.0759 4288  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
20:49:13.0759 4288  UmPass - ok
20:49:13.0790 4288  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
20:49:13.0806 4288  upnphost - ok
20:49:13.0837 4288  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\windows\system32\Drivers\usbaapl.sys
20:49:13.0852 4288  USBAAPL - ok
20:49:13.0884 4288  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
20:49:13.0884 4288  usbaudio - ok
20:49:13.0915 4288  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
20:49:13.0915 4288  usbccgp - ok
20:49:13.0930 4288  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\windows\system32\drivers\usbcir.sys
20:49:13.0930 4288  usbcir - ok
20:49:13.0962 4288  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
20:49:13.0962 4288  usbehci - ok
20:49:13.0993 4288  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
20:49:13.0993 4288  usbhub - ok
20:49:14.0024 4288  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\windows\system32\DRIVERS\usbohci.sys
20:49:14.0024 4288  usbohci - ok
20:49:14.0040 4288  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
20:49:14.0040 4288  usbprint - ok
20:49:14.0055 4288  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
20:49:14.0071 4288  USBSTOR - ok
20:49:14.0086 4288  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
20:49:14.0086 4288  usbuhci - ok
20:49:14.0118 4288  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
20:49:14.0133 4288  usbvideo - ok
20:49:14.0149 4288  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\windows\System32\uxsms.dll
20:49:14.0149 4288  UxSms - ok
20:49:14.0164 4288  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\windows\system32\lsass.exe
20:49:14.0164 4288  VaultSvc - ok
20:49:14.0180 4288  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
20:49:14.0196 4288  vdrvroot - ok
20:49:14.0211 4288  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\windows\System32\vds.exe
20:49:14.0227 4288  vds - ok
20:49:14.0258 4288  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
20:49:14.0258 4288  vga - ok
20:49:14.0274 4288  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\windows\System32\drivers\vga.sys
20:49:14.0274 4288  VgaSave - ok
20:49:14.0305 4288  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
20:49:14.0305 4288  vhdmp - ok
20:49:14.0336 4288  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\drivers\viaagp.sys
20:49:14.0336 4288  viaagp - ok
20:49:14.0367 4288  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\windows\system32\DRIVERS\viac7.sys
20:49:14.0367 4288  ViaC7 - ok
20:49:14.0383 4288  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\drivers\viaide.sys
20:49:14.0383 4288  viaide - ok
20:49:14.0414 4288  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\windows\system32\drivers\volmgr.sys
20:49:14.0414 4288  volmgr - ok
20:49:14.0430 4288  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
20:49:14.0430 4288  volmgrx - ok
20:49:14.0461 4288  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\windows\system32\drivers\volsnap.sys
20:49:14.0461 4288  volsnap - ok
20:49:14.0492 4288  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
20:49:14.0492 4288  vsmraid - ok
20:49:14.0539 4288  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\windows\system32\vssvc.exe
20:49:14.0570 4288  VSS - ok
20:49:14.0601 4288  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
20:49:14.0601 4288  vwifibus - ok
20:49:14.0601 4288  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:49:14.0617 4288  vwififlt - ok
20:49:14.0632 4288  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
20:49:14.0632 4288  vwifimp - ok
20:49:14.0664 4288  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\windows\system32\w32time.dll
20:49:14.0664 4288  W32Time - ok
20:49:14.0695 4288  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
20:49:14.0695 4288  WacomPen - ok
20:49:14.0710 4288  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
20:49:14.0710 4288  WANARP - ok
20:49:14.0726 4288  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
20:49:14.0726 4288  Wanarpv6 - ok
20:49:14.0757 4288  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\windows\system32\wbengine.exe
20:49:14.0804 4288  wbengine - ok
20:49:14.0835 4288  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:49:14.0835 4288  WbioSrvc - ok
20:49:14.0866 4288  [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm        C:\windows\WindowsMobile\wcescomm.dll
20:49:14.0882 4288  WcesComm - ok
20:49:14.0913 4288  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\windows\System32\wcncsvc.dll
20:49:14.0913 4288  wcncsvc - ok
20:49:14.0944 4288  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:49:14.0944 4288  WcsPlugInService - ok
20:49:14.0976 4288  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\DRIVERS\wd.sys
20:49:14.0976 4288  Wd - ok
20:49:15.0007 4288  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:49:15.0007 4288  Wdf01000 - ok
20:49:15.0038 4288  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:49:15.0038 4288  WdiServiceHost - ok
20:49:15.0038 4288  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\windows\system32\wdi.dll
20:49:15.0054 4288  WdiSystemHost - ok
20:49:15.0069 4288  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\windows\System32\webclnt.dll
20:49:15.0085 4288  WebClient - ok
20:49:15.0100 4288  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
20:49:15.0116 4288  Wecsvc - ok
20:49:15.0147 4288  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\windows\System32\wercplsupport.dll
20:49:15.0147 4288  wercplsupport - ok
20:49:15.0194 4288  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
20:49:15.0194 4288  WerSvc - ok
20:49:15.0210 4288  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
20:49:15.0210 4288  WfpLwf - ok
20:49:15.0241 4288  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:49:15.0241 4288  WIMMount - ok
20:49:15.0303 4288  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:49:15.0319 4288  WinDefend - ok
20:49:15.0334 4288  WinHttpAutoProxySvc - ok
20:49:15.0381 4288  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:49:15.0381 4288  Winmgmt - ok
20:49:15.0428 4288  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\windows\system32\WsmSvc.dll
20:49:15.0459 4288  WinRM - ok
20:49:15.0522 4288  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WINUSB          C:\windows\system32\DRIVERS\WinUSB.SYS
20:49:15.0522 4288  WINUSB - ok
20:49:15.0553 4288  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\windows\System32\wlansvc.dll
20:49:15.0568 4288  Wlansvc - ok
20:49:15.0584 4288  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
20:49:15.0600 4288  WmiAcpi - ok
20:49:15.0631 4288  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:49:15.0631 4288  wmiApSrv - ok
20:49:15.0709 4288  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:49:15.0740 4288  WMPNetworkSvc - ok
20:49:15.0771 4288  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:49:15.0787 4288  WPCSvc - ok
20:49:15.0802 4288  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:49:15.0802 4288  WPDBusEnum - ok
20:49:15.0818 4288  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
20:49:15.0834 4288  ws2ifsl - ok
20:49:15.0849 4288  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\windows\System32\wscsvc.dll
20:49:15.0849 4288  wscsvc - ok
20:49:15.0849 4288  WSearch - ok
20:49:15.0927 4288  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\windows\system32\wuaueng.dll
20:49:16.0005 4288  wuauserv - ok
20:49:16.0021 4288  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:49:16.0036 4288  WudfPf - ok
20:49:16.0068 4288  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
20:49:16.0068 4288  WUDFRd - ok
20:49:16.0099 4288  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
20:49:16.0099 4288  wudfsvc - ok
20:49:16.0130 4288  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\windows\System32\wwansvc.dll
20:49:16.0130 4288  WwanSvc - ok
20:49:16.0177 4288  [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7         C:\windows\system32\DRIVERS\yk62x86.sys
20:49:16.0177 4288  yukonw7 - ok
20:49:16.0208 4288  ================ Scan global ===============================
20:49:16.0255 4288  [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
20:49:16.0286 4288  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
20:49:16.0286 4288  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
20:49:16.0317 4288  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
20:49:16.0333 4288  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
20:49:16.0333 4288  [Global] - ok
20:49:16.0333 4288  ================ Scan MBR ==================================
20:49:16.0348 4288  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
20:49:16.0676 4288  \Device\Harddisk0\DR0 - ok
20:49:16.0676 4288  ================ Scan VBR ==================================
20:49:16.0676 4288  [ F92B9D6B59FD66260C04087457A4D6E1 ] \Device\Harddisk0\DR0\Partition1
20:49:16.0692 4288  \Device\Harddisk0\DR0\Partition1 - ok
20:49:16.0707 4288  [ EA3D5AF9E4B5BBE81CA9413A9D98A47F ] \Device\Harddisk0\DR0\Partition2
20:49:16.0723 4288  \Device\Harddisk0\DR0\Partition2 - ok
20:49:16.0738 4288  [ C462CC011C11D5F27E1202087D84D103 ] \Device\Harddisk0\DR0\Partition3
20:49:16.0738 4288  \Device\Harddisk0\DR0\Partition3 - ok
20:49:16.0738 4288  ============================================================
20:49:16.0738 4288  Scan finished
20:49:16.0738 4288  ============================================================
20:49:16.0754 4836  Detected object count: 0
20:49:16.0754 4836  Actual detected object count: 0
         
__________________

Alt 09.06.2013, 19:54   #4
markusg
/// Malware-holic
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



bitte tdss killer nach Anleitung konfigurieren und erneut scannen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.06.2013, 16:52   #5
Seoman1958
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Sorry, habe es übersehen. Danke für die Arbeit!

