Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: wssetup.exe - Virus ja/ nein?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.06.2013, 14:59   #1
Trollo
 
wssetup.exe - Virus ja/ nein? - Ausrufezeichen

wssetup.exe - Virus ja/ nein?



Hi,
hatte mal vor einiger Zeit Sweet Home 3D. Wie ich schon wo anderes gelesen habe, ist dies von Perion Network ltd. Seit nun ca. ein - 2 wochen kommt immer beim neustart die anfrage ob ich wssetup.exe ausführen will.

-> Ist dies ein Virus ja/ nein?
-> Wenn ja: Wie schädlich ist er? (Hab mich weiterhin überall eingeloggt Facebook etc.)
-> Ich habe schon gelesen, dass es zur Bereinigung Anleitungen hier im Forum gibt. Muss ich die befolgen oder reicht es wenn ich einfach dem Pfad folge und wssetup.exe lösche?

Alt 11.06.2013, 15:10   #2
markusg
/// Malware-holic
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



hi warscheinlich adware

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 11.06.2013, 15:27   #3
Trollo
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



Danke für die schnelle antwort! hier die log-files:

OTL.txt
Code:
ATTFilter
OTL logfile created on: 11.06.2013 16:31:21 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,80 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 56,28% Memory free
7,60 Gb Paging File | 6,02 Gb Available in Paging File | 79,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 272,44 Gb Free Space | 64,15% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 20,45 Gb Free Space | 51,13% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.11 16:08:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\****\Downloads\OTL.exe
PRC - [2013.05.27 10:58:08 | 000,016,176 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\stij.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe
PRC - [2012.08.15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012.06.11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
PRC - [2012.05.29 15:50:04 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2011.11.22 10:59:30 | 000,018,432 | ---- | M] () -- C:\Users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
PRC - [2010.01.13 10:18:30 | 000,413,696 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\WButton.exe
PRC - [2009.12.14 11:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
PRC - [2009.12.11 15:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\OSD.exe
PRC - [2009.12.10 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.12.10 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.11.07 04:46:52 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
PRC - [2009.11.02 15:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.10.22 17:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
PRC - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.27 10:58:08 | 000,016,176 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\stij.exe
MOD - [2013.05.27 10:56:42 | 000,382,976 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\lmrn.dll
MOD - [2013.02.05 09:25:06 | 000,362,029 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\sqlite3.dll
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY CBE\ENGINE\20.3.1.22\wincfi39.dll
MOD - [2009.11.02 15:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 15:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.05.21 15:31:12 | 001,447,728 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (IBUpdaterService)
SRV:64bit: - [2007.05.29 12:06:05 | 001,053,104 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdfcoms.exe -- (lxdf_device)
SRV:64bit: - [2007.05.29 12:05:48 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdfserv.exe -- (lxdfCATSCustConnectService)
SRV - [2013.05.26 13:12:28 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.15 18:47:18 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe -- (NIS)
SRV - [2012.09.15 22:29:18 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.06.11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012.06.11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2011.11.22 10:59:30 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe -- (StumbleUponUpdater)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.12.10 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.12.10 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.11.07 04:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - [2009.10.22 17:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.05.29 12:06:44 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdfcoms.exe -- (lxdf_device)
SRV - [2007.05.29 12:05:48 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdfserv.exe -- (lxdfCATSCustConnectService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.01.31 05:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.01.31 05:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.01.29 03:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.01.29 03:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.01.22 04:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.sys -- (SymDS)
DRV:64bit: - [2012.12.03 21:58:49 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.11.16 04:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.11.16 04:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012.08.08 19:50:44 | 000,043,680 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.04.01 10:13:36 | 001,100,320 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2010.02.10 16:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.08 04:51:38 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.12.22 19:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.12.11 05:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.10.02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.18 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.08.13 17:39:42 | 000,909,408 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod77-64.sys -- (mod7764)
DRV:64bit: - [2009.07.31 03:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.13 13:47:44 | 000,032,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\x10ufx2.sys -- (XUIF)
DRV:64bit: - [2009.05.13 13:26:14 | 000,015,896 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\x10hid.sys -- (X10Hid)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.05.31 18:58:18 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130531.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.05.22 15:06:46 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130611.003\ex64.sys -- (NAVEX15)
DRV - [2013.05.22 15:06:46 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130611.003\eng64.sys -- (NAVENG)
DRV - [2012.11.30 17:26:28 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130608.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.08.18 03:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.08.18 03:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2F868CD0-AD97-437E-BD93-53B418FA2571}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=crm&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=b4f8336b-4611-44f0-923f-349b2900928c&apn_sauid=4F0BF6F6-C7F4-4908-9EB2-CFC93614F817
IE - HKCU\..\SearchScopes\{873ACA02-5E0E-4BF3-A16C-1A3217884D7A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7B152455DE-7B40-4bcf-B5B4-C68A1BE85A91%7D:2.7
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.9
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%205
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.3.5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10001&q="
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://www.cojobo.net/proxy.pac."
FF - prefs.js..network.proxy.backup.ftp: "proxy-1.cojobo.net"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.socks: "proxy-1.cojobo.net"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "proxy-1.cojobo.net"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "proxy-1.cojobo.net"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "proxy-1.cojobo.net"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "proxy-1.cojobo.net"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "proxy-1.cojobo.net"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2012.12.03 21:59:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2013.06.11 15:40:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.09.15 16:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions
[2013.05.25 23:47:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\n1faaxrq.default\extensions
[2013.05.20 11:45:13 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\n1faaxrq.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.09.15 16:39:32 | 000,000,000 | ---D | M] (Domain Details) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\n1faaxrq.default\extensions\{152455DE-7B40-4bcf-B5B4-C68A1BE85A91}
[2013.05.16 17:19:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\n1faaxrq.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.09.15 16:36:44 | 000,000,000 | ---D | M] (Foxdie) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\n1faaxrq.default\extensions\Foxdie@tanjihay.com
[2013.04.05 15:30:34 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\n1faaxrq.default\extensions\ich@maltegoetz.de
[2012.09.23 14:03:28 | 000,000,000 | ---D | M] (StumbleUpon) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\n1faaxrq.default\extensions\toolbar@stumbleupon.com
[2013.05.25 23:47:23 | 002,168,615 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\n1faaxrq.default\extensions\firebug@software.joehewitt.com.xpi
[2013.05.08 19:34:02 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\n1faaxrq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.15 20:36:58 | 000,002,322 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\n1faaxrq.default\searchplugins\askcom.xml
[2013.06.11 15:40:49 | 000,002,120 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\n1faaxrq.default\searchplugins\MyStart.xml
[2013.01.22 18:11:02 | 000,002,482 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\n1faaxrq.default\searchplugins\safesearch.xml
[2012.09.23 18:03:14 | 000,003,915 | ---- | M] () -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\n1faaxrq.default\searchplugins\sweetim.xml
[2013.05.26 13:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.26 13:12:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.11 15:40:57 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\COFFPLGN
[2012.12.03 21:59:14 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPLGN
 
O1 HOSTS File: ([2012.12.03 22:41:57 | 000,000,825 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (StumbleUpon) - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Premium\TrayServer.exe (MAGIX AG)
O4 - HKLM..\Run: [Wbutton] C:\Program Files (x86)\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///C:/Users/****/Videos/gudrun/components/hidinputmonitorx.ocx (HidInputMonitorX Control)
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///C:/Users/****/Videos/gudrun/components/A9.ocx (A9Helper.A9)
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///C:/Users/****/Videos/gudrun/components/wmvhdrating.ocx (WMVHDRatingCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24451CC3-ED24-4154-906D-2DAA1B426EFB}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3AA168C-50E9-4DF6-B9A9-C21845E56634}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
 