Hier nochmal das neue Log:

Code:
ATTFilter
17:49:30.0217 2948  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:49:30.0467 2948  ============================================================
17:49:30.0467 2948  Current date / time: 2013/06/10 17:49:30.0467
17:49:30.0467 2948  SystemInfo:
17:49:30.0467 2948  
17:49:30.0467 2948  OS Version: 6.1.7601 ServicePack: 1.0
17:49:30.0467 2948  Product type: Workstation
17:49:30.0467 2948  ComputerName:
17:49:30.0467 2948  UserName: 
17:49:30.0467 2948  Windows directory: C:\windows
17:49:30.0467 2948  System windows directory: C:\windows
17:49:30.0467 2948  Processor architecture: Intel x86
17:49:30.0467 2948  Number of processors: 2
17:49:30.0467 2948  Page size: 0x1000
17:49:30.0467 2948  Boot type: Normal boot
17:49:30.0467 2948  ============================================================
17:49:33.0572 2948  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:49:33.0588 2948  ============================================================
17:49:33.0588 2948  \Device\Harddisk0\DR0:
17:49:33.0619 2948  MBR partitions:
17:49:33.0619 2948  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
17:49:33.0619 2948  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x7E2F000
17:49:33.0619 2948  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9C61800, BlocksNum 0x30724000
17:49:33.0619 2948  ============================================================
17:49:33.0666 2948  C: <-> \Device\Harddisk0\DR0\Partition2
17:49:33.0993 2948  D: <-> \Device\Harddisk0\DR0\Partition3
17:49:33.0993 2948  ============================================================
17:49:33.0993 2948  Initialize success
17:49:33.0993 2948  ============================================================
17:51:36.0891 1712  ============================================================
17:51:36.0891 1712  Scan started
17:51:36.0891 1712  Mode: Manual; SigCheck; TDLFS; 
17:51:36.0891 1712  ============================================================
17:51:41.0931 1712  ================ Scan system memory ========================
17:51:41.0931 1712  System memory - ok
17:51:41.0934 1712  ================ Scan services =============================
17:51:42.0332 1712  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
17:51:42.0465 1712  1394ohci - ok
17:51:42.0564 1712  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\windows\system32\drivers\ACPI.sys
17:51:42.0589 1712  ACPI - ok
17:51:42.0626 1712  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
17:51:42.0745 1712  AcpiPmi - ok
17:51:43.0237 1712  [ 49C47EBF1C9EF2C5D4988450D79FD544 ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
17:51:43.0267 1712  AcrSch2Svc - ok
17:51:43.0720 1712  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:51:43.0745 1712  AdobeFlashPlayerUpdateSvc - ok
17:51:44.0120 1712  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
17:51:44.0166 1712  adp94xx - ok
17:51:44.0287 1712  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
17:51:44.0314 1712  adpahci - ok
17:51:44.0407 1712  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
17:51:44.0430 1712  adpu320 - ok
17:51:44.0481 1712  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
17:51:44.0566 1712  AeLookupSvc - ok
17:51:44.0821 1712  [ 53696AD8FFC5FAC51949A525FF65A689 ] afcdp           C:\windows\system32\DRIVERS\afcdp.sys
17:51:44.0854 1712  afcdp - ok
17:51:45.0270 1712  [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv        C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
17:51:45.0332 1712  afcdpsrv - ok
17:51:45.0538 1712  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\windows\system32\drivers\afd.sys
17:51:45.0735 1712  AFD - ok
17:51:45.0818 1712  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\drivers\agp440.sys
17:51:45.0848 1712  agp440 - ok
17:51:45.0944 1712  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\windows\system32\DRIVERS\djsvs.sys
17:51:46.0054 1712  aic78xx - ok
17:51:46.0094 1712  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\windows\System32\alg.exe
17:51:46.0197 1712  ALG - ok
17:51:46.0257 1712  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\drivers\aliide.sys
17:51:46.0274 1712  aliide - ok
17:51:46.0294 1712  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\drivers\amdagp.sys
17:51:46.0312 1712  amdagp - ok
17:51:46.0339 1712  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\drivers\amdide.sys
17:51:46.0357 1712  amdide - ok
17:51:46.0436 1712  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
17:51:46.0663 1712  AmdK8 - ok
17:51:46.0723 1712  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
17:51:46.0750 1712  AmdPPM - ok
17:51:46.0803 1712  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\windows\system32\drivers\amdsata.sys
17:51:46.0823 1712  amdsata - ok
17:51:46.0916 1712  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
17:51:46.0941 1712  amdsbs - ok
17:51:46.0964 1712  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\windows\system32\drivers\amdxata.sys
17:51:46.0978 1712  amdxata - ok
17:51:47.0031 1712  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\windows\system32\drivers\appid.sys
17:51:48.0093 1712  AppID - ok
17:51:48.0152 1712  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
17:51:48.0198 1712  AppIDSvc - ok
17:51:48.0298 1712  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\windows\System32\appinfo.dll
17:51:48.0408 1712  Appinfo - ok
17:51:48.0713 1712  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:51:48.0729 1712  Apple Mobile Device - ok
17:51:48.0789 1712  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\windows\system32\DRIVERS\arc.sys
17:51:48.0819 1712  arc - ok
17:51:48.0827 1712  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
17:51:48.0880 1712  arcsas - ok
17:51:48.0905 1712  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
17:51:49.0609 1712  AsyncMac - ok
17:51:49.0776 1712  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\windows\system32\drivers\atapi.sys
17:51:49.0802 1712  atapi - ok
17:51:50.0308 1712  [ 49F17A2E79469BE6581D491706720671 ] athr            C:\windows\system32\DRIVERS\athr.sys
17:51:50.0511 1712  athr - ok
17:51:50.0672 1712  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:51:50.0724 1712  AudioEndpointBuilder - ok
17:51:50.0737 1712  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\windows\System32\Audiosrv.dll
17:51:50.0777 1712  Audiosrv - ok
17:51:51.0130 1712  [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
17:51:51.0225 1712  AVGIDSAgent - ok
17:51:51.0269 1712  [ 4750A2A188D39034F5DDDDAE1BF38BF8 ] AVGIDSDriver    C:\windows\system32\DRIVERS\avgidsdriverx.sys
17:51:51.0285 1712  AVGIDSDriver - ok
17:51:51.0318 1712  [ B0DEF92F4E1E6B9242E6C8FAB82703F7 ] AVGIDSHX        C:\windows\system32\DRIVERS\avgidshx.sys
17:51:51.0334 1712  AVGIDSHX - ok
17:51:51.0366 1712  [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim      C:\windows\system32\DRIVERS\avgidsshimx.sys
17:51:51.0378 1712  AVGIDSShim - ok
17:51:51.0523 1712  [ 08FA13787D77A75DC413E27FD92B44E8 ] Avgldx86        C:\windows\system32\DRIVERS\avgldx86.sys
17:51:51.0542 1712  Avgldx86 - ok
17:51:51.0802 1712  [ 3E587EE55C70E6DB78A98D7121D3052E ] Avglogx         C:\windows\system32\DRIVERS\avglogx.sys
17:51:51.0823 1712  Avglogx - ok
17:51:51.0979 1712  [ 5AC56B2CF8EE751796C5A8FC5C631B66 ] Avgmfx86        C:\windows\system32\DRIVERS\avgmfx86.sys
17:51:52.0099 1712  Avgmfx86 - ok
17:51:52.0148 1712  [ C29E6070396E437FDE184D739CCBA2C7 ] Avgrkx86        C:\windows\system32\DRIVERS\avgrkx86.sys
17:51:52.0168 1712  Avgrkx86 - ok
17:51:52.0236 1712  [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix         C:\windows\system32\DRIVERS\avgtdix.sys
17:51:52.0251 1712  Avgtdix - ok
17:51:52.0318 1712  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
17:51:52.0345 1712  avgwd - ok
17:51:52.0503 1712  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\windows\System32\AxInstSV.dll
17:51:52.0690 1712  AxInstSV - ok
17:51:52.0832 1712  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\windows\system32\DRIVERS\bxvbdx.sys
17:51:52.0948 1712  b06bdrv - ok
17:51:53.0742 1712  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
17:51:53.0769 1712  b57nd60x - ok
17:51:53.0839 1712  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
17:51:53.0929 1712  BDESVC - ok
17:51:54.0007 1712  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
17:51:54.0041 1712  Beep - ok
17:51:54.0172 1712  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\windows\System32\bfe.dll
17:51:54.0235 1712  BFE - ok
17:51:54.0310 1712  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\windows\System32\qmgr.dll
17:51:54.0418 1712  BITS - ok
17:51:54.0516 1712  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
17:51:54.0560 1712  blbdrive - ok
17:51:54.0955 1712  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:51:54.0978 1712  Bonjour Service - ok
17:51:55.0080 1712  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
17:51:55.0134 1712  bowser - ok
17:51:55.0162 1712  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
17:51:55.0598 1712  BrFiltLo - ok
17:51:56.0014 1712  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
17:51:56.0129 1712  BrFiltUp - ok
17:51:56.0174 1712  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\windows\System32\browser.dll
17:51:56.0206 1712  Browser - ok
17:51:56.0252 1712  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\windows\System32\Drivers\Brserid.sys
17:51:56.0326 1712  Brserid - ok
17:51:56.0405 1712  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
17:51:56.0480 1712  BrSerWdm - ok
17:51:56.0538 1712  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
17:51:56.0561 1712  BrUsbMdm - ok
17:51:56.0602 1712  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
17:51:56.0619 1712  BrUsbSer - ok
17:51:56.0637 1712  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
17:51:56.0712 1712  BTHMODEM - ok
17:51:56.0775 1712  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\windows\system32\bthserv.dll
17:51:56.0870 1712  bthserv - ok
17:51:56.0938 1712  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
17:51:56.0986 1712  cdfs - ok
17:51:57.0128 1712  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
17:51:57.0203 1712  cdrom - ok
17:51:57.0326 1712  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\windows\System32\certprop.dll
17:51:57.0370 1712  CertPropSvc - ok
17:51:57.0953 1712  [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
17:51:58.0157 1712  CGVPNCliSrvc - ok
17:51:58.0202 1712  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
17:51:58.0520 1712  circlass - ok
17:51:58.0575 1712  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
17:51:58.0613 1712  CLFS - ok
17:51:58.0872 1712  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:58.0892 1712  clr_optimization_v2.0.50727_32 - ok
17:51:59.0224 1712  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:51:59.0239 1712  clr_optimization_v4.0.30319_32 - ok
17:51:59.0251 1712  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
17:51:59.0268 1712  CmBatt - ok
17:51:59.0291 1712  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\drivers\cmdide.sys
17:51:59.0314 1712  cmdide - ok
17:51:59.0384 1712  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\windows\system32\Drivers\cng.sys
17:51:59.0418 1712  CNG - ok
17:51:59.0879 1712  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
17:51:59.0903 1712  Compbatt - ok
17:52:00.0080 1712  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
17:52:00.0118 1712  CompositeBus - ok
17:52:00.0152 1712  COMSysApp - ok
17:52:00.0195 1712  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
17:52:00.0212 1712  crcdisk - ok
17:52:00.0377 1712  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\windows\system32\cryptsvc.dll
17:52:00.0408 1712  CryptSvc - ok
17:52:00.0564 1712  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\windows\system32\rpcss.dll
17:52:00.0600 1712  DcomLaunch - ok
17:52:00.0695 1712  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\windows\System32\defragsvc.dll
17:52:00.0820 1712  defragsvc - ok
17:52:00.0859 1712  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
17:52:00.0909 1712  DfsC - ok
17:52:01.0237 1712  [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS          C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS.exe
17:52:01.0313 1712  DfSdkS ( UnsignedFile.Multi.Generic ) - warning
17:52:01.0314 1712  DfSdkS - detected UnsignedFile.Multi.Generic (1)
17:52:01.0554 1712  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\windows\system32\dhcpcore.dll
17:52:01.0635 1712  Dhcp - ok
17:52:01.0784 1712  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
17:52:01.0833 1712  discache - ok
17:52:01.0927 1712  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\DRIVERS\disk.sys
17:52:01.0943 1712  Disk - ok
17:52:02.0089 1712  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\windows\System32\dnsrslvr.dll
17:52:02.0168 1712  Dnscache - ok
17:52:02.0234 1712  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\windows\System32\dot3svc.dll
17:52:02.0286 1712  dot3svc - ok
17:52:02.0579 1712  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\windows\system32\dps.dll
17:52:02.0673 1712  DPS - ok
17:52:02.0830 1712  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
17:52:02.0903 1712  drmkaud - ok
17:52:03.0067 1712  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
17:52:03.0101 1712  DXGKrnl - ok
17:52:03.0210 1712  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\windows\System32\eapsvc.dll
17:52:03.0274 1712  EapHost - ok
17:52:03.0997 1712  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\windows\system32\DRIVERS\evbdx.sys
17:52:04.0132 1712  ebdrv - ok
17:52:04.0248 1712  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\windows\System32\lsass.exe
17:52:04.0291 1712  EFS - ok
17:52:04.0716 1712  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
17:52:04.0819 1712  ehRecvr - ok
17:52:04.0895 1712  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\windows\ehome\ehsched.exe
17:52:04.0992 1712  ehSched - ok
17:52:05.0158 1712  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
17:52:05.0202 1712  elxstor - ok
17:52:05.0248 1712  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\drivers\errdev.sys
17:52:05.0281 1712  ErrDev - ok
17:52:05.0631 1712  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\windows\system32\es.dll
17:52:05.0762 1712  EventSystem - ok
17:52:05.0867 1712  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\windows\system32\DRIVERS\ew_hwusbdev.sys
17:52:05.0950 1712  ew_hwusbdev - ok
17:52:06.0069 1712  [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\windows\system32\DRIVERS\ew_usbenumfilter.sys
17:52:06.0131 1712  ew_usbenumfilter - ok
17:52:06.0150 1712  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\windows\system32\drivers\exfat.sys
17:52:06.0211 1712  exfat - ok
17:52:06.0282 1712  Fabs - ok
17:52:06.0367 1712  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\windows\system32\drivers\fastfat.sys
17:52:06.0451 1712  fastfat - ok
17:52:06.0585 1712  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\windows\system32\fxssvc.exe
17:52:06.0693 1712  Fax - ok
17:52:06.0711 1712  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\windows\system32\DRIVERS\fdc.sys
17:52:06.0728 1712  fdc - ok
17:52:06.0795 1712  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\windows\system32\fdPHost.dll
17:52:06.0828 1712  fdPHost - ok
17:52:06.0862 1712  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
17:52:06.0898 1712  FDResPub - ok
17:52:06.0977 1712  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
17:52:06.0992 1712  FileInfo - ok
17:52:07.0033 1712  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
17:52:07.0090 1712  Filetrace - ok
17:52:07.0941 1712  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
17:52:08.0122 1712  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
17:52:08.0122 1712  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
17:52:08.0155 1712  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
17:52:08.0181 1712  flpydisk - ok
17:52:08.0331 1712  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
17:52:08.0348 1712  FltMgr - ok
17:52:08.0501 1712  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\windows\system32\FntCache.dll
17:52:08.0676 1712  FontCache - ok
17:52:08.0860 1712  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:52:08.0878 1712  FontCache3.0.0.0 - ok
17:52:08.0890 1712  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
17:52:08.0908 1712  FsDepends - ok
17:52:08.0997 1712  [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
17:52:09.0012 1712  fssfltr - ok
17:52:09.0468 1712  [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:52:09.0571 1712  fsssvc - ok
17:52:09.0635 1712  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
17:52:09.0650 1712  Fs_Rec - ok
17:52:09.0833 1712  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
17:52:09.0853 1712  fvevol - ok
17:52:09.0990 1712  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
17:52:10.0020 1712  gagp30kx - ok
17:52:10.0231 1712  [ 4AD4C21D7B82180B0E8CC722E07891B0 ] GdPhyMem        C:\windows\system32\drivers\GdPhyMem.sys
17:52:10.0246 1712  GdPhyMem - ok
17:52:10.0322 1712  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:52:10.0342 1712  GEARAspiWDM - ok
17:52:10.0470 1712  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\windows\System32\gpsvc.dll
17:52:10.0537 1712  gpsvc - ok
17:52:10.0705 1712  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:52:10.0728 1712  gupdate - ok
17:52:10.0881 1712  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:52:10.0901 1712  gupdatem - ok
17:52:11.0069 1712  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
17:52:11.0172 1712  hcw85cir - ok
17:52:11.0314 1712  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:52:11.0404 1712  HdAudAddService - ok
17:52:11.0478 1712  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
17:52:11.0545 1712  HDAudBus - ok
17:52:11.0614 1712  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
17:52:11.0639 1712  HidBatt - ok
17:52:11.0645 1712  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
17:52:11.0709 1712  HidBth - ok
17:52:11.0786 1712  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
17:52:11.0832 1712  HidIr - ok
17:52:11.0865 1712  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\windows\system32\hidserv.dll
17:52:11.0901 1712  hidserv - ok
17:52:11.0984 1712  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
17:52:12.0006 1712  HidUsb - ok
17:52:12.0088 1712  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\windows\system32\kmsvc.dll
17:52:12.0142 1712  hkmsvc - ok
17:52:12.0176 1712  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:52:12.0214 1712  HomeGroupListener - ok
17:52:12.0235 1712  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:52:12.0257 1712  HomeGroupProvider - ok
17:52:12.0336 1712  [ 39AE0BE51F51A660CE2B14AF9BE8548F ] hotcore3        C:\windows\system32\DRIVERS\hotcore3.sys
17:52:12.0421 1712  hotcore3 - ok
17:52:12.0467 1712  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
17:52:12.0488 1712  HpSAMD - ok
17:52:12.0725 1712  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\windows\system32\drivers\HTTP.sys
17:52:12.0792 1712  HTTP - ok
17:52:13.0013 1712  [ 3170044AA8090F80839D3D4330BF733A ] huawei_cdcacm   C:\windows\system32\DRIVERS\ew_jucdcacm.sys
17:52:13.0071 1712  huawei_cdcacm - ok
17:52:13.0212 1712  [ F44461E66F1B7DD267957FE9BAA63ED0 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
17:52:13.0311 1712  huawei_enumerator - ok
17:52:13.0540 1712  [ 69A103138B77AC0950EC3846E2E6F655 ] huawei_ext_ctrl C:\windows\system32\DRIVERS\ew_juextctrl.sys
17:52:13.0572 1712  huawei_ext_ctrl - ok
17:52:13.0897 1712  [ 7DE001BAB4056257E1792AF1FCFA489F ] huawei_wwanecm  C:\windows\system32\DRIVERS\ew_juwwanecm.sys
17:52:14.0074 1712  huawei_wwanecm - ok
17:52:14.0408 1712  [ 5EF3427AE503B5C03A48F7C9FF458B69 ] HWDeviceService.exe C:\ProgramData\DatacardService\HWDeviceService.exe
17:52:14.0427 1712  HWDeviceService.exe - ok
17:52:14.0511 1712  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
17:52:14.0525 1712  hwpolicy - ok
17:52:14.0646 1712  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
17:52:14.0674 1712  i8042prt - ok
17:52:14.0890 1712  [ 0BAA4115DFFFD6A6D809A89D65E1281A ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
17:52:14.0915 1712  iaStor - ok
17:52:15.0023 1712  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
17:52:15.0046 1712  iaStorV - ok
17:52:15.0304 1712  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:52:15.0725 1712  IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:52:15.0725 1712  IDriverT - detected UnsignedFile.Multi.Generic (1)
17:52:16.0101 1712  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:52:16.0183 1712  idsvc - ok
17:52:17.0014 1712  [ AD626F6964F4D364D226C39E06872DD3 ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
17:52:17.0281 1712  igfx - ok
17:52:17.0373 1712  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
17:52:17.0389 1712  iirsp - ok
17:52:17.0475 1712  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\windows\System32\ikeext.dll
17:52:17.0598 1712  IKEEXT - ok
17:52:18.0149 1712  [ 3202E26501E5E18C35DC2CC74709A704 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
17:52:18.0242 1712  IntcAzAudAddService - ok
17:52:18.0291 1712  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\drivers\intelide.sys
17:52:18.0307 1712  intelide - ok
17:52:18.0396 1712  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
17:52:18.0454 1712  intelppm - ok
17:52:18.0554 1712  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
17:52:18.0589 1712  IPBusEnum - ok
17:52:18.0658 1712  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
17:52:18.0715 1712  IpFilterDriver - ok
17:52:18.0824 1712  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
17:52:18.0935 1712  iphlpsvc - ok
17:52:18.0992 1712  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
17:52:19.0021 1712  IPMIDRV - ok
17:52:19.0062 1712  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\windows\system32\drivers\ipnat.sys
17:52:19.0126 1712  IPNAT - ok
17:52:19.0160 1712  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
17:52:19.0295 1712  IRENUM - ok
17:52:19.0370 1712  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\drivers\isapnp.sys
17:52:19.0400 1712  isapnp - ok
17:52:19.0476 1712  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
17:52:19.0545 1712  iScsiPrt - ok
17:52:19.0596 1712  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
17:52:19.0615 1712  kbdclass - ok
17:52:19.0761 1712  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
17:52:19.0838 1712  kbdhid - ok
17:52:19.0877 1712  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\windows\system32\lsass.exe
17:52:19.0892 1712  KeyIso - ok