MsConfig:64bit - StartUpReg: Lexmark 6500 Series - hkey= - key= - C:\Program Files (x86)\Lexmark 6500 Series\fm3032.exe ()
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig:64bit - StartUpReg: lxdfamon - hkey= - key= - C:\Program Files (x86)\Lexmark 6500 Series\lxdfamon.exe ()
MsConfig:64bit - StartUpReg: lxdfmon.exe - hkey= - key= - C:\Program Files (x86)\Lexmark 6500 Series\lxdfmon.exe ()
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.02 15:17:48 | 000,033,792 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013.06.02 15:17:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\jmdp
[2013.06.02 15:17:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ARFC
[2013.06.02 15:17:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT
[2013.05.30 12:00:24 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.2
[2013.05.30 12:00:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GeoGebra 4.2
[2013.05.27 20:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.05.26 13:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.23 16:55:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.05.23 16:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.05.18 22:22:46 | 000,000,000 | ---D | C] -- C:\Users\****\Photo(graphie)
[2010.12.16 21:39:36 | 000,302,592 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmmux.dll
[2010.12.16 21:39:16 | 000,701,440 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8encoder.dll
[2010.12.16 21:39:16 | 000,412,672 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8decoder.dll
[2010.12.16 21:39:14 | 000,292,352 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmsplit.dll
[2009.07.11 23:02:04 | 000,653,120 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCR90.dll
[2009.07.11 23:02:02 | 000,569,664 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCP90.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.11 15:48:08 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 15:48:08 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 15:46:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.11 15:40:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.11 15:40:31 | 3062,837,248 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.10 20:06:07 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.10 20:06:07 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.10 20:06:07 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.10 20:06:07 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.10 20:06:07 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.04 20:48:22 | 001,189,258 | ---- | M] () -- C:\Users\****\Documents\Schlagzeug.MMM
[2013.06.04 20:39:35 | 001,189,258 | ---- | M] () -- C:\Users\****\Documents\Schlagzeug_BAK1.MM_
[2013.06.04 20:28:20 | 001,189,258 | ---- | M] () -- C:\Users\****\Documents\Schlagzeug_BAK0.MM_
[2013.06.04 08:34:29 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013.05.31 21:23:50 | 000,042,233 | ---- | M] () -- C:\Users\****\AppData\Local\recently-used.xbel
[2013.05.24 04:09:47 | 000,008,063 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.cat
[2013.05.23 07:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys
[2013.05.23 07:25:28 | 000,007,587 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.cat
[2013.05.23 07:25:28 | 000,003,434 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa.inf
[2013.05.21 15:31:12 | 001,447,728 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2013.05.21 15:30:18 | 000,033,792 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013.05.21 07:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.sys
[2013.05.21 07:02:00 | 000,002,852 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds.inf
[2013.05.21 06:40:20 | 000,008,067 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat
[2013.05.19 15:30:58 | 000,045,629 | ---- | M] () -- C:\Users\****\Documents\Facebook.jpg
[2013.05.18 22:58:39 | 000,000,123 | ---- | M] () -- C:\Users\****\.gtk-bookmarks
[2013.05.16 07:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys
[2013.05.16 07:02:14 | 000,001,437 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.inf
[2013.05.15 17:31:15 | 000,473,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.04 20:39:35 | 001,189,258 | ---- | C] () -- C:\Users\****\Documents\Schlagzeug_BAK1.MM_
[2013.06.04 20:28:20 | 001,189,258 | ---- | C] () -- C:\Users\****\Documents\Schlagzeug_BAK0.MM_
[2013.06.02 15:17:48 | 001,447,728 | ---- | C] () -- C:\Windows\SysNative\dmwu.exe
[2013.05.31 21:23:50 | 000,042,233 | ---- | C] () -- C:\Users\****\AppData\Local\recently-used.xbel
[2013.05.19 15:30:57 | 000,045,629 | ---- | C] () -- C:\Users\****\Documents\Facebook.jpg
[2013.05.18 22:58:39 | 000,000,123 | ---- | C] () -- C:\Users\****\.gtk-bookmarks
[2013.02.02 13:23:13 | 000,003,584 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.29 17:19:16 | 000,019,990 | ---- | C] () -- C:\Users\****\bookmarks-2012-12-26.json
[2012.12.29 17:19:07 | 000,024,419 | ---- | C] () -- C:\Users\****\bookmarks-2012-12-29.json
[2012.10.28 12:55:39 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2012.09.25 20:53:53 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.09.25 18:00:17 | 000,007,272 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2012.09.16 10:44:43 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2012.09.16 08:49:21 | 001,426,411 | ---- | C] () -- C:\Users\****\AppData\Local\Tempmusic.ogg
[2012.09.15 23:28:59 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\lxdfinst.dll
[2012.09.15 23:28:58 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdfcomx.dll
[2012.09.15 23:28:57 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfinpa.dll
[2012.09.15 23:28:57 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfiesc.dll
[2012.09.15 23:28:56 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfpmui.dll
[2012.09.15 23:28:53 | 001,200,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfserv.dll
[2012.09.15 23:28:53 | 000,950,272 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfusb1.dll
[2012.09.15 23:28:52 | 000,565,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdflmpm.dll
[2012.09.15 23:28:52 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfprox.dll
[2012.09.15 23:28:51 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfhbn3.dll
[2012.09.15 23:28:51 | 000,320,432 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfih.exe
[2012.09.15 23:28:50 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfcomc.dll
[2012.09.15 23:28:50 | 000,598,960 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfcoms.exe
[2012.09.15 23:28:50 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfcomm.dll
[2012.09.15 23:28:49 | 000,365,488 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfcfg.exe
[2012.09.15 17:51:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2012.09.15 15:32:18 | 000,017,408 | ---- | C] () -- C:\Users\****\AppData\Local\WebpageIcons.db
[2012.01.20 15:10:52 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2012.01.10 22:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012.01.10 22:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012.01.10 22:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012.01.10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.01.12 02:00:44 | 000,030,208 | ---- | C] () -- C:\Program Files (x86)\Common Files\wmpinfo.dll
[2011.01.12 02:00:42 | 000,240,128 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
[2011.01.12 02:00:42 | 000,195,584 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
[2011.01.12 02:00:42 | 000,146,944 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
[2011.01.12 02:00:40 | 000,221,184 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
[2011.01.12 02:00:40 | 000,204,800 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.09 17:05:00 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\.minecraft
[2012.09.16 08:19:36 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\6500 Series
[2013.05.10 15:50:43 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Ableton
[2012.12.03 22:41:10 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\AntiBrowserSpy 2009
[2013.03.19 16:47:02 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Audacity
[2012.11.16 19:42:38 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Engelmann Media
[2013.06.01 21:04:18 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\FileZilla
[2012.09.23 18:17:58 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\FreeScreenToVideo
[2012.12.27 17:30:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Guitar Pro 6
[2012.10.04 10:53:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\HDX4 GmbH
[2012.09.15 23:41:40 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Lexmark Productivity Studio
[2012.09.15 23:57:14 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\LolClient
[2012.12.29 14:14:17 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\MAGIX
[2013.01.25 23:20:19 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Mp3tag
[2012.09.22 22:40:22 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Teeworlds
[2012.09.15 20:32:51 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Webocton - Scriptly
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.09.28 16:42:33 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2012.09.15 15:18:30 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.12.11 22:14:47 | 000,000,000 | ---D | M] -- C:\Fraps
[2010.03.13 10:45:20 | 000,000,000 | ---D | M] -- C:\Intel
[2012.09.15 23:36:59 | 000,000,000 | ---D | M] -- C:\logs
[2012.09.15 17:07:06 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013.03.14 15:39:59 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.06.09 15:43:50 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.06.04 15:47:34 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.09.15 15:18:30 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.09.15 15:18:31 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.09.15 23:18:42 | 000,000,000 | ---D | M] -- C:\Riot Games
[2013.06.11 16:32:49 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.01.31 15:13:14 | 000,000,000 | R--D | M] -- C:\Users
[2013.06.09 17:10:24 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.10.10 21:04:45 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2009.10.02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.10.02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b03f80929ac23556\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.05.18 22:58:39 | 000,000,123 | ---- | M] () -- C:\Users\****\.gtk-bookmarks
[2012.12.26 22:20:52 | 000,019,990 | ---- | M] () -- C:\Users\****\bookmarks-2012-12-26.json
[2012.12.29 17:19:07 | 000,024,419 | ---- | M] () -- C:\Users\****\bookmarks-2012-12-29.json
[2013.06.11 16:43:28 | 003,407,872 | -HS- | M] () -- C:\Users\****\NTUSER.DAT
[2013.06.11 16:43:28 | 000,262,144 | -HS- | M] () -- C:\Users\****\ntuser.dat.LOG1
[2012.09.15 15:18:40 | 000,000,000 | -HS- | M] () -- C:\Users\****\ntuser.dat.LOG2
[2012.09.15 16:56:25 | 000,065,536 | -HS- | M] () -- C:\Users\****\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.09.15 16:56:25 | 000,524,288 | -HS- | M] () -- C:\Users\****\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.09.15 16:56:25 | 000,524,288 | -HS- | M] () -- C:\Users\****\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.09.15 15:18:40 | 000,000,020 | -HS- | M] () -- C:\Users\****\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
Extras.txt