17:52:20.0016 1712  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
17:52:20.0042 1712  KSecDD - ok
17:52:20.0230 1712  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
17:52:20.0247 1712  KSecPkg - ok
17:52:20.0375 1712  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\windows\system32\msdtckrm.dll
17:52:20.0468 1712  KtmRm - ok
17:52:20.0583 1712  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\windows\system32\srvsvc.dll
17:52:20.0621 1712  LanmanServer - ok
17:52:20.0652 1712  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:52:20.0702 1712  LanmanWorkstation - ok
17:52:20.0873 1712  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
17:52:20.0914 1712  lltdio - ok
17:52:20.0991 1712  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\windows\System32\lltdsvc.dll
17:52:21.0047 1712  lltdsvc - ok
17:52:21.0090 1712  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\windows\System32\lmhsvc.dll
17:52:21.0144 1712  lmhosts - ok
17:52:21.0192 1712  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
17:52:21.0216 1712  LSI_FC - ok
17:52:21.0281 1712  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
17:52:21.0297 1712  LSI_SAS - ok
17:52:21.0385 1712  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
17:52:21.0407 1712  LSI_SAS2 - ok
17:52:21.0604 1712  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
17:52:21.0623 1712  LSI_SCSI - ok
17:52:21.0652 1712  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\windows\system32\drivers\luafv.sys
17:52:21.0701 1712  luafv - ok
17:52:21.0877 1712  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
17:52:21.0907 1712  Mcx2Svc - ok
17:52:21.0947 1712  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
17:52:21.0970 1712  megasas - ok
17:52:22.0021 1712  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
17:52:22.0042 1712  MegaSR - ok
17:52:22.0277 1712  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
17:52:22.0293 1712  Microsoft Office Groove Audit Service - ok
17:52:22.0348 1712  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\windows\system32\mmcss.dll
17:52:22.0405 1712  MMCSS - ok
17:52:22.0472 1712  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\windows\system32\drivers\modem.sys
17:52:22.0513 1712  Modem - ok
17:52:22.0554 1712  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
17:52:22.0587 1712  monitor - ok
17:52:22.0680 1712  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
17:52:22.0706 1712  mouclass - ok
17:52:22.0787 1712  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
17:52:22.0814 1712  mouhid - ok
17:52:22.0846 1712  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
17:52:22.0860 1712  mountmgr - ok
17:52:23.0239 1712  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:52:23.0270 1712  MozillaMaintenance - ok
17:52:23.0315 1712  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\windows\system32\drivers\mpio.sys
17:52:23.0333 1712  mpio - ok
17:52:23.0416 1712  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
17:52:23.0484 1712  mpsdrv - ok
17:52:23.0775 1712  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\windows\system32\mpssvc.dll
17:52:23.0835 1712  MpsSvc - ok
17:52:23.0869 1712  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
17:52:23.0922 1712  MRxDAV - ok
17:52:24.0029 1712  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
17:52:24.0103 1712  mrxsmb - ok
17:52:24.0228 1712  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
17:52:24.0255 1712  mrxsmb10 - ok
17:52:24.0299 1712  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
17:52:24.0327 1712  mrxsmb20 - ok
17:52:24.0343 1712  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\windows\system32\drivers\msahci.sys
17:52:24.0359 1712  msahci - ok
17:52:24.0381 1712  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\windows\system32\drivers\msdsm.sys
17:52:24.0400 1712  msdsm - ok
17:52:24.0443 1712  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\windows\System32\msdtc.exe
17:52:24.0537 1712  MSDTC - ok
17:52:24.0633 1712  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys
17:52:24.0670 1712  Msfs - ok
17:52:24.0699 1712  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
17:52:24.0753 1712  mshidkmdf - ok
17:52:24.0838 1712  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
17:52:24.0853 1712  msisadrv - ok
17:52:24.0926 1712  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
17:52:24.0969 1712  MSiSCSI - ok
17:52:24.0976 1712  msiserver - ok
17:52:25.0043 1712  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
17:52:25.0079 1712  MSKSSRV - ok
17:52:25.0122 1712  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
17:52:25.0167 1712  MSPCLOCK - ok
17:52:25.0233 1712  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
17:52:25.0288 1712  MSPQM - ok
17:52:25.0340 1712  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
17:52:25.0358 1712  MsRPC - ok
17:52:25.0406 1712  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
17:52:25.0428 1712  mssmbios - ok
17:52:25.0487 1712  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
17:52:25.0520 1712  MSTEE - ok
17:52:25.0555 1712  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
17:52:25.0586 1712  MTConfig - ok
17:52:25.0615 1712  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\windows\system32\Drivers\mup.sys
17:52:25.0629 1712  Mup - ok
17:52:25.0734 1712  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\windows\system32\qagentRT.dll
17:52:25.0784 1712  napagent - ok
17:52:25.0873 1712  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
17:52:25.0975 1712  NativeWifiP - ok
17:52:26.0155 1712  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\windows\system32\drivers\ndis.sys
17:52:26.0181 1712  NDIS - ok
17:52:26.0243 1712  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
17:52:26.0301 1712  NdisCap - ok
17:52:26.0349 1712  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
17:52:26.0402 1712  NdisTapi - ok
17:52:26.0491 1712  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
17:52:26.0543 1712  Ndisuio - ok
17:52:26.0607 1712  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
17:52:26.0696 1712  NdisWan - ok
17:52:26.0743 1712  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
17:52:26.0785 1712  NDProxy - ok
17:52:26.0891 1712  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
17:52:26.0937 1712  NetBIOS - ok
17:52:26.0996 1712  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
17:52:27.0048 1712  NetBT - ok
17:52:27.0087 1712  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\windows\system32\lsass.exe
17:52:27.0120 1712  Netlogon - ok
17:52:27.0215 1712  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
17:52:27.0262 1712  Netman - ok
17:52:27.0329 1712  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
17:52:27.0384 1712  netprofm - ok
17:52:27.0431 1712  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:52:27.0460 1712  NetTcpPortSharing - ok
17:52:27.0502 1712  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
17:52:27.0524 1712  nfrd960 - ok
17:52:27.0941 1712  [ 60D2F9D8EF710DAD628B4DDCD759F0BC ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
17:52:28.0011 1712  NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
17:52:28.0011 1712  NIHardwareService - detected UnsignedFile.Multi.Generic (1)
17:52:28.0121 1712  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\windows\System32\nlasvc.dll
17:52:28.0146 1712  NlaSvc - ok
17:52:28.0171 1712  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
17:52:28.0249 1712  Npfs - ok
17:52:28.0288 1712  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\windows\system32\nsisvc.dll
17:52:28.0338 1712  nsi - ok
17:52:28.0373 1712  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
17:52:28.0416 1712  nsiproxy - ok
17:52:28.0572 1712  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
17:52:28.0606 1712  Ntfs - ok
17:52:28.0629 1712  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
17:52:28.0723 1712  Null - ok
17:52:28.0786 1712  [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA           C:\windows\system32\drivers\nvhda32v.sys
17:52:28.0803 1712  NVHDA - ok
17:52:29.0745 1712  [ 104C0FE08DD64965CF788D91CCBB2CC6 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
17:52:29.0922 1712  nvlddmkm - ok
17:52:30.0016 1712  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\windows\system32\drivers\nvraid.sys
17:52:30.0035 1712  nvraid - ok
17:52:30.0077 1712  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\windows\system32\drivers\nvstor.sys
17:52:30.0097 1712  nvstor - ok
17:52:30.0147 1712  [ 63A9CACE87C31A46BDF4AD448D9A033A ] nvsvc           C:\windows\system32\nvvsvc.exe
17:52:30.0162 1712  nvsvc - ok
17:52:30.0365 1712  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
17:52:30.0382 1712  nv_agp - ok
17:52:30.0471 1712  [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
17:52:30.0484 1712  OberonGameConsoleService - ok
17:52:30.0759 1712  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:52:30.0809 1712  odserv - ok
17:52:30.0874 1712  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
17:52:30.0892 1712  ohci1394 - ok
17:52:30.0990 1712  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:52:31.0023 1712  ose - ok
17:52:31.0122 1712  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
17:52:31.0164 1712  p2pimsvc - ok
17:52:31.0206 1712  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
17:52:31.0286 1712  p2psvc - ok
17:52:31.0451 1712  [ 85DDEEB05D78E2E0B3C43B233D46A8E0 ] Paragon System Backup Dienst C:\Program Files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhservice.exe
17:52:31.0484 1712  Paragon System Backup Dienst - ok
17:52:31.0535 1712  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\windows\system32\DRIVERS\parport.sys
17:52:31.0552 1712  Parport - ok
17:52:31.0630 1712  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\windows\system32\drivers\partmgr.sys
17:52:31.0664 1712  partmgr - ok
17:52:31.0695 1712  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
17:52:31.0741 1712  Parvdm - ok
17:52:31.0770 1712  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
17:52:31.0791 1712  PcaSvc - ok
17:52:31.0827 1712  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\windows\system32\drivers\pci.sys
17:52:31.0843 1712  pci - ok
17:52:31.0897 1712  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\drivers\pciide.sys
17:52:31.0920 1712  pciide - ok
17:52:31.0966 1712  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
17:52:31.0988 1712  pcmcia - ok
17:52:32.0017 1712  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\windows\system32\drivers\pcw.sys
17:52:32.0032 1712  pcw - ok
17:52:32.0132 1712  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
17:52:32.0192 1712  PEAUTH - ok
17:52:32.0322 1712  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\windows\system32\pla.dll
17:52:32.0402 1712  pla - ok
17:52:32.0464 1712  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
17:52:32.0536 1712  PlugPlay - ok
17:52:32.0625 1712  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
17:52:32.0671 1712  PNRPAutoReg - ok
17:52:32.0697 1712  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
17:52:32.0728 1712  PNRPsvc - ok
17:52:32.0761 1712  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
17:52:32.0831 1712  PolicyAgent - ok
17:52:32.0874 1712  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\windows\system32\umpo.dll
17:52:32.0952 1712  Power - ok