Code:
ATTFilter
OTL Extras logfile created on: 11.06.2013 16:08:44 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,80 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 53,67% Memory free
7,60 Gb Paging File | 5,74 Gb Available in Paging File | 75,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 272,44 Gb Free Space | 64,15% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 20,45 Gb Free Space | 51,13% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{080B217A-5713-41D6-96A5-FA257EE88D57}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 
"{10B5516F-B13E-48E8-898C-2E322E0F5249}" = lport=138 | protocol=17 | dir=in | app=system | 
"{169FDC0B-D285-49DD-AC38-517BFD9397D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1BDBF7BA-AA8F-43F9-BBD7-1AA0F2AF6BDA}" = rport=137 | protocol=17 | dir=out | app=system | 
"{215E9254-3C03-4C9A-B2B5-F38236059F8F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{24320B6A-495D-4D16-8B85-09E274A204B4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{326F8A63-7E97-4BA4-970E-1EA3E09F8746}" = lport=139 | protocol=6 | dir=in | app=system | 
"{439F7661-A973-441C-A374-645CE35E602A}" = rport=445 | protocol=6 | dir=out | app=system | 
"{478B1A69-F64B-4E2F-9804-D04D2E54A6D5}" = rport=138 | protocol=17 | dir=out | app=system | 
"{662C662B-33D6-4CC7-A337-8D5D65107299}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 
"{6F2FE2AE-0D62-4E3C-9686-E75017315780}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{7E19A615-E5CB-4D59-A9A6-299618C237A8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{8085BE99-9C37-41FC-A89C-08E26848703F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{874A139A-6A02-431B-B546-3EB18AF74027}" = lport=137 | protocol=17 | dir=in | app=system | 
"{8B659E3C-1278-4917-A7D1-A38AD7F88F44}" = lport=445 | protocol=6 | dir=in | app=system | 
"{AF9532CD-9704-43BC-A937-54A81F3F17C5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{CB116079-E21B-4F12-BDB1-6B8E2D26B4AB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DC6913C9-C1E3-4355-AABD-B0A5784EA0E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04E209E8-05A5-4442-8123-ECC3BB9511B2}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{0749F5B8-6898-4F2D-A01E-D985228E9EAF}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{0AED765E-33BC-46AE-9065-0945895E640C}" = protocol=6 | dir=in | app=c:\windows\system32\lxdfcoms.exe | 
"{0C34770D-E390-4BD2-8D45-53B12BEA2113}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe | 
"{13CBF537-A4C1-408B-A568-097EDE28306F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{1D5DC766-78E3-413C-BFB3-A7C62D5C5BF1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{1E79F20A-200B-4D70-AD94-2A407684A76C}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{2327EFC1-BC3F-49C8-8FE6-C7E7294F9138}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{2DA3BB17-0261-4280-A6CC-7A836E27E29B}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe | 
"{325C8B24-BA29-4F6E-99CD-19DC261F2E6A}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe | 
"{399F9D12-18CF-4DDD-959A-34EBFC13D32E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdftime.exe | 
"{43A4ECF2-5FF6-47FF-9A89-ABE8A72812D3}" = protocol=6 | dir=in | app=c:\windows\system32\lxdfcfg.exe | 
"{455D7707-D4AD-4F79-933C-AFFCD0FC4958}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{45C8C7C0-CB16-4EBE-8507-5F4D9E0DE983}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe | 
"{4D1AFD32-25A9-4F59-8665-FC73EF98D660}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{4D74F522-1418-40FE-8643-C6311DBC7207}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{4ECAF8B3-9D54-4B40-BA38-95C1B62F58D3}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe | 
"{5884C793-A397-406E-8581-E8BA76D20E65}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{5BF93CA2-2932-49D7-996F-9E7F0A7EC496}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{5D4FC475-DA69-4628-886D-0EF095BA0AFC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{6009193D-3B2A-49F3-BC80-C5534E576988}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{6A6F3B33-9188-4480-BB2A-72F4243493CE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{70582578-AA22-4517-9963-E8BFE031D273}" = dir=in | app=c:\users\****\appdata\local\microsoft\skydrive\skydrive.exe | 
"{795480BF-897C-45B9-AE70-2AAE4224E124}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdfcoms.exe | 
"{7C8A77BC-5AB8-4580-9E1C-BA472F5B51F7}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{80F38F46-1C10-4645-A4B8-B357FE988B3B}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{89171027-6DAC-4CF8-909E-D059556513CF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{8F3015D1-2BDB-42FE-96AE-F15ED5CDA003}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdftime.exe | 
"{92FC56FB-9714-4A78-83BE-60A77E69E799}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{93D8CE1E-36A9-484F-BD7C-FDD823E18C8C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{979FB333-DB05-4639-A5D1-CFD56FF28F56}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{9A45BA11-0533-464B-AC76-719F4F7707C2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9DCCF960-76F3-41FF-AB12-DDCA202BD4FE}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe | 
"{9F3F8653-45DA-4B52-9F5E-3FE3C629230C}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{9F617E55-59A5-43F2-BFF2-489797C5CC27}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{9F9CEA82-8243-478C-A45F-B4D1F9E31FD5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A50FA28B-0E0B-4C3C-9F7C-0ECF7EC475A1}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdfcoms.exe | 
"{A6CBA436-EC08-4421-85B4-7676B8E87530}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{A8E9A11C-EEE1-4DF2-A50A-51961736BEB0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{B060D63F-C113-4F84-AE59-1B5D478615E8}" = protocol=17 | dir=in | app=c:\windows\system32\lxdfcfg.exe | 
"{B1A469DD-5111-46D0-8CA7-5D2C0332D35F}" = protocol=17 | dir=in | app=c:\windows\system32\lxdfcoms.exe | 
"{B32A4A2E-A0B1-4E14-B6F8-656E6E3378BC}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{B49A3841-B7A2-43E2-815B-924387727807}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe | 
"{B6D659F5-69A7-4366-B074-436CCD65A0D2}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{BFE383CC-F944-4C36-9883-4C1170982A29}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe | 
"{C5B8AA82-0BCC-45A3-AFB9-439AB53E89CB}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{C7BD0779-6A99-4CBF-9BB1-E4AC0AF24E99}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{CFFE18E6-627E-43FE-8167-88BE5A750572}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{D1AB9AF3-0F91-4279-A285-40ACC680510B}" = protocol=58 | dir=in | app=system | 
"{D6A406A1-CA67-4C04-888A-6C6AD2D900F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{DB650915-DF01-4234-9E56-AC0BB795D8D0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | 
"{DCEF79C4-E8F7-4145-ACD8-E598DF87255C}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe | 
"{E33F53AB-B22C-4B2D-AD7D-3A5F7F895231}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F4615D49-5503-4E2F-9692-62F145443CA6}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{19DCDC0D-9D87-46DB-A4B0-08B35AA333A3}" = Corel Shell Extension - 64Bit
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java(TM) 6 Update 18 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{64A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7 (64-bit)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID-Anmelde-Assistent
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"Lexmark 6500 Series" = Lexmark 6500 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7D66971C-652B-4065-A6B1-B3EE313C254B}" = BlueJ
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B515962D-C979-44AC-9912-F7BB499B4B2C}" = VirtualDJ Home FREE
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.5.0.8
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{E04A4B52-7CF5-4B5A-0001-F5B55C390A4C}" = MyTube BigPack 5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD v.2.2.8
"Ashampoo Snap 5_is1" = Ashampoo Snap 5 v.5.1.5
"ASIO4ALL" = ASIO4ALL
"AssaultCube_v1.1.0.4" = AssaultCube v1.1.0.4
"Audacity_is1" = Audacity 2.0
"Disketch" = Disketch CD-Beschriftungssoftware
"FileZilla Client" = FileZilla Client 3.6.0.2
"FormatFactory" = FormatFactory 2.90
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX 3D Maker D" = MAGIX 3D Maker (embeded)
"MAGIX Music Maker 16 Premium D" = MAGIX Music Maker 16 Premium
"MAGIX Music Maker Hip Hop Edition 3 D" = MAGIX Music Maker Hip Hop Edition 3 5.0.0.2 (D)
"MAGIX Music Maker Rock Edition 3 D" = MAGIX Music Maker Rock Edition 3 5.0.0.0 (D)
"MAGIX Music Maker Techno Edition 3 D" = MAGIX Music Maker Techno Edition 3 5.0.0.2 (D)
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Video deluxe 16 Premium D" = MAGIX Video deluxe 16 Premium 9.0.0.54 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.48
"NIS" = Norton Internet Security CBE
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenAL" = OpenAL
"VLC media player" = VLC media player 2.0.1
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.6
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WNLT" = IB Updater Service
"X10Hardware" = X10 Hardware(TM)
"XMind_is1" = XMind 2012 (v3.3.1)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GeoGebra 4.2" = GeoGebra 4.2
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 15.02.2013 18:21:51 | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: League of Legends.exe, Version: 3.2.0.30,
 Zeitstempel: 0x511adc12  Name des fehlerhaften Moduls: League of Legends.exe, Version:
 3.2.0.30, Zeitstempel: 0x511adc12  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0031ddfa
ID
 des fehlerhaften Prozesses: 0x1230  Startzeit der fehlerhaften Anwendung: 0x01ce0bcac1dac7a0
Pfad
 der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.211\deploy\League
 of Legends.exe  Pfad des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.211\deploy\League
 of Legends.exe  Berichtskennung: 1803bf52-77be-11e2-825c-00262df76f2e
 
Error - 16.02.2013 08:38:43 | Computer Name = ****-PC | Source = Application Hang | ID = 1002
Description = Programm GuitarPro.exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: f40    Startzeit: 
01ce0c41f3366a81    Endzeit: 20    Anwendungspfad: C:\Program Files (x86)\Guitar Pro 6\GuitarPro.exe

Berichts-ID:
 c870d538-7835-11e2-91c6-00262df76f2e  
 
Error - 19.02.2013 14:58:41 | Computer Name = ****-PC | Source = Application Hang | ID = 1002
Description = Programm MusicMaker.exe, Version 16.0.5.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: dec    Startzeit: 
01ce0ed17cb11c16    Endzeit: 0    Anwendungspfad: C:\Program Files (x86)\MAGIX\MusicMaker16Premium\MusicMaker.exe

Berichts-ID:
   
 
Error - 26.02.2013 10:19:49 | Computer Name = ****-PC | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 26.02.2013 10:19:50 | Computer Name = ****-PC | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 26.02.2013 10:19:50 | Computer Name = ****-PC | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 26.02.2013 10:19:50 | Computer Name = ****-PC | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 26.02.2013 10:19:50 | Computer Name = ****-PC | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 26.02.2013 10:19:50 | Computer Name = ****-PC | Source = MsiInstaller | ID = 11609
Description = 
 
Error - 26.02.2013 10:19:51 | Computer Name = ****-PC | Source = MsiInstaller | ID = 11609
Description = 
 
[ System Events ]
Error - 23.01.2013 13:40:11 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxdfCATSCustConnectService erreicht.
 
Error - 23.01.2013 13:40:11 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxdfCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 23.01.2013 16:28:48 | Computer Name = ****-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 23.01.2013 16:28:48 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%50    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 23.01.2013 16:28:48 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1069
 
Error - 24.01.2013 11:18:50 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxdfCATSCustConnectService erreicht.
 
Error - 24.01.2013 11:18:50 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxdfCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 24.01.2013 11:20:23 | Computer Name = ****-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 25.01.2013 03:01:33 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxdfCATSCustConnectService erreicht.
 
Error - 25.01.2013 03:01:33 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxdfCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
 
< End of report >
         
__________________

Geändert von Trollo (11.06.2013 um 15:52 Uhr)

Alt 11.06.2013, 17:57   #4
markusg
/// Malware-holic
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.06.2013, 19:38   #5
Trollo
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



Also er hat beim Scan nichts gefunden ist ja schon mal ganz gut ;-)