17:52:32.0996 1712  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
17:52:33.0084 1712  PptpMiniport - ok
17:52:33.0103 1712  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\windows\system32\DRIVERS\processr.sys
17:52:33.0148 1712  Processor - ok
17:52:33.0184 1712  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\windows\system32\profsvc.dll
17:52:33.0233 1712  ProfSvc - ok
17:52:33.0250 1712  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
17:52:33.0267 1712  ProtectedStorage - ok
17:52:33.0345 1712  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
17:52:33.0390 1712  Psched - ok
17:52:33.0500 1712  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
17:52:33.0577 1712  ql2300 - ok
17:52:33.0626 1712  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
17:52:33.0662 1712  ql40xx - ok
17:52:33.0719 1712  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\windows\system32\qwave.dll
17:52:33.0775 1712  QWAVE - ok
17:52:33.0790 1712  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
17:52:33.0871 1712  QWAVEdrv - ok
17:52:33.0987 1712  [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr         C:\windows\WindowsMobile\rapimgr.dll
17:52:34.0022 1712  RapiMgr - ok
17:52:34.0089 1712  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
17:52:34.0160 1712  RasAcd - ok
17:52:34.0199 1712  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
17:52:34.0279 1712  RasAgileVpn - ok
17:52:34.0307 1712  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\windows\System32\rasauto.dll
17:52:34.0378 1712  RasAuto - ok
17:52:34.0419 1712  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
17:52:34.0505 1712  Rasl2tp - ok
17:52:34.0547 1712  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\windows\System32\rasmans.dll
17:52:34.0711 1712  RasMan - ok
17:52:34.0747 1712  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
17:52:34.0821 1712  RasPppoe - ok
17:52:34.0837 1712  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
17:52:34.0909 1712  RasSstp - ok
17:52:34.0929 1712  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
17:52:34.0979 1712  rdbss - ok
17:52:35.0018 1712  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
17:52:35.0061 1712  rdpbus - ok
17:52:35.0093 1712  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
17:52:35.0135 1712  RDPCDD - ok
17:52:35.0191 1712  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
17:52:35.0232 1712  RDPENCDD - ok
17:52:35.0244 1712  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
17:52:35.0304 1712  RDPREFMP - ok
17:52:35.0368 1712  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
17:52:35.0410 1712  RdpVideoMiniport - ok
17:52:35.0434 1712  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
17:52:35.0553 1712  RDPWD - ok
17:52:35.0641 1712  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
17:52:35.0659 1712  rdyboost - ok
17:52:35.0696 1712  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
17:52:35.0727 1712  RemoteAccess - ok
17:52:35.0765 1712  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
17:52:35.0859 1712  RemoteRegistry - ok
17:52:35.0973 1712  [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
17:52:36.0001 1712  RichVideo - ok
17:52:36.0072 1712  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
17:52:36.0148 1712  RpcEptMapper - ok
17:52:36.0179 1712  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
17:52:36.0272 1712  RpcLocator - ok
17:52:36.0289 1712  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\windows\system32\rpcss.dll
17:52:36.0342 1712  RpcSs - ok
17:52:36.0415 1712  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
17:52:36.0482 1712  rspndr - ok
17:52:36.0513 1712  [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167         C:\windows\system32\DRIVERS\Rt86win7.sys
17:52:36.0547 1712  RTL8167 - ok
17:52:36.0601 1712  [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI            C:\windows\system32\Drivers\SABI.sys
17:52:36.0643 1712  SABI - ok
17:52:36.0673 1712  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\windows\system32\lsass.exe
17:52:36.0690 1712  SamSs - ok
17:52:36.0781 1712  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
17:52:36.0798 1712  sbp2port - ok
17:52:36.0843 1712  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
17:52:36.0890 1712  SCardSvr - ok
17:52:36.0919 1712  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
17:52:36.0977 1712  scfilter - ok
17:52:37.0032 1712  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\windows\system32\schedsvc.dll
17:52:37.0100 1712  Schedule - ok
17:52:37.0146 1712  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\windows\System32\certprop.dll
17:52:37.0201 1712  SCPolicySvc - ok
17:52:37.0233 1712  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\windows\System32\SDRSVC.dll
17:52:37.0259 1712  SDRSVC - ok
17:52:37.0297 1712  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
17:52:37.0358 1712  secdrv - ok
17:52:37.0386 1712  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
17:52:37.0423 1712  seclogon - ok
17:52:37.0458 1712  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\System32\sens.dll
17:52:37.0534 1712  SENS - ok
17:52:37.0576 1712  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\windows\system32\sensrsvc.dll
17:52:37.0638 1712  SensrSvc - ok
17:52:37.0686 1712  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
17:52:37.0734 1712  Serenum - ok
17:52:37.0749 1712  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\DRIVERS\serial.sys
17:52:37.0785 1712  Serial - ok
17:52:37.0813 1712  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
17:52:37.0865 1712  sermouse - ok
17:52:37.0939 1712  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\windows\system32\sessenv.dll
17:52:38.0000 1712  SessionEnv - ok
17:52:38.0043 1712  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
17:52:38.0129 1712  sffdisk - ok
17:52:38.0198 1712  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
17:52:38.0242 1712  sffp_mmc - ok
17:52:38.0300 1712  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
17:52:38.0331 1712  sffp_sd - ok
17:52:38.0364 1712  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
17:52:38.0382 1712  sfloppy - ok
17:52:38.0428 1712  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\windows\System32\ipnathlp.dll
17:52:38.0482 1712  SharedAccess - ok
17:52:38.0508 1712  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:52:38.0581 1712  ShellHWDetection - ok
17:52:38.0614 1712  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\drivers\sisagp.sys
17:52:38.0642 1712  sisagp - ok
17:52:38.0681 1712  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
17:52:38.0699 1712  SiSRaid2 - ok
17:52:38.0718 1712  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
17:52:38.0743 1712  SiSRaid4 - ok
17:52:38.0761 1712  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\windows\system32\DRIVERS\smb.sys
17:52:38.0793 1712  Smb - ok
17:52:38.0868 1712  [ EB49860E776CE860DC3CFB9EDB1BA517 ] snapman         C:\windows\system32\DRIVERS\snapman.sys
17:52:38.0893 1712  snapman - ok
17:52:38.0923 1712  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
17:52:38.0960 1712  SNMPTRAP - ok
17:52:38.0982 1712  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\windows\system32\drivers\spldr.sys
17:52:39.0001 1712  spldr - ok
17:52:39.0039 1712  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\windows\System32\spoolsv.exe
17:52:39.0079 1712  Spooler - ok
17:52:39.0154 1712  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\windows\system32\sppsvc.exe
17:52:39.0286 1712  sppsvc - ok
17:52:39.0351 1712  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\windows\system32\sppuinotify.dll
17:52:39.0417 1712  sppuinotify - ok
17:52:39.0444 1712  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\windows\system32\DRIVERS\srv.sys
17:52:39.0494 1712  srv - ok
17:52:39.0528 1712  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
17:52:39.0601 1712  srv2 - ok
17:52:39.0635 1712  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
17:52:39.0697 1712  srvnet - ok
17:52:39.0746 1712  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
17:52:39.0798 1712  SSDPSRV - ok
17:52:39.0821 1712  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\windows\system32\sstpsvc.dll
17:52:39.0875 1712  SstpSvc - ok
17:52:39.0902 1712  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
17:52:39.0918 1712  stexstor - ok
17:52:39.0993 1712  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\windows\System32\wiaservc.dll
17:52:40.0027 1712  StiSvc - ok
17:52:40.0051 1712  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\drivers\swenum.sys
17:52:40.0066 1712  swenum - ok
17:52:40.0121 1712  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\windows\System32\swprv.dll
17:52:40.0221 1712  swprv - ok
17:52:40.0294 1712  [ 215A45246C6E2D0A9C263CE1786C8D8A ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
17:52:40.0332 1712  SynTP - ok
17:52:40.0428 1712  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\windows\system32\sysmain.dll
17:52:40.0465 1712  SysMain - ok
17:52:40.0504 1712  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
17:52:40.0569 1712  TabletInputService - ok
17:52:40.0660 1712  [ 8CF6E2AE1707D82E904ECCA68CEF8B87 ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
17:52:40.0738 1712  tap0901 - ok
17:52:40.0765 1712  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\windows\System32\tapisrv.dll
17:52:40.0853 1712  TapiSrv - ok
17:52:40.0894 1712  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\windows\System32\tbssvc.dll
17:52:40.0970 1712  TBS - ok
17:52:41.0051 1712  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
17:52:41.0092 1712  Tcpip - ok
17:52:41.0194 1712  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
17:52:41.0234 1712  TCPIP6 - ok
17:52:41.0280 1712  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
17:52:41.0332 1712  tcpipreg - ok
17:52:41.0360 1712  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
17:52:41.0420 1712  TDPIPE - ok
17:52:41.0549 1712  [ 431801FCC97034E04A6EFF81136578D7 ] tdrpman273      C:\windows\system32\DRIVERS\tdrpm273.sys
17:52:41.0605 1712  tdrpman273 - ok
17:52:41.0662 1712  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
17:52:41.0782 1712  TDTCP - ok
17:52:41.0819 1712  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
17:52:41.0851 1712  tdx - ok
17:52:41.0891 1712  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\windows\system32\drivers\termdd.sys
17:52:41.0906 1712  TermDD - ok
17:52:42.0046 1712  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\windows\System32\termsrv.dll
17:52:42.0144 1712  TermService - ok
17:52:42.0198 1712  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
17:52:42.0273 1712  Themes - ok
17:52:42.0303 1712  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\windows\system32\mmcss.dll
17:52:42.0378 1712  THREADORDER - ok
17:52:42.0538 1712  [ A34D7024BB7140EC785C86BC065D4F60 ] timounter       C:\windows\system32\DRIVERS\timntr.sys
17:52:42.0578 1712  timounter - ok
17:52:42.0615 1712  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
17:52:42.0710 1712  TrkWks - ok
17:52:42.0760 1712  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:52:42.0815 1712  TrustedInstaller - ok
17:52:42.0837 1712  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
17:52:42.0926 1712  tssecsrv - ok
17:52:43.0003 1712  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