Hier der Log-file:
Code:
ATTFilter
20:33:18.0353 3636  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:33:18.0727 3636  ============================================================
20:33:18.0727 3636  Current date / time: 2013/06/11 20:33:18.0727
20:33:18.0727 3636  SystemInfo:
20:33:18.0727 3636  
20:33:18.0727 3636  OS Version: 6.1.7601 ServicePack: 1.0
20:33:18.0727 3636  Product type: Workstation
20:33:18.0727 3636  ComputerName: ****-PC
20:33:18.0727 3636  UserName: ****
20:33:18.0727 3636  Windows directory: C:\Windows
20:33:18.0727 3636  System windows directory: C:\Windows
20:33:18.0727 3636  Running under WOW64
20:33:18.0727 3636  Processor architecture: Intel x64
20:33:18.0727 3636  Number of processors: 4
20:33:18.0727 3636  Page size: 0x1000
20:33:18.0727 3636  Boot type: Normal boot
20:33:18.0727 3636  ============================================================
20:33:19.0476 3636  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:33:19.0491 3636  ============================================================
20:33:19.0491 3636  \Device\Harddisk0\DR0:
20:33:19.0491 3636  MBR partitions:
20:33:19.0491 3636  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:33:19.0491 3636  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x35152000
20:33:19.0491 3636  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x35184800, BlocksNum 0x5000000
20:33:19.0491 3636  ============================================================
20:33:19.0507 3636  C: <-> \Device\Harddisk0\DR0\Partition2
20:33:19.0569 3636  D: <-> \Device\Harddisk0\DR0\Partition3
20:33:19.0569 3636  ============================================================
20:33:19.0569 3636  Initialize success
20:33:19.0569 3636  ============================================================
20:35:02.0764 4012  ============================================================
20:35:02.0764 4012  Scan started
20:35:02.0764 4012  Mode: Manual; 
20:35:02.0764 4012  ============================================================
20:35:04.0543 4012  ================ Scan system memory ========================
20:35:04.0543 4012  System memory - ok
20:35:04.0543 4012  ================ Scan services =============================
20:35:04.0870 4012  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:35:04.0870 4012  1394ohci - ok
20:35:04.0917 4012  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:35:04.0933 4012  ACPI - ok
20:35:04.0964 4012  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:35:04.0964 4012  AcpiPmi - ok
20:35:05.0120 4012  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:35:05.0120 4012  AdobeARMservice - ok
20:35:05.0557 4012  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:35:05.0572 4012  AdobeFlashPlayerUpdateSvc - ok
20:35:05.0619 4012  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:35:05.0635 4012  adp94xx - ok
20:35:05.0682 4012  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:35:05.0682 4012  adpahci - ok
20:35:05.0744 4012  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:35:05.0760 4012  adpu320 - ok
20:35:05.0775 4012  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:35:05.0775 4012  AeLookupSvc - ok
20:35:05.0822 4012  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
20:35:05.0838 4012  AFD - ok
20:35:05.0853 4012  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:35:05.0869 4012  agp440 - ok
20:35:05.0900 4012  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
20:35:05.0900 4012  ALG - ok
20:35:05.0931 4012  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:35:05.0931 4012  aliide - ok
20:35:05.0947 4012  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:35:05.0962 4012  amdide - ok
20:35:05.0978 4012  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:35:05.0994 4012  AmdK8 - ok
20:35:06.0025 4012  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:35:06.0025 4012  AmdPPM - ok
20:35:06.0072 4012  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:35:06.0072 4012  amdsata - ok
20:35:06.0150 4012  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:35:06.0150 4012  amdsbs - ok
20:35:06.0165 4012  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:35:06.0165 4012  amdxata - ok
20:35:06.0212 4012  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
20:35:06.0212 4012  AppID - ok
20:35:06.0243 4012  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:35:06.0243 4012  AppIDSvc - ok
20:35:06.0290 4012  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
20:35:06.0290 4012  Appinfo - ok
20:35:06.0337 4012  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:35:06.0337 4012  arc - ok
20:35:06.0352 4012  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:35:06.0368 4012  arcsas - ok
20:35:06.0384 4012  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:35:06.0399 4012  AsyncMac - ok
20:35:06.0446 4012  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
20:35:06.0446 4012  atapi - ok
20:35:06.0524 4012  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:35:06.0524 4012  AudioEndpointBuilder - ok
20:35:06.0540 4012  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:35:06.0555 4012  AudioSrv - ok
20:35:06.0602 4012  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:35:06.0602 4012  AxInstSV - ok
20:35:06.0664 4012  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:35:06.0664 4012  b06bdrv - ok
20:35:06.0711 4012  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:35:06.0711 4012  b57nd60a - ok
20:35:06.0836 4012  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
20:35:06.0836 4012  BBSvc - ok
20:35:06.0914 4012  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
20:35:06.0914 4012  BBUpdate - ok
20:35:06.0961 4012  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:35:06.0961 4012  BDESVC - ok
20:35:07.0008 4012  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:35:07.0023 4012  Beep - ok
20:35:07.0086 4012  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
20:35:07.0101 4012  BFE - ok
20:35:07.0522 4012  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130531.001\BHDrvx64.sys
20:35:07.0538 4012  BHDrvx64 - ok
20:35:07.0647 4012  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
20:35:07.0663 4012  BITS - ok
20:35:07.0694 4012  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:35:07.0694 4012  blbdrive - ok
20:35:07.0741 4012  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:35:07.0741 4012  bowser - ok
20:35:07.0772 4012  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:35:07.0772 4012  BrFiltLo - ok
20:35:07.0788 4012  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:35:07.0788 4012  BrFiltUp - ok
20:35:07.0834 4012  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
20:35:07.0834 4012  Browser - ok
20:35:07.0881 4012  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:35:07.0881 4012  Brserid - ok
20:35:07.0928 4012  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:35:07.0928 4012  BrSerWdm - ok
20:35:07.0959 4012  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:35:07.0959 4012  BrUsbMdm - ok
20:35:07.0990 4012  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:35:07.0990 4012  BrUsbSer - ok
20:35:08.0037 4012  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:35:08.0037 4012  BTHMODEM - ok
20:35:08.0084 4012  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
20:35:08.0100 4012  bthserv - ok
20:35:08.0193 4012  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys
20:35:08.0193 4012  ccSet_NIS - ok
20:35:08.0224 4012  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:35:08.0224 4012  cdfs - ok
20:35:08.0271 4012  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
20:35:08.0271 4012  cdrom - ok
20:35:08.0318 4012  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:35:08.0318 4012  CertPropSvc - ok
20:35:08.0365 4012  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:35:08.0365 4012  circlass - ok
20:35:08.0412 4012  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
20:35:08.0412 4012  CLFS - ok
20:35:08.0490 4012  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:35:08.0490 4012  clr_optimization_v2.0.50727_32 - ok
20:35:08.0583 4012  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:35:08.0614 4012  clr_optimization_v2.0.50727_64 - ok
20:35:08.0677 4012  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:35:08.0724 4012  clr_optimization_v4.0.30319_32 - ok
20:35:08.0786 4012  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:35:08.0786 4012  clr_optimization_v4.0.30319_64 - ok
20:35:08.0833 4012  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:35:08.0833 4012  CmBatt - ok
20:35:08.0864 4012  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:35:08.0864 4012  cmdide - ok
20:35:08.0911 4012  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
20:35:08.0911 4012  CNG - ok
20:35:08.0942 4012  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:35:08.0942 4012  Compbatt - ok
20:35:08.0973 4012  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:35:08.0973 4012  CompositeBus - ok
20:35:09.0004 4012  COMSysApp - ok
20:35:09.0020 4012  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:35:09.0020 4012  crcdisk - ok
20:35:09.0067 4012  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:35:09.0067 4012  CryptSvc - ok
20:35:09.0145 4012  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:35:09.0145 4012  DcomLaunch - ok
20:35:09.0223 4012  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
20:35:09.0223 4012  defragsvc - ok
20:35:09.0270 4012  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:35:09.0285 4012  DfsC - ok
20:35:09.0332 4012  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:35:09.0332 4012  Dhcp - ok
20:35:09.0379 4012  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
20:35:09.0379 4012  discache - ok
20:35:09.0426 4012  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:35:09.0426 4012  Disk - ok
20:35:09.0457 4012  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:35:09.0457 4012  Dnscache - ok
20:35:09.0504 4012  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:35:09.0504 4012  dot3svc - ok
20:35:09.0535 4012  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
20:35:09.0550 4012  DPS - ok
20:35:09.0566 4012  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:35:09.0582 4012  drmkaud - ok
20:35:09.0628 4012  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:35:09.0644 4012  DXGKrnl - ok
20:35:09.0675 4012  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
20:35:09.0675 4012  EapHost - ok
20:35:09.0831 4012  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:35:09.0940 4012  ebdrv - ok
20:35:10.0034 4012  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:35:10.0034 4012  eeCtrl - ok
20:35:10.0081 4012  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
20:35:10.0081 4012  EFS - ok
20:35:10.0159 4012  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:35:10.0174 4012  ehRecvr - ok
20:35:10.0221 4012  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
20:35:10.0221 4012  ehSched - ok
20:35:10.0284 4012  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:35:10.0284 4012  elxstor - ok
20:35:10.0330 4012  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:35:10.0330 4012  EraserUtilRebootDrv - ok
20:35:10.0362 4012  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:35:10.0362 4012  ErrDev - ok
20:35:10.0408 4012  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
20:35:10.0408 4012  EventSystem - ok
20:35:10.0455 4012  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
20:35:10.0455 4012  exfat - ok
20:35:10.0518 4012  Fabs - ok
20:35:10.0564 4012  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:35:10.0564 4012  fastfat - ok
20:35:10.0642 4012  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
20:35:10.0658 4012  Fax - ok
20:35:10.0689 4012  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:35:10.0689 4012  fdc - ok
20:35:10.0736 4012  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:35:10.0736 4012  fdPHost - ok
20:35:10.0767 4012  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:35:10.0767 4012  FDResPub - ok
20:35:10.0814 4012  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:35:10.0814 4012  FileInfo - ok
20:35:10.0830 4012  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:35:10.0845 4012  Filetrace - ok
20:35:10.0986 4012  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
20:35:11.0110 4012  FirebirdServerMAGIXInstance - ok
20:35:11.0142 4012  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:35:11.0173 4012  flpydisk - ok
20:35:11.0220 4012  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:35:11.0220 4012  FltMgr - ok
20:35:11.0282 4012  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
20:35:11.0329 4012  FontCache - ok
20:35:11.0422 4012  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:35:11.0422 4012  FontCache3.0.0.0 - ok
20:35:11.0454 4012  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:35:11.0454 4012  FsDepends - ok
20:35:11.0485 4012  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
20:35:11.0485 4012  fssfltr - ok
20:35:11.0812 4012  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:35:11.0859 4012  fsssvc - ok
20:35:11.0906 4012  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:35:11.0906 4012  Fs_Rec - ok
20:35:11.0968 4012  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:35:11.0968 4012  fvevol - ok
20:35:12.0015 4012  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:35:12.0015 4012  gagp30kx - ok
20:35:12.0078 4012  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
20:35:12.0078 4012  gpsvc - ok
20:35:12.0140 4012  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
20:35:12.0140 4012  hamachi - ok
20:35:12.0280 4012  [ DBCF8F2EA9111510B5B86E1EE9CD8816 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:35:12.0358 4012  Hamachi2Svc - ok
20:35:12.0405 4012  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:35:12.0405 4012  hcw85cir - ok
20:35:12.0452 4012  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:35:12.0452 4012  HdAudAddService - ok
20:35:12.0514 4012  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:35:12.0514 4012  HDAudBus - ok
20:35:12.0561 4012  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
20:35:12.0561 4012  HECIx64 - ok
20:35:12.0577 4012  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:35:12.0577 4012  HidBatt - ok
20:35:12.0608 4012  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:35:12.0608 4012  HidBth - ok
20:35:12.0639 4012  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:35:12.0639 4012  HidIr - ok
20:35:12.0670 4012  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
20:35:12.0670 4012  hidserv - ok
20:35:12.0717 4012  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:35:12.0717 4012  HidUsb - ok
20:35:12.0748 4012  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:35:12.0764 4012  hkmsvc - ok
20:35:12.0826 4012  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:35:12.0826 4012  HomeGroupListener - ok
20:35:12.0858 4012  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:35:12.0873 4012  HomeGroupProvider - ok
20:35:12.0889 4012  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:35:12.0889 4012  HpSAMD - ok
20:35:12.0951 4012  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:35:12.0967 4012  HTTP - ok
20:35:13.0029 4012  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:35:13.0045 4012  hwpolicy - ok
20:35:13.0092 4012  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:35:13.0092 4012  i8042prt - ok
20:35:13.0154 4012  [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:35:13.0154 4012  iaStor - ok
20:35:13.0232 4012  [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:35:13.0232 4012  IAStorDataMgrSvc - ok
20:35:13.0263 4012  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:35:13.0279 4012  iaStorV - ok
20:35:13.0372 4012  [ C58305AC412A2DE95D461072E0AF5AAF ] IBUpdaterService C:\Windows\system32\dmwu.exe
20:35:13.0435 4012  IBUpdaterService - ok
20:35:13.0528 4012  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:35:13.0575 4012  idsvc - ok
20:35:13.0778 4012  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130608.001\IDSvia64.sys
20:35:13.0778 4012  IDSVia64 - ok
20:35:14.0558 4012  [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:35:14.0839 4012  igfx - ok
20:35:14.0886 4012  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:35:14.0886 4012  iirsp - ok
20:35:14.0932 4012  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:35:14.0948 4012  IKEEXT - ok
20:35:14.0979 4012  [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
20:35:14.0995 4012  Impcd - ok
20:35:15.0073 4012  [ 257CE93C4C83A869F67C8121A34D57EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:35:15.0088 4012  IntcAzAudAddService - ok
20:35:15.0120 4012  [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:35:15.0120 4012  IntcDAud - ok
20:35:15.0151 4012  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
20:35:15.0151 4012  intelide - ok
20:35:15.0182 4012  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:35:15.0182 4012  intelppm - ok
20:35:15.0198 4012  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:35:15.0198 4012  IPBusEnum - ok
20:35:15.0244 4012  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:35:15.0244 4012  IpFilterDriver - ok
20:35:15.0322 4012  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:35:15.0322 4012  iphlpsvc - ok
20:35:15.0354 4012  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:35:15.0354 4012  IPMIDRV - ok
20:35:15.0385 4012  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:35:15.0400 4012  IPNAT - ok
20:35:15.0447 4012  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:35:15.0447 4012  IRENUM - ok
20:35:15.0463 4012  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:35:15.0463 4012  isapnp - ok
20:35:15.0494 4012  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:35:15.0510 4012  iScsiPrt - ok
20:35:15.0525 4012  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:35:15.0541 4012  kbdclass - ok
20:35:15.0572 4012  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:35:15.0572 4012  kbdhid - ok
20:35:15.0603 4012  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
20:35:15.0603 4012  KeyIso - ok
20:35:15.0619 4012  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:35:15.0619 4012  KSecDD - ok
20:35:15.0650 4012  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:35:15.0650 4012  KSecPkg - ok
20:35:15.0681 4012  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:35:15.0681 4012  ksthunk - ok
20:35:15.0712 4012  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:35:15.0728 4012  KtmRm - ok
20:35:15.0775 4012  [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
20:35:15.0775 4012  L1C - ok
20:35:15.0822 4012  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:35:15.0822 4012  LanmanServer - ok
20:35:15.0868 4012  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:35:15.0868 4012  LanmanWorkstation - ok
20:35:15.0931 4012  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:35:15.0931 4012  lltdio - ok
20:35:15.0962 4012  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:35:15.0978 4012  lltdsvc - ok
20:35:15.0993 4012  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:35:15.0993 4012  lmhosts - ok
20:35:16.0071 4012  [ 1E2F802846EB944E0333EFEE7C9532A8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:35:16.0087 4012  LMS - ok
20:35:16.0118 4012  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:35:16.0118 4012  LSI_FC - ok
20:35:16.0149 4012  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:35:16.0149 4012  LSI_SAS - ok
20:35:16.0180 4012  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:35:16.0180 4012  LSI_SAS2 - ok
20:35:16.0227 4012  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:35:16.0227 4012  LSI_SCSI - ok
20:35:16.0258 4012  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:35:16.0274 4012  luafv - ok
20:35:16.0352 4012  [ 06407E13684E4B1AD56C62893E718248 ] lxdfCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdfserv.exe
20:35:16.0368 4012  lxdfCATSCustConnectService - ok
20:35:16.0399 4012  lxdf_device - ok
20:35:16.0430 4012  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:35:16.0446 4012  Mcx2Svc - ok
20:35:16.0477 4012  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:35:16.0477 4012  megasas - ok
20:35:16.0508 4012  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:35:16.0524 4012  MegaSR - ok
20:35:16.0586 4012  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
20:35:16.0586 4012  MMCSS - ok
20:35:16.0648 4012  [ F7AB9BBD2D973607C0E69B1D79C7611F ] mod7764         C:\Windows\system32\DRIVERS\mod77-64.sys
20:35:16.0680 4012  mod7764 - ok
20:35:16.0726 4012  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
20:35:16.0726 4012  Modem - ok
20:35:16.0742 4012  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:35:16.0742 4012  monitor - ok
20:35:16.0789 4012  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:35:16.0789 4012  mouclass - ok
20:35:16.0836 4012  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:35:16.0836 4012  mouhid - ok
20:35:16.0882 4012  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:35:16.0882 4012  mountmgr - ok
20:35:16.0945 4012  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:35:16.0945 4012  MozillaMaintenance - ok
20:35:16.0992 4012  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:35:16.0992 4012  mpio - ok
20:35:17.0038 4012  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:35:17.0038 4012  mpsdrv - ok
20:35:17.0101 4012  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:35:17.0101 4012  MpsSvc - ok
20:35:17.0179 4012  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:35:17.0179 4012  MRxDAV - ok
20:35:17.0210 4012  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:35:17.0226 4012  mrxsmb - ok
20:35:17.0241 4012  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:35:17.0241 4012  mrxsmb10 - ok
20:35:17.0288 4012  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:35:17.0304 4012  mrxsmb20 - ok
20:35:17.0335 4012  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:35:17.0335 4012  msahci - ok
20:35:17.0366 4012  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:35:17.0366 4012  msdsm - ok
20:35:17.0382 4012  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:35:17.0382 4012  MSDTC - ok
20:35:17.0428 4012  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:35:17.0428 4012  Msfs - ok
20:35:17.0460 4012  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:35:17.0460 4012  mshidkmdf - ok
20:35:17.0491 4012  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:35:17.0491 4012  msisadrv - ok
20:35:17.0522 4012  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:35:17.0522 4012  MSiSCSI - ok
20:35:17.0538 4012  msiserver - ok
20:35:17.0569 4012  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:35:17.0569 4012  MSKSSRV - ok
20:35:17.0569 4012  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:35:17.0584 4012  MSPCLOCK - ok
20:35:17.0600 4012  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:35:17.0600 4012  MSPQM - ok
20:35:17.0647 4012  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:35:17.0678 4012  MsRPC - ok
20:35:17.0694 4012  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:35:17.0694 4012  mssmbios - ok
20:35:17.0725 4012  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:35:17.0725 4012  MSTEE - ok
20:35:17.0756 4012  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:35:17.0756 4012  MTConfig - ok
20:35:17.0772 4012  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:35:17.0772 4012  Mup - ok
20:35:17.0834 4012  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
20:35:17.0850 4012  napagent - ok
20:35:17.0896 4012  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:35:17.0896 4012  NativeWifiP - ok
20:35:18.0037 4012  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130611.003\ENG64.SYS
20:35:18.0037 4012  NAVENG - ok
20:35:18.0786 4012  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130611.003\EX64.SYS
20:35:18.0817 4012  NAVEX15 - ok
20:35:18.0864 4012  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:35:18.0879 4012  NDIS - ok
20:35:18.0926 4012  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:35:18.0926 4012  NdisCap - ok
20:35:18.0942 4012  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:35:18.0942 4012  NdisTapi - ok
20:35:18.0973 4012  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:35:18.0973 4012  Ndisuio - ok
20:35:19.0004 4012  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:35:19.0004 4012  NdisWan - ok