17:52:43.0104 1712  TsUsbFlt - ok
17:52:43.0167 1712  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
17:52:43.0265 1712  tunnel - ok
17:52:43.0346 1712  TwonkyMedia - ok
17:52:43.0388 1712  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
17:52:43.0403 1712  uagp35 - ok
17:52:43.0435 1712  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\windows\system32\DRIVERS\udfs.sys
17:52:43.0467 1712  udfs - ok
17:52:43.0523 1712  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\windows\system32\UI0Detect.exe
17:52:43.0607 1712  UI0Detect - ok
17:52:43.0647 1712  [ E0E3268453C3D4ED68A632099482B543 ] UimBus          C:\windows\system32\DRIVERS\UimBus.sys
17:52:43.0665 1712  UimBus - ok
17:52:43.0723 1712  [ 71FC84677AF3F6416338B14EFE02DDD7 ] Uim_IM          C:\windows\system32\Drivers\Uim_IM.sys
17:52:43.0759 1712  Uim_IM - ok
17:52:43.0791 1712  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
17:52:43.0809 1712  uliagpkx - ok
17:52:43.0832 1712  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\windows\system32\DRIVERS\umbus.sys
17:52:43.0873 1712  umbus - ok
17:52:43.0948 1712  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
17:52:43.0992 1712  UmPass - ok
17:52:44.0030 1712  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
17:52:44.0125 1712  upnphost - ok
17:52:44.0170 1712  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\windows\system32\Drivers\usbaapl.sys
17:52:44.0297 1712  USBAAPL - ok
17:52:44.0425 1712  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
17:52:44.0517 1712  usbaudio - ok
17:52:44.0535 1712  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
17:52:44.0616 1712  usbccgp - ok
17:52:44.0644 1712  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\windows\system32\drivers\usbcir.sys
17:52:44.0718 1712  usbcir - ok
17:52:44.0784 1712  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
17:52:44.0837 1712  usbehci - ok
17:52:44.0900 1712  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
17:52:44.0985 1712  usbhub - ok
17:52:45.0013 1712  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\windows\system32\DRIVERS\usbohci.sys
17:52:45.0089 1712  usbohci - ok
17:52:45.0095 1712  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
17:52:45.0145 1712  usbprint - ok
17:52:45.0172 1712  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
17:52:45.0241 1712  USBSTOR - ok
17:52:45.0268 1712  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
17:52:45.0328 1712  usbuhci - ok
17:52:45.0377 1712  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
17:52:45.0400 1712  usbvideo - ok
17:52:45.0444 1712  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\windows\System32\uxsms.dll
17:52:45.0472 1712  UxSms - ok
17:52:45.0511 1712  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\windows\system32\lsass.exe
17:52:45.0532 1712  VaultSvc - ok
17:52:45.0605 1712  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
17:52:45.0625 1712  vdrvroot - ok
17:52:45.0736 1712  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\windows\System32\vds.exe
17:52:45.0791 1712  vds - ok
17:52:45.0881 1712  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
17:52:45.0906 1712  vga - ok
17:52:45.0949 1712  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\windows\System32\drivers\vga.sys
17:52:46.0020 1712  VgaSave - ok
17:52:46.0083 1712  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
17:52:46.0151 1712  vhdmp - ok
17:52:46.0181 1712  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\drivers\viaagp.sys
17:52:46.0203 1712  viaagp - ok
17:52:46.0237 1712  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\windows\system32\DRIVERS\viac7.sys
17:52:46.0284 1712  ViaC7 - ok
17:52:46.0301 1712  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\drivers\viaide.sys
17:52:46.0342 1712  viaide - ok
17:52:46.0355 1712  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\windows\system32\drivers\volmgr.sys
17:52:46.0381 1712  volmgr - ok
17:52:46.0408 1712  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
17:52:46.0438 1712  volmgrx - ok
17:52:46.0456 1712  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\windows\system32\drivers\volsnap.sys
17:52:46.0485 1712  volsnap - ok
17:52:46.0517 1712  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
17:52:46.0551 1712  vsmraid - ok
17:52:46.0618 1712  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\windows\system32\vssvc.exe
17:52:46.0725 1712  VSS - ok
17:52:46.0739 1712  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
17:52:46.0785 1712  vwifibus - ok
17:52:46.0807 1712  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
17:52:46.0848 1712  vwififlt - ok
17:52:46.0881 1712  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
17:52:46.0925 1712  vwifimp - ok
17:52:46.0948 1712  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\windows\system32\w32time.dll
17:52:47.0014 1712  W32Time - ok
17:52:47.0034 1712  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
17:52:47.0069 1712  WacomPen - ok
17:52:47.0088 1712  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
17:52:47.0149 1712  WANARP - ok
17:52:47.0153 1712  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
17:52:47.0213 1712  Wanarpv6 - ok
17:52:47.0249 1712  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\windows\system32\wbengine.exe
17:52:47.0346 1712  wbengine - ok
17:52:47.0369 1712  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
17:52:47.0421 1712  WbioSrvc - ok
17:52:47.0453 1712  [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm        C:\windows\WindowsMobile\wcescomm.dll
17:52:47.0508 1712  WcesComm - ok
17:52:47.0584 1712  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\windows\System32\wcncsvc.dll
17:52:47.0640 1712  wcncsvc - ok
17:52:47.0680 1712  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:52:47.0751 1712  WcsPlugInService - ok
17:52:47.0772 1712  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\DRIVERS\wd.sys
17:52:47.0803 1712  Wd - ok
17:52:47.0833 1712  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
17:52:47.0863 1712  Wdf01000 - ok
17:52:47.0880 1712  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
17:52:47.0993 1712  WdiServiceHost - ok
17:52:47.0998 1712  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\windows\system32\wdi.dll
17:52:48.0043 1712  WdiSystemHost - ok
17:52:48.0077 1712  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\windows\System32\webclnt.dll
17:52:48.0140 1712  WebClient - ok
17:52:48.0176 1712  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
17:52:48.0264 1712  Wecsvc - ok
17:52:48.0372 1712  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\windows\System32\wercplsupport.dll
17:52:48.0436 1712  wercplsupport - ok
17:52:48.0477 1712  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
17:52:48.0520 1712  WerSvc - ok
17:52:48.0556 1712  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
17:52:48.0600 1712  WfpLwf - ok
17:52:48.0631 1712  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
17:52:48.0661 1712  WIMMount - ok
17:52:48.0715 1712  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:52:48.0814 1712  WinDefend - ok
17:52:48.0830 1712  WinHttpAutoProxySvc - ok
17:52:48.0877 1712  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
17:52:48.0973 1712  Winmgmt - ok
17:52:49.0023 1712  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\windows\system32\WsmSvc.dll
17:52:49.0181 1712  WinRM - ok
17:52:49.0233 1712  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WINUSB          C:\windows\system32\DRIVERS\WinUSB.SYS
17:52:49.0275 1712  WINUSB - ok
17:52:49.0319 1712  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\windows\System32\wlansvc.dll
17:52:49.0359 1712  Wlansvc - ok
17:52:49.0409 1712  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
17:52:49.0467 1712  WmiAcpi - ok
17:52:49.0498 1712  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
17:52:49.0544 1712  wmiApSrv - ok
17:52:49.0632 1712  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:52:49.0752 1712  WMPNetworkSvc - ok
17:52:49.0779 1712  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
17:52:49.0921 1712  WPCSvc - ok
17:52:49.0949 1712  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
17:52:50.0031 1712  WPDBusEnum - ok
17:52:50.0050 1712  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
17:52:50.0153 1712  ws2ifsl - ok
17:52:50.0181 1712  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\windows\System32\wscsvc.dll
17:52:50.0366 1712  wscsvc - ok
17:52:50.0371 1712  WSearch - ok
17:52:50.0551 1712  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\windows\system32\wuaueng.dll
17:52:50.0665 1712  wuauserv - ok
17:52:50.0692 1712  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
17:52:50.0759 1712  WudfPf - ok
17:52:50.0833 1712  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
17:52:50.0874 1712  WUDFRd - ok
17:52:50.0911 1712  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
17:52:50.0941 1712  wudfsvc - ok
17:52:50.0989 1712  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\windows\System32\wwansvc.dll
17:52:51.0048 1712  WwanSvc - ok
17:52:51.0102 1712  [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7         C:\windows\system32\DRIVERS\yk62x86.sys
17:52:51.0235 1712  yukonw7 - ok
17:52:51.0285 1712  ================ Scan global ===============================
17:52:51.0326 1712  [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
17:52:51.0355 1712  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
17:52:51.0388 1712  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
17:52:51.0410 1712  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
17:52:51.0481 1712  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
17:52:51.0487 1712  [Global] - ok
17:52:51.0487 1712  ================ Scan MBR ==================================
17:52:51.0506 1712  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
17:52:52.0846 1712  \Device\Harddisk0\DR0 - ok
17:52:52.0846 1712  ================ Scan VBR ==================================
17:52:52.0857 1712  [ F92B9D6B59FD66260C04087457A4D6E1 ] \Device\Harddisk0\DR0\Partition1
17:52:52.0859 1712  \Device\Harddisk0\DR0\Partition1 - ok
17:52:52.0875 1712  [ EA3D5AF9E4B5BBE81CA9413A9D98A47F ] \Device\Harddisk0\DR0\Partition2
17:52:52.0878 1712  \Device\Harddisk0\DR0\Partition2 - ok
17:52:52.0893 1712  [ C462CC011C11D5F27E1202087D84D103 ] \Device\Harddisk0\DR0\Partition3
17:52:52.0896 1712  \Device\Harddisk0\DR0\Partition3 - ok
17:52:52.0897 1712  ============================================================
17:52:52.0897 1712  Scan finished
17:52:52.0897 1712  ============================================================
17:52:52.0923 6020  Detected object count: 4
17:52:52.0923 6020  Actual detected object count: 4
17:53:09.0245 6020  DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:09.0245 6020  DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:53:09.0245 6020  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:09.0245 6020  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:53:09.0245 6020  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:09.0245 6020  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:53:09.0255 6020  NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
17:53:09.0255 6020  NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 10.06.2013, 19:11   #6
markusg
/// Malware-holic
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> wssetup.exe erscheint beim Starten