20:35:19.0020 4012  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:35:19.0020 4012  NDProxy - ok
20:35:19.0066 4012  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:35:19.0066 4012  NetBIOS - ok
20:35:19.0113 4012  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:35:19.0113 4012  NetBT - ok
20:35:19.0129 4012  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
20:35:19.0129 4012  Netlogon - ok
20:35:19.0191 4012  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
20:35:19.0191 4012  Netman - ok
20:35:19.0207 4012  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
20:35:19.0207 4012  netprofm - ok
20:35:19.0254 4012  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:35:19.0285 4012  NetTcpPortSharing - ok
20:35:19.0316 4012  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:35:19.0316 4012  nfrd960 - ok
20:35:19.0425 4012  [ 241BD3019FB31E812A51B31B06906335 ] NIS             C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe
20:35:19.0425 4012  NIS - ok
20:35:19.0472 4012  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:35:19.0472 4012  NlaSvc - ok
20:35:19.0519 4012  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
20:35:19.0519 4012  NPF - ok
20:35:19.0534 4012  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:35:19.0550 4012  Npfs - ok
20:35:19.0566 4012  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
20:35:19.0566 4012  nsi - ok
20:35:19.0581 4012  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:35:19.0581 4012  nsiproxy - ok
20:35:19.0675 4012  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:35:19.0722 4012  Ntfs - ok
20:35:19.0800 4012  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
20:35:19.0800 4012  Null - ok
20:35:19.0831 4012  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:35:19.0831 4012  nvraid - ok
20:35:19.0878 4012  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:35:19.0893 4012  nvstor - ok
20:35:19.0924 4012  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:35:19.0924 4012  nv_agp - ok
20:35:19.0956 4012  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:35:19.0956 4012  ohci1394 - ok
20:35:20.0034 4012  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:35:20.0034 4012  ose - ok
20:35:20.0517 4012  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:35:20.0658 4012  osppsvc - ok
20:35:20.0767 4012  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:35:20.0767 4012  p2pimsvc - ok
20:35:20.0798 4012  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:35:20.0814 4012  p2psvc - ok
20:35:20.0860 4012  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:35:20.0860 4012  Parport - ok
20:35:20.0876 4012  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:35:20.0892 4012  partmgr - ok
20:35:20.0907 4012  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:35:20.0923 4012  PcaSvc - ok
20:35:20.0938 4012  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
20:35:20.0938 4012  pci - ok
20:35:20.0970 4012  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
20:35:20.0970 4012  pciide - ok
20:35:21.0001 4012  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:35:21.0001 4012  pcmcia - ok
20:35:21.0032 4012  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:35:21.0032 4012  pcw - ok
20:35:21.0063 4012  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:35:21.0063 4012  PEAUTH - ok
20:35:21.0188 4012  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:35:21.0219 4012  PerfHost - ok
20:35:21.0375 4012  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
20:35:21.0438 4012  pla - ok
20:35:21.0500 4012  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:35:21.0500 4012  PlugPlay - ok
20:35:21.0531 4012  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:35:21.0547 4012  PNRPAutoReg - ok
20:35:21.0562 4012  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:35:21.0578 4012  PNRPsvc - ok
20:35:21.0625 4012  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:35:21.0625 4012  PolicyAgent - ok
20:35:21.0672 4012  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
20:35:21.0687 4012  Power - ok
20:35:21.0734 4012  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:35:21.0734 4012  PptpMiniport - ok
20:35:21.0765 4012  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:35:21.0765 4012  Processor - ok
20:35:21.0796 4012  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:35:21.0796 4012  ProfSvc - ok
20:35:21.0812 4012  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:35:21.0812 4012  ProtectedStorage - ok
20:35:21.0874 4012  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:35:21.0890 4012  Psched - ok
20:35:21.0937 4012  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
20:35:21.0937 4012  PSI_SVC_2 - ok
20:35:22.0264 4012  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:35:22.0311 4012  ql2300 - ok
20:35:22.0358 4012  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:35:22.0358 4012  ql40xx - ok
20:35:22.0389 4012  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
20:35:22.0405 4012  QWAVE - ok
20:35:22.0420 4012  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:35:22.0420 4012  QWAVEdrv - ok
20:35:22.0436 4012  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:35:22.0436 4012  RasAcd - ok
20:35:22.0483 4012  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:35:22.0483 4012  RasAgileVpn - ok
20:35:22.0514 4012  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
20:35:22.0514 4012  RasAuto - ok
20:35:22.0545 4012  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:35:22.0545 4012  Rasl2tp - ok
20:35:22.0592 4012  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
20:35:22.0592 4012  RasMan - ok
20:35:22.0654 4012  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:35:22.0654 4012  RasPppoe - ok
20:35:22.0686 4012  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:35:22.0686 4012  RasSstp - ok
20:35:22.0748 4012  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:35:22.0748 4012  rdbss - ok
20:35:22.0779 4012  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:35:22.0779 4012  rdpbus - ok
20:35:22.0810 4012  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:35:22.0810 4012  RDPCDD - ok
20:35:22.0842 4012  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:35:22.0842 4012  RDPENCDD - ok
20:35:22.0842 4012  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:35:22.0842 4012  RDPREFMP - ok
20:35:22.0873 4012  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:35:22.0888 4012  RDPWD - ok
20:35:22.0935 4012  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:35:22.0951 4012  rdyboost - ok
20:35:22.0966 4012  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:35:22.0966 4012  RemoteAccess - ok
20:35:23.0013 4012  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:35:23.0013 4012  RemoteRegistry - ok
20:35:23.0091 4012  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:35:23.0107 4012  RichVideo - ok
20:35:23.0185 4012  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
20:35:23.0185 4012  rpcapd - ok
20:35:23.0216 4012  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:35:23.0216 4012  RpcEptMapper - ok
20:35:23.0232 4012  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
20:35:23.0247 4012  RpcLocator - ok
20:35:23.0294 4012  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
20:35:23.0310 4012  RpcSs - ok
20:35:23.0325 4012  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:35:23.0356 4012  rspndr - ok
20:35:23.0419 4012  [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
20:35:23.0419 4012  RSUSBSTOR - ok
20:35:23.0481 4012  [ 8E843C0340C30994161C10FBA87EEA18 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
20:35:23.0481 4012  rtl8192se - ok
20:35:23.0512 4012  RtsUIR - ok
20:35:23.0528 4012  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
20:35:23.0528 4012  SamSs - ok
20:35:23.0559 4012  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:35:23.0559 4012  sbp2port - ok
20:35:23.0606 4012  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:35:23.0622 4012  SCardSvr - ok
20:35:23.0653 4012  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:35:23.0653 4012  scfilter - ok
20:35:23.0715 4012  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
20:35:23.0793 4012  Schedule - ok
20:35:23.0840 4012  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:35:23.0840 4012  SCPolicySvc - ok
20:35:23.0887 4012  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:35:23.0887 4012  SDRSVC - ok
20:35:23.0934 4012  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:35:23.0934 4012  secdrv - ok
20:35:23.0965 4012  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
20:35:23.0965 4012  seclogon - ok
20:35:24.0012 4012  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
20:35:24.0012 4012  SENS - ok
20:35:24.0027 4012  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:35:24.0027 4012  SensrSvc - ok
20:35:24.0074 4012  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:35:24.0074 4012  Serenum - ok
20:35:24.0121 4012  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:35:24.0121 4012  Serial - ok
20:35:24.0168 4012  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:35:24.0168 4012  sermouse - ok
20:35:24.0214 4012  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:35:24.0214 4012  SessionEnv - ok
20:35:24.0246 4012  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:35:24.0246 4012  sffdisk - ok
20:35:24.0277 4012  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:35:24.0277 4012  sffp_mmc - ok
20:35:24.0308 4012  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:35:24.0308 4012  sffp_sd - ok
20:35:24.0324 4012  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:35:24.0339 4012  sfloppy - ok
20:35:24.0355 4012  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:35:24.0370 4012  SharedAccess - ok
20:35:24.0417 4012  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:35:24.0417 4012  ShellHWDetection - ok
20:35:24.0448 4012  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:35:24.0464 4012  SiSRaid2 - ok
20:35:24.0495 4012  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:35:24.0495 4012  SiSRaid4 - ok
20:35:24.0589 4012  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:35:24.0589 4012  SkypeUpdate - ok
20:35:24.0636 4012  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:35:24.0636 4012  Smb - ok
20:35:24.0667 4012  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:35:24.0682 4012  SNMPTRAP - ok
20:35:24.0698 4012  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:35:24.0698 4012  spldr - ok
20:35:24.0729 4012  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
20:35:24.0729 4012  Spooler - ok
20:35:24.0838 4012  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
20:35:24.0932 4012  sppsvc - ok
20:35:24.0963 4012  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:35:24.0963 4012  sppuinotify - ok
20:35:25.0057 4012  [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1403010.016\SRTSP64.SYS
20:35:25.0072 4012  SRTSP - ok
20:35:25.0104 4012  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1403010.016\SRTSPX64.SYS
20:35:25.0104 4012  SRTSPX - ok
20:35:25.0150 4012  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:35:25.0150 4012  srv - ok
20:35:25.0182 4012  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:35:25.0182 4012  srv2 - ok
20:35:25.0197 4012  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:35:25.0213 4012  srvnet - ok
20:35:25.0244 4012  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:35:25.0244 4012  SSDPSRV - ok
20:35:25.0275 4012  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:35:25.0275 4012  SstpSvc - ok
20:35:25.0306 4012  Steam Client Service - ok
20:35:25.0322 4012  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:35:25.0322 4012  stexstor - ok
20:35:25.0369 4012  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
20:35:25.0384 4012  stisvc - ok
20:35:25.0494 4012  [ 3FB1D84D673B4A9AF3856C8843C7A464 ] StumbleUponUpdater C:\Users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
20:35:25.0494 4012  StumbleUponUpdater - ok
20:35:25.0525 4012  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:35:25.0525 4012  swenum - ok
20:35:25.0556 4012  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
20:35:25.0572 4012  swprv - ok
20:35:25.0603 4012  [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS           C:\Windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS
20:35:25.0618 4012  SymDS - ok
20:35:25.0681 4012  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS
20:35:25.0712 4012  SymEFA - ok
20:35:25.0774 4012  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:35:25.0774 4012  SymEvent - ok
20:35:25.0806 4012  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
20:35:25.0806 4012  SymIM - ok
20:35:25.0837 4012  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS
20:35:25.0852 4012  SymIRON - ok
20:35:25.0884 4012  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS
20:35:25.0899 4012  SymNetS - ok
20:35:25.0930 4012  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:35:25.0946 4012  SynTP - ok
20:35:26.0024 4012  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
20:35:26.0071 4012  SysMain - ok
20:35:26.0118 4012  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:35:26.0118 4012  TabletInputService - ok
20:35:26.0149 4012  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:35:26.0164 4012  TapiSrv - ok
20:35:26.0211 4012  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
20:35:26.0211 4012  TBS - ok
20:35:26.0289 4012  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:35:26.0367 4012  Tcpip - ok
20:35:26.0414 4012  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:35:26.0430 4012  TCPIP6 - ok
20:35:26.0461 4012  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:35:26.0461 4012  tcpipreg - ok
20:35:26.0492 4012  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:35:26.0508 4012  TDPIPE - ok
20:35:26.0523 4012  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:35:26.0523 4012  TDTCP - ok
20:35:26.0570 4012  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:35:26.0570 4012  tdx - ok
20:35:26.0601 4012  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:35:26.0601 4012  TermDD - ok
20:35:26.0648 4012  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
20:35:26.0664 4012  TermService - ok
20:35:26.0695 4012  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
20:35:26.0695 4012  Themes - ok
20:35:26.0742 4012  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
20:35:26.0742 4012  THREADORDER - ok
20:35:26.0788 4012  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
20:35:26.0788 4012  TrkWks - ok
20:35:26.0913 4012  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:35:26.0929 4012  TrustedInstaller - ok
20:35:26.0991 4012  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:35:27.0007 4012  tssecsrv - ok
20:35:27.0054 4012  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:35:27.0054 4012  TsUsbFlt - ok
20:35:27.0116 4012  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:35:27.0132 4012  tunnel - ok
20:35:27.0163 4012  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:35:27.0163 4012  uagp35 - ok
20:35:27.0210 4012  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:35:27.0210 4012  udfs - ok
20:35:27.0256 4012  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:35:27.0256 4012  UI0Detect - ok
20:35:27.0288 4012  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:35:27.0288 4012  uliagpkx - ok
20:35:27.0303 4012  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
20:35:27.0303 4012  umbus - ok
20:35:27.0334 4012  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:35:27.0350 4012  UmPass - ok
20:35:27.0584 4012  [ AF905F4966CFC8B973623AB150CD4B2B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:35:27.0662 4012  UNS - ok
20:35:27.0693 4012  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
20:35:27.0709 4012  upnphost - ok
20:35:27.0756 4012  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:35:27.0756 4012  usbaudio - ok
20:35:27.0802 4012  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:35:27.0802 4012  usbccgp - ok
20:35:27.0818 4012  USBCCID - ok
20:35:27.0849 4012  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:35:27.0849 4012  usbcir - ok
20:35:27.0880 4012  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:35:27.0880 4012  usbehci - ok
20:35:27.0896 4012  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:35:27.0912 4012  usbhub - ok
20:35:27.0958 4012  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:35:27.0958 4012  usbohci - ok
20:35:27.0990 4012  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:35:27.0990 4012  usbprint - ok
20:35:28.0021 4012  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:35:28.0021 4012  usbscan - ok
20:35:28.0068 4012  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:35:28.0068 4012  USBSTOR - ok
20:35:28.0099 4012  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:35:28.0099 4012  usbuhci - ok
20:35:28.0146 4012  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:35:28.0146 4012  usbvideo - ok
20:35:28.0192 4012  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
20:35:28.0192 4012  UxSms - ok
20:35:28.0208 4012  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
20:35:28.0208 4012  VaultSvc - ok
20:35:28.0239 4012  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:35:28.0239 4012  vdrvroot - ok
20:35:28.0270 4012  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
20:35:28.0286 4012  vds - ok
20:35:28.0302 4012  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:35:28.0302 4012  vga - ok
20:35:28.0333 4012  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:35:28.0333 4012  VgaSave - ok
20:35:28.0364 4012  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:35:28.0364 4012  vhdmp - ok
20:35:28.0395 4012  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:35:28.0395 4012  viaide - ok
20:35:28.0411 4012  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:35:28.0426 4012  volmgr - ok
20:35:28.0458 4012  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:35:28.0473 4012  volmgrx - ok
20:35:28.0504 4012  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:35:28.0504 4012  volsnap - ok
20:35:28.0551 4012  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:35:28.0551 4012  vsmraid - ok
20:35:28.0614 4012  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
20:35:28.0660 4012  VSS - ok
20:35:28.0692 4012  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:35:28.0692 4012  vwifibus - ok
20:35:28.0723 4012  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:35:28.0723 4012  vwififlt - ok
20:35:28.0754 4012  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
20:35:28.0754 4012  W32Time - ok
20:35:28.0785 4012  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:35:28.0785 4012  WacomPen - ok
20:35:28.0816 4012  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:35:28.0816 4012  WANARP - ok
20:35:28.0816 4012  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:35:28.0832 4012  Wanarpv6 - ok
20:35:28.0894 4012  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
20:35:28.0957 4012  wbengine - ok
20:35:29.0004 4012  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:35:29.0019 4012  WbioSrvc - ok
20:35:29.0097 4012  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:35:29.0113 4012  wcncsvc - ok
20:35:29.0128 4012  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:35:29.0128 4012  WcsPlugInService - ok
20:35:29.0160 4012  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:35:29.0160 4012  Wd - ok
20:35:29.0238 4012  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:35:29.0253 4012  Wdf01000 - ok
20:35:29.0284 4012  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:35:29.0284 4012  WdiServiceHost - ok
20:35:29.0300 4012  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:35:29.0300 4012  WdiSystemHost - ok
20:35:29.0316 4012  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
20:35:29.0331 4012  WebClient - ok
20:35:29.0347 4012  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:35:29.0347 4012  Wecsvc - ok
20:35:29.0362 4012  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:35:29.0362 4012  wercplsupport - ok
20:35:29.0394 4012  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:35:29.0409 4012  WerSvc - ok
20:35:29.0425 4012  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:35:29.0425 4012  WfpLwf - ok
20:35:29.0440 4012  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:35:29.0456 4012  WIMMount - ok
20:35:29.0487 4012  WinDefend - ok
20:35:29.0503 4012  WinHttpAutoProxySvc - ok
20:35:29.0550 4012  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:35:29.0550 4012  Winmgmt - ok
20:35:29.0628 4012  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:35:29.0706 4012  WinRM - ok
20:35:29.0768 4012  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:35:29.0768 4012  WinUsb - ok
20:35:29.0815 4012  [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc        C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
20:35:29.0815 4012  WisLMSvc - ok
20:35:29.0862 4012  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:35:29.0877 4012  Wlansvc - ok
20:35:30.0548 4012  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:35:30.0610 4012  wlidsvc - ok
20:35:30.0657 4012  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:35:30.0657 4012  WmiAcpi - ok
20:35:30.0720 4012  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:35:30.0735 4012  wmiApSrv - ok
20:35:30.0766 4012  WMPNetworkSvc - ok
20:35:30.0782 4012  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:35:30.0798 4012  WPCSvc - ok
20:35:30.0829 4012  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:35:30.0829 4012  WPDBusEnum - ok
20:35:30.0876 4012  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:35:30.0876 4012  ws2ifsl - ok
20:35:30.0907 4012  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
20:35:30.0907 4012  wscsvc - ok
20:35:30.0922 4012  WSearch - ok
20:35:31.0406 4012  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:35:31.0484 4012  wuauserv - ok
20:35:31.0500 4012  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:35:31.0515 4012  WudfPf - ok
20:35:31.0546 4012  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:35:31.0546 4012  WUDFRd - ok
20:35:31.0578 4012  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:35:31.0593 4012  wudfsvc - ok
20:35:31.0624 4012  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:35:31.0624 4012  WwanSvc - ok
20:35:31.0687 4012  [ BAA813A76F5DB6CC3C2CEAB7D82B6972 ] X10Hid          C:\Windows\System32\Drivers\x10hid.sys
20:35:31.0687 4012  X10Hid - ok
20:35:31.0734 4012  [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets         C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
20:35:31.0734 4012  x10nets - ok
20:35:31.0796 4012  [ A4B2A8751A8F96134BE6063B8A759116 ] XUIF            C:\Windows\System32\Drivers\x10ufx2.sys
20:35:31.0796 4012  XUIF - ok
20:35:31.0827 4012  ================ Scan global ===============================
20:35:31.0858 4012  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:35:31.0874 4012  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:35:31.0890 4012  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:35:31.0905 4012  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:35:31.0936 4012  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:35:31.0936 4012  [Global] - ok
20:35:31.0936 4012  ================ Scan MBR ==================================
20:35:31.0968 4012  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
20:35:35.0275 4012  \Device\Harddisk0\DR0 - ok
20:35:35.0275 4012  ================ Scan VBR ==================================
20:35:35.0290 4012  [ 56301140A3C91A5C1DAD71C89DE78A9F ] \Device\Harddisk0\DR0\Partition1
20:35:35.0290 4012  \Device\Harddisk0\DR0\Partition1 - ok
20:35:35.0322 4012  [ DE3B932713AAD7095AC3A00C4F0A245E ] \Device\Harddisk0\DR0\Partition2
20:35:35.0322 4012  \Device\Harddisk0\DR0\Partition2 - ok
20:35:35.0353 4012  [ B194FE945CEFEF9FB26C96C6E6BE0016 ] \Device\Harddisk0\DR0\Partition3
20:35:35.0353 4012  \Device\Harddisk0\DR0\Partition3 - ok
20:35:35.0353 4012  ============================================================
20:35:35.0353 4012  Scan finished
20:35:35.0353 4012  ============================================================
20:35:35.0384 3980  Detected object count: 0
20:35:35.0384 3980  Actual detected object count: 0
         