Alt 11.06.2013, 18:47   #7
Seoman1958
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Hier ist das Logfile:

Code:
ATTFilter
ComboFix 13-06-08.02 - Michael 11.06.2013  19:39:16.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3037.1970 [GMT 2:00]
ausgeführt von:: c:\users\Michael\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Examples
c:\programdata\FullRemove.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-11 bis 2013-06-11  ))))))))))))))))))))))))))))))
.
.
2013-06-11 17:45 . 2013-06-11 17:45	--------	d-----w-	c:\users\Michael\AppData\Local\temp
2013-06-11 17:45 . 2013-06-11 17:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-26 18:58 . 2013-05-26 18:58	--------	d-----w-	c:\programdata\Nikon
2013-05-26 14:15 . 2013-05-26 14:15	--------	d-----w-	c:\programdata\Multipressor
2013-05-26 14:10 . 2013-05-26 18:32	--------	d-----w-	c:\users\Michael\AppData\Roaming\Nikon
2013-05-26 14:10 . 2013-05-26 14:10	--------	d-----w-	c:\users\Michael\AppData\Local\Nikon
2013-05-26 13:50 . 2013-04-10 03:14	2347520	----a-w-	c:\windows\system32\win32k.sys
2013-05-26 13:49 . 2013-02-27 05:05	101720	----a-w-	c:\windows\system32\consent.exe
2013-05-26 13:49 . 2013-02-27 04:49	1796096	----a-w-	c:\windows\system32\authui.dll
2013-05-26 13:49 . 2013-02-27 04:49	47104	----a-w-	c:\windows\system32\appinfo.dll
2013-05-26 13:49 . 2013-03-19 04:53	186368	----a-w-	c:\windows\system32\wwansvc.dll
2013-05-26 13:49 . 2013-03-19 03:33	40960	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-05-26 13:48 . 2013-04-10 05:18	728424	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-26 13:48 . 2013-04-10 05:18	218984	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-26 13:45 . 2013-05-26 13:45	--------	d--h--r-	c:\programdata\Extensions
2013-05-26 13:44 . 2013-05-26 13:47	--------	d-----w-	c:\program files\Common Files\Nikon
2013-05-26 13:44 . 2013-05-26 13:49	--------	d-----w-	c:\program files\Nikon
2013-05-26 13:43 . 2013-05-26 13:43	106496	----a-w-	c:\windows\system32\ATL71.DLL
2013-05-26 13:43 . 2013-05-26 14:15	--------	d-----w-	c:\programdata\Ultima_T15
2013-05-26 13:43 . 2013-05-26 14:15	--------	d-----w-	c:\programdata\EnterNHelp
2013-05-26 13:43 . 2013-05-26 13:43	--------	d-----w-	c:\programdata\Flags
2013-05-26 13:43 . 2013-05-26 13:43	--------	d-----w-	c:\programdata\Electric Clav
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-26 13:49 . 2012-04-01 17:24	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-05-26 13:49 . 2011-06-12 14:48	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-01 10:47 . 2012-10-12 11:21	16048	----a-w-	c:\windows\system32\drivers\GdPhyMem.sys
2013-04-13 04:45 . 2013-05-26 13:50	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-26 13:50	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-27 18:57	1211752	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 03:08 . 2013-04-30 10:34	6906960	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0F39717-35B5-481C-B81E-BEC2B2E69B99}\mpengine.dll
2013-03-29 00:53 . 2013-03-29 00:53	208184	----a-w-	c:\windows\system32\drivers\avgidsdriverx.sys
2013-03-24 09:42 . 2013-03-24 09:42	745472	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-24 09:42 . 2013-03-24 09:42	523264	----a-w-	c:\windows\system32\vbscript.dll
2013-03-24 09:42 . 2013-03-24 09:42	38400	----a-w-	c:\windows\system32\imgutil.dll
2013-03-24 09:42 . 2013-03-24 09:42	185344	----a-w-	c:\windows\system32\elshyph.dll
2013-03-24 09:42 . 2013-03-24 09:42	158720	----a-w-	c:\windows\system32\msls31.dll
2013-03-24 09:42 . 2013-03-24 09:42	150528	----a-w-	c:\windows\system32\iexpress.exe
2013-03-24 09:42 . 2013-03-24 09:42	138752	----a-w-	c:\windows\system32\wextract.exe
2013-03-24 09:42 . 2013-03-24 09:42	137216	----a-w-	c:\windows\system32\ieUnatt.exe
2013-03-24 09:42 . 2013-03-24 09:42	12800	----a-w-	c:\windows\system32\mshta.exe
2013-03-24 09:42 . 2013-03-24 09:42	110592	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-03-24 09:42 . 2013-03-24 09:42	73728	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-03-24 09:42 . 2013-03-24 09:42	719360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-03-24 09:42 . 2013-03-24 09:42	61952	----a-w-	c:\windows\system32\tdc.ocx
2013-03-24 09:42 . 2013-03-24 09:42	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-03-24 09:42 . 2013-03-24 09:42	361984	----a-w-	c:\windows\system32\html.iec
2013-03-24 09:42 . 2013-03-24 09:42	23040	----a-w-	c:\windows\system32\licmgr10.dll
2013-03-24 09:42 . 2013-03-24 09:42	1441280	----a-w-	c:\windows\system32\inetcpl.cpl
2013-03-21 01:08 . 2013-03-21 01:08	182072	----a-w-	c:\windows\system32\drivers\avgtdix.sys
2013-03-19 05:04 . 2013-04-12 17:11	3968856	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-12 17:11	3913560	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-12 17:11	38912	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-12 17:11	69632	----a-w-	c:\windows\system32\smss.exe
2012-09-23 07:54 . 2012-09-23 07:54	4096000	----a-w-	c:\program files\GUTF4CB.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-11-21 8092192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-10 1578280]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"APLangApp"="c:\program files\AnyPC Client\APLangApp.exe" [2009-10-20 13312]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-06-29 74752]
"DBHAgent"="c:\program files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhagent.exe" [2010-07-14 68176]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SAOB Monitor"="c:\program files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-09-22 2571032]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-22 5587832]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-09-22 395344]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]
"Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [2013-05-13 4937264]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe [2012-04-26 2438696]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS.exe [2009-08-24 406016]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-09-27 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-09-27 11136]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 GdPhyMem;GdPhyMem;c:\windows\system32\drivers\GdPhyMem.sys [2013-05-01 16048]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2012-09-27 90368]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2012-09-27 26624]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2012-09-27 181760]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2013-02-08 60216]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2013-02-08 245048]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2013-02-08 39224]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2010-07-14 56208]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2012-08-19 752128]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-03-29 208184]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2013-03-01 22328]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2013-02-08 170808]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-03-21 182072]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
S2 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2012-08-19 3246040]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [2013-04-18 283136]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-02-26 3623424]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]
S2 TwonkyMedia;TwonkyMedia;c:\program files\TwonkyMedia\twonkymediaserverwatchdog.exe [2009-12-17 149136]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-08-19 167968]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-09-27 73216]
S3 Paragon System Backup Dienst;Paragon System Backup Dienst;c:\program files\Paragon Software\Backup and Recovery 11 Kompakt\program\dbhservice.exe [2010-07-14 150096]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:49]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-06 14:12]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-06 14:12]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{C4BDC275-5456-4B8E-AD67-E39D988F8DBC}: NameServer = 139.7.30.125 139.7.30.126
FF - ProfilePath - c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\mulazplg.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.htp.net/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-{013CCA52-DA56-4133-AC2B-1988A9568C30} - c:\programdata\{1E8C7AE2-4367-4069-9771-8176841822C4}\Audio 4 DJ Driver Setup.exe
AddRemove-{0886900B-B2F3-452C-B580-60F1253F7F80} - c:\programdata\{20EFD19B-675C-417B-A498-B0161D72FF88}\Controller Editor Setup PC.exe
AddRemove-{0B8565BA-BAD5-4732-B122-5FD78EFC50A9} - c:\programdata\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}\Service Center Setup.exe
AddRemove-{23A66953-369C-4d22-A189-C6E403D4A19F} - c:\programdata\{12C9D0C8-20A9-478B-A1E2-4A2B318DEF2E}\Audio 2 DJ Driver Setup.exe
AddRemove-{2AAC4085-DCBF-417B-AEBD-182197839240} - c:\programdata\{EABD1E45-B7E9-4848-8E7A-C9D68488B361}\Traktor Setup PC.exe
AddRemove-{612601db-4776-4127-bab5-d84b8644e530} - c:\programdata\{B4EC8631-3359-4312-83DE-2903C693758B}\Traktor Kontrol X1 Driver Setup.exe
AddRemove-{C5089197-5B15-44AD-B0FC-2E94EE9ECB63} - c:\programdata\{33588740-582D-4EBF-BFB5-B796C5594E33}\WSC.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-11  19:47:59
ComboFix-quarantined-files.txt  2013-06-11 17:47
.
Vor Suchlauf: 18 Verzeichnis(se), 29.542.993.920 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 29.675.630.592 Bytes frei
.
- - End Of File - - BA3664D1FAA0D0A2CD67749F5906BB05
2E5DEBB2116B3417023E0D6562D7ED07
         

Alt 11.06.2013, 18:56   #8
markusg
/// Malware-holic
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 18:58   #9
Seoman1958
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Hallo hier einmal der Bericht von heute und der Bericht von gestern:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.11.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16576
Michael :: MICHAEL-PC [Administrator]

12.06.2013 18:22:47
mbam-log-2013-06-12 (18-22-47).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 454331
Laufzeit: 1 Stunde(n), 30 Minute(n), 35 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
D:\Software Microsoft\O&O Defrag Professional Edition v8.0.1341 Deutsch-German Keygen\O&O Defrag Professional v8.0.1341 KEYGEN.exe (Riskware.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.11.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16576
Michael :: MICHAEL-PC [Administrator]

11.06.2013 22:21:06
mbam-log-2013-06-11 (22-21-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 108591
Laufzeit: 38 Minute(n), 36 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\O&O Defrag Professional Edition v8.0.1341 Deutsch-German Keygen\O&O Defrag Professional v8.0.1341 KEYGEN.exe (Riskware.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Michael\Downloads\agsetup183se.exe (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Alt 12.06.2013, 20:17   #10
markusg
/// Malware-holic
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



die D:\Software Microsoft\O&O Defrag Professional Edition v8.0.1341 Deutsch-German Keygen\O&O Defrag Professional v8.0.1341 KEYGEN.exe (Riskware.Tool.CK) ->
verwendung von keygens ist illegal deswegen gibts hier nur hilfe biem neu aufsetzen
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 20:55   #11
Seoman1958
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



Habe das Programm und diesen Keygen runtergeschmissen. Programm war auch nicht installiert oder sonstiges. Hatte lediglich diesen Keygen drauf, was mich sehr wundert, weil ich das Programm nie genutzt habe.

Ist die Neuaufsetzung des Systems zwingend erfoderlich um es zu bereinigen?

Alt 12.06.2013, 21:03   #12
markusg
/// Malware-holic
 
wssetup.exe erscheint beim Starten - Standard

wssetup.exe erscheint beim Starten



ja.
wie gesagt wirst du hier zu sonstigen Fragen bis das system neu gemacht wurde keine Antworten erhalten, wenn ich jedes mal n € bekommen würde, für solche oder ähnlich eSätze wie von dir...
Keygens haben viele, nutzen tut sie dann merkwürdigerweise keiner :-)
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu wssetup.exe erscheint beim Starten
autorun, bonjour, converter, cyberghost, desktop, error, firefox, flash player, format, home, iexplore.exe, install.exe, installation, mozilla, msiexec.exe, problem, realtek, registry, rundll, scan, security, senden, software, starten, svchost.exe, udp, windows



Ähnliche Themen: wssetup.exe erscheint beim Starten


  1. Beim starten von Windows 7 erscheint kurz ein Blauer Bildschirm mit englischem Text
    Plagegeister aller Art und deren Bekämpfung - 15.11.2015 (11)
  2. Fehlermeldung beim Starten von Win 8.1 - RunDll Problem bei Starten Falscher Parameter
    Alles rund um Windows - 04.10.2015 (13)
  3. Es erscheint beim Starten die meldung: Die Ausnahme "unknown software exception" (0
    Plagegeister aller Art und deren Bekämpfung - 03.05.2015 (38)
  4. Windows 8.1: Ständige Blue Screens beim Starten und beim Spielen
    Alles rund um Windows - 27.11.2014 (9)
  5. Win7: Nach Neustart erscheint RunDLL-Window mit "Problem beim Starten von C:\Program Files (x86)\HomeTab\TBUpdater.dll"
    Plagegeister aller Art und deren Bekämpfung - 17.12.2013 (8)
  6. Ordner mit HRUPPROG.TXT und HRUPPROG.DIE.NOW erscheint beim starten
    Log-Analyse und Auswertung - 06.12.2013 (9)
  7. Beim Starten der Internetexplorer (IE11,Crome,usw.) erscheint immer die Seite " do-search"
    Plagegeister aller Art und deren Bekämpfung - 22.11.2013 (19)
  8. Win7: Nach Neustart erscheint RunDLL-Window mit "Problem beim Starten von C:\Program Files (x86)\HomeTab\TBUpdater.dll"
    Log-Analyse und Auswertung - 04.11.2013 (7)
  9. wssetup.exe immer wieder beim hochfahren
    Plagegeister aller Art und deren Bekämpfung - 12.07.2013 (33)
  10. wssetup.exe von Perion erscheint nach Computerstart - wie kann ich dies entfernen
    Plagegeister aller Art und deren Bekämpfung - 06.07.2013 (14)
  11. Wssetup.exe von Perion beim Windows-Start
    Log-Analyse und Auswertung - 17.06.2013 (5)
  12. Wahrscheinlich was eingefangen. wssetup.exe erscheint beim booten; "freezed" bildschirm
    Plagegeister aller Art und deren Bekämpfung - 12.06.2013 (33)
  13. Aufforderung die wssetup.exe von Perion zu starten erscheint nach Rechnerstart !
    Log-Analyse und Auswertung - 12.06.2013 (21)
  14. wssetup.exe von Perion erscheint nach Computerstart
    Plagegeister aller Art und deren Bekämpfung - 12.06.2013 (9)
  15. parking supernova advertising erscheint beim starten einer Internetseite
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (1)
  16. Fehlermeldung beim Systemstart: Problem beim Starten von C/User...appdata..exe
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (25)
  17. Beim starten von Mozilla erscheint folgende Seite: http://www.searchnu.com/410.
    Log-Analyse und Auswertung - 23.07.2012 (1)

Zum Thema wssetup.exe erscheint beim Starten - Ich habe auch das Problem mit dem wssetup.exe beim Starten meines Notebooks. Vielen Dank für eure Hilfe! Hier meine beiden Logfiles: PHP-Code: OTL logfile created on :  6 / 9 / 2013 5 : - wssetup.exe erscheint beim Starten...
Archiv
Du betrachtest: wssetup.exe erscheint beim Starten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.