Alt 12.06.2013, 14:41   #6
markusg
/// Malware-holic
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



TDSS killer nach anleitung konfigurieren und ausführen bitteb
__________________
--> wssetup.exe - Virus ja/ nein?

Alt 12.06.2013, 17:13   #7
Trollo
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



Anscheinend hatte ich irgendwas falsch gemacht... naja egal.
Hier also der Log (4 Threads gefunden):

Code:
ATTFilter
18:05:51.0437 3192  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:05:53.0528 3192  ============================================================
18:05:53.0528 3192  Current date / time: 2013/06/12 18:05:53.0528
18:05:53.0528 3192  SystemInfo:
18:05:53.0528 3192  
18:05:53.0528 3192  OS Version: 6.1.7601 ServicePack: 1.0
18:05:53.0528 3192  Product type: Workstation
18:05:53.0528 3192  ComputerName: ****-PC
18:05:53.0528 3192  UserName: ****
18:05:53.0528 3192  Windows directory: C:\Windows
18:05:53.0528 3192  System windows directory: C:\Windows
18:05:53.0528 3192  Running under WOW64
18:05:53.0528 3192  Processor architecture: Intel x64
18:05:53.0528 3192  Number of processors: 4
18:05:53.0528 3192  Page size: 0x1000
18:05:53.0528 3192  Boot type: Normal boot
18:05:53.0528 3192  ============================================================
18:05:55.0057 3192  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:05:55.0072 3192  ============================================================
18:05:55.0072 3192  \Device\Harddisk0\DR0:
18:05:55.0072 3192  MBR partitions:
18:05:55.0072 3192  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:05:55.0072 3192  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x35152000
18:05:55.0072 3192  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x35184800, BlocksNum 0x5000000
18:05:55.0072 3192  ============================================================
18:05:55.0150 3192  C: <-> \Device\Harddisk0\DR0\Partition2
18:05:55.0384 3192  D: <-> \Device\Harddisk0\DR0\Partition3
18:05:55.0384 3192  ============================================================
18:05:55.0384 3192  Initialize success
18:05:55.0384 3192  ============================================================
18:06:54.0337 5096  ============================================================
18:06:54.0337 5096  Scan started
18:06:54.0337 5096  Mode: Manual; SigCheck; TDLFS; 
18:06:54.0337 5096  ============================================================
18:06:55.0538 5096  ================ Scan system memory ========================
18:06:55.0538 5096  System memory - ok
18:06:55.0538 5096  ================ Scan services =============================
18:06:56.0006 5096  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:06:56.0224 5096  1394ohci - ok
18:06:56.0271 5096  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:06:56.0302 5096  ACPI - ok
18:06:56.0349 5096  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:06:56.0489 5096  AcpiPmi - ok
18:06:56.0926 5096  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:06:56.0942 5096  AdobeARMservice - ok
18:06:57.0160 5096  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:06:57.0176 5096  AdobeFlashPlayerUpdateSvc - ok
18:06:57.0223 5096  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:06:57.0254 5096  adp94xx - ok
18:06:57.0316 5096  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:06:57.0347 5096  adpahci - ok
18:06:57.0379 5096  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:06:57.0394 5096  adpu320 - ok
18:06:57.0441 5096  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:06:57.0644 5096  AeLookupSvc - ok
18:06:57.0691 5096  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:06:57.0769 5096  AFD - ok
18:06:57.0815 5096  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:06:57.0831 5096  agp440 - ok
18:06:57.0878 5096  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:06:57.0940 5096  ALG - ok
18:06:58.0003 5096  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:06:58.0034 5096  aliide - ok
18:06:58.0049 5096  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:06:58.0065 5096  amdide - ok
18:06:58.0112 5096  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:06:58.0174 5096  AmdK8 - ok
18:06:58.0221 5096  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:06:58.0252 5096  AmdPPM - ok
18:06:58.0315 5096  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:06:58.0330 5096  amdsata - ok
18:06:58.0408 5096  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:06:58.0439 5096  amdsbs - ok
18:06:58.0471 5096  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:06:58.0486 5096  amdxata - ok
18:06:58.0533 5096  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:06:58.0751 5096  AppID - ok
18:06:58.0783 5096  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:06:58.0861 5096  AppIDSvc - ok
18:06:58.0907 5096  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
18:06:58.0970 5096  Appinfo - ok
18:06:59.0048 5096  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:06:59.0063 5096  arc - ok
18:06:59.0079 5096  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:06:59.0095 5096  arcsas - ok
18:06:59.0141 5096  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:06:59.0188 5096  AsyncMac - ok
18:06:59.0235 5096  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:06:59.0266 5096  atapi - ok
18:06:59.0344 5096  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:06:59.0469 5096  AudioEndpointBuilder - ok
18:06:59.0485 5096  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:06:59.0531 5096  AudioSrv - ok
18:06:59.0594 5096  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:06:59.0703 5096  AxInstSV - ok
18:06:59.0797 5096  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:06:59.0921 5096  b06bdrv - ok
18:07:00.0031 5096  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:07:00.0171 5096  b57nd60a - ok
18:07:00.0311 5096  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
18:07:00.0327 5096  BBSvc - ok
18:07:00.0389 5096  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
18:07:00.0405 5096  BBUpdate - ok
18:07:00.0452 5096  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:07:00.0483 5096  BDESVC - ok
18:07:00.0545 5096  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:07:00.0608 5096  Beep - ok
18:07:00.0701 5096  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:07:00.0795 5096  BFE - ok
18:07:01.0154 5096  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130531.001\BHDrvx64.sys
18:07:01.0263 5096  BHDrvx64 - ok
18:07:01.0325 5096  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:07:01.0450 5096  BITS - ok
18:07:01.0481 5096  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:07:01.0513 5096  blbdrive - ok
18:07:01.0559 5096  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:07:01.0606 5096  bowser - ok
18:07:01.0653 5096  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:07:01.0778 5096  BrFiltLo - ok
18:07:01.0793 5096  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:07:01.0825 5096  BrFiltUp - ok
18:07:01.0871 5096  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:07:01.0949 5096  Browser - ok
18:07:01.0996 5096  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:07:02.0074 5096  Brserid - ok
18:07:02.0105 5096  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:07:02.0152 5096  BrSerWdm - ok
18:07:02.0199 5096  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:07:02.0246 5096  BrUsbMdm - ok
18:07:02.0324 5096  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:07:02.0371 5096  BrUsbSer - ok
18:07:02.0449 5096  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:07:02.0480 5096  BTHMODEM - ok
18:07:02.0542 5096  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:07:02.0636 5096  bthserv - ok
18:07:02.0729 5096  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys
18:07:02.0761 5096  ccSet_NIS - ok
18:07:02.0792 5096  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:07:02.0885 5096  cdfs - ok
18:07:02.0948 5096  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:07:02.0995 5096  cdrom - ok
18:07:03.0073 5096  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:07:03.0166 5096  CertPropSvc - ok
18:07:03.0197 5096  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:07:03.0244 5096  circlass - ok
18:07:03.0307 5096  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:07:03.0338 5096  CLFS - ok
18:07:03.0431 5096  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:03.0447 5096  clr_optimization_v2.0.50727_32 - ok
18:07:03.0509 5096  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:07:03.0525 5096  clr_optimization_v2.0.50727_64 - ok
18:07:03.0587 5096  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:07:03.0619 5096  clr_optimization_v4.0.30319_32 - ok
18:07:03.0665 5096  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:07:03.0681 5096  clr_optimization_v4.0.30319_64 - ok
18:07:03.0728 5096  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:07:03.0775 5096  CmBatt - ok
18:07:03.0837 5096  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:07:03.0853 5096  cmdide - ok
18:07:03.0899 5096  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:07:03.0977 5096  CNG - ok
18:07:04.0024 5096  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:07:04.0040 5096  Compbatt - ok
18:07:04.0087 5096  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:07:04.0149 5096  CompositeBus - ok
18:07:04.0180 5096  COMSysApp - ok
18:07:04.0211 5096  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:07:04.0227 5096  crcdisk - ok
18:07:04.0305 5096  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:07:04.0399 5096  CryptSvc - ok
18:07:04.0477 5096  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:07:04.0586 5096  DcomLaunch - ok
18:07:04.0617 5096  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:07:04.0742 5096  defragsvc - ok
18:07:04.0804 5096  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:07:04.0867 5096  DfsC - ok
18:07:04.0913 5096  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:07:04.0991 5096  Dhcp - ok
18:07:05.0007 5096  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:07:05.0085 5096  discache - ok
18:07:05.0132 5096  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:07:05.0147 5096  Disk - ok
18:07:05.0225 5096  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:07:05.0272 5096  Dnscache - ok
18:07:05.0335 5096  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:07:05.0397 5096  dot3svc - ok
18:07:05.0428 5096  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:07:05.0491 5096  DPS - ok
18:07:05.0522 5096  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:07:05.0600 5096  drmkaud - ok
18:07:05.0725 5096  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:07:05.0771 5096  DXGKrnl - ok
18:07:05.0803 5096  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:07:05.0865 5096  EapHost - ok
18:07:06.0037 5096  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:07:06.0177 5096  ebdrv - ok
18:07:06.0380 5096  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:07:06.0411 5096  eeCtrl - ok
18:07:06.0427 5096  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:07:06.0505 5096  EFS - ok
18:07:06.0723 5096  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:07:06.0785 5096  ehRecvr - ok
18:07:06.0848 5096  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:07:06.0895 5096  ehSched - ok
18:07:06.0957 5096  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:07:06.0988 5096  elxstor - ok
18:07:07.0019 5096  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:07:07.0035 5096  EraserUtilRebootDrv - ok
18:07:07.0066 5096  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:07:07.0082 5096  ErrDev - ok
18:07:07.0160 5096  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:07:07.0222 5096  EventSystem - ok
18:07:07.0253 5096  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:07:07.0316 5096  exfat - ok
18:07:07.0378 5096  Fabs - ok
18:07:07.0394 5096  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:07:07.0472 5096  fastfat - ok
18:07:07.0519 5096  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:07:07.0612 5096  Fax - ok
18:07:07.0643 5096  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:07:07.0675 5096  fdc - ok
18:07:07.0721 5096  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:07:07.0799 5096  fdPHost - ok
18:07:07.0815 5096  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:07:07.0877 5096  FDResPub - ok
18:07:07.0909 5096  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:07:07.0924 5096  FileInfo - ok
18:07:07.0940 5096  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:07:08.0018 5096  Filetrace - ok
18:07:08.0143 5096  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
18:07:08.0252 5096  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
18:07:08.0252 5096  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
18:07:08.0299 5096  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:07:08.0314 5096  flpydisk - ok
18:07:08.0345 5096  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:07:08.0392 5096  FltMgr - ok
18:07:08.0455 5096  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:07:08.0533 5096  FontCache - ok
18:07:08.0611 5096  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:07:08.0626 5096  FontCache3.0.0.0 - ok
18:07:08.0657 5096  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:07:08.0689 5096  FsDepends - ok
18:07:08.0751 5096  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:07:08.0782 5096  fssfltr - ok
18:07:09.0203 5096  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:07:09.0266 5096  fsssvc - ok
18:07:09.0297 5096  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:07:09.0313 5096  Fs_Rec - ok
18:07:09.0359 5096  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:07:09.0406 5096  fvevol - ok
18:07:09.0437 5096  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:07:09.0453 5096  gagp30kx - ok
18:07:09.0515 5096  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:07:09.0593 5096  gpsvc - ok
18:07:09.0640 5096  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
18:07:09.0656 5096  hamachi - ok
18:07:09.0796 5096  [ DBCF8F2EA9111510B5B86E1EE9CD8816 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:07:09.0905 5096  Hamachi2Svc - ok
18:07:09.0952 5096  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:07:10.0015 5096  hcw85cir - ok
18:07:10.0046 5096  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:07:10.0108 5096  HdAudAddService - ok
18:07:10.0171 5096  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:07:10.0217 5096  HDAudBus - ok
18:07:10.0264 5096  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
18:07:10.0295 5096  HECIx64 - ok
18:07:10.0311 5096  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:07:10.0358 5096  HidBatt - ok
18:07:10.0420 5096  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:07:10.0451 5096  HidBth - ok
18:07:10.0483 5096  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:07:10.0514 5096  HidIr - ok
18:07:10.0545 5096  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:07:10.0623 5096  hidserv - ok
18:07:10.0685 5096  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:07:10.0701 5096  HidUsb - ok
18:07:10.0748 5096  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:07:10.0841 5096  hkmsvc - ok
18:07:10.0888 5096  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:07:10.0966 5096  HomeGroupListener - ok
18:07:10.0997 5096  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:07:11.0044 5096  HomeGroupProvider - ok
18:07:11.0075 5096  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:07:11.0091 5096  HpSAMD - ok
18:07:11.0278 5096  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:07:11.0372 5096  HTTP - ok
18:07:11.0419 5096  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:07:11.0450 5096  hwpolicy - ok
18:07:11.0465 5096  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:07:11.0481 5096  i8042prt - ok
18:07:11.0512 5096  [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:07:11.0543 5096  iaStor - ok
18:07:11.0621 5096  [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:07:11.0637 5096  IAStorDataMgrSvc - ok
18:07:11.0684 5096  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:07:11.0731 5096  iaStorV - ok
18:07:11.0809 5096  [ C58305AC412A2DE95D461072E0AF5AAF ] IBUpdaterService C:\Windows\system32\dmwu.exe
18:07:11.0918 5096  IBUpdaterService - ok
18:07:12.0058 5096  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:07:12.0089 5096  idsvc - ok
18:07:12.0183 5096  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130611.001\IDSvia64.sys
18:07:12.0230 5096  IDSVia64 - ok
18:07:13.0884 5096  [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:07:14.0274 5096  igfx - ok
18:07:14.0352 5096  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:07:14.0383 5096  iirsp - ok
18:07:14.0430 5096  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:07:14.0539 5096  IKEEXT - ok
18:07:14.0570 5096  [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
18:07:14.0632 5096  Impcd - ok
18:07:14.0742 5096  [ 257CE93C4C83A869F67C8121A34D57EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:07:14.0851 5096  IntcAzAudAddService - ok
18:07:14.0898 5096  [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:07:14.0960 5096  IntcDAud - ok
18:07:14.0991 5096  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:07:15.0007 5096  intelide - ok
18:07:15.0038 5096  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:07:15.0069 5096  intelppm - ok
18:07:15.0085 5096  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:07:15.0163 5096  IPBusEnum - ok
18:07:15.0194 5096  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:07:15.0241 5096  IpFilterDriver - ok
18:07:15.0428 5096  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:07:15.0522 5096  iphlpsvc - ok
18:07:15.0615 5096  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:07:15.0678 5096  IPMIDRV - ok
18:07:15.0756 5096  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:07:15.0849 5096  IPNAT - ok
18:07:15.0880 5096  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:07:15.0990 5096  IRENUM - ok
18:07:16.0021 5096  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:07:16.0021 5096  isapnp - ok
18:07:16.0083 5096  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:07:16.0099 5096  iScsiPrt - ok
18:07:16.0130 5096  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:07:16.0146 5096  kbdclass - ok
18:07:16.0177 5096  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:07:16.0208 5096  kbdhid - ok
18:07:16.0255 5096  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:07:16.0270 5096  KeyIso - ok
18:07:16.0348 5096  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:07:16.0380 5096  KSecDD - ok
18:07:16.0411 5096  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:07:16.0426 5096  KSecPkg - ok
18:07:16.0473 5096  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:07:16.0551 5096  ksthunk - ok
18:07:16.0692 5096  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:07:16.0801 5096  KtmRm - ok
18:07:16.0832 5096  [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:07:16.0848 5096  L1C - ok
18:07:16.0894 5096  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:07:16.0957 5096  LanmanServer - ok
18:07:17.0019 5096  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:07:17.0097 5096  LanmanWorkstation - ok
18:07:17.0144 5096  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:07:17.0191 5096  lltdio - ok
18:07:17.0222 5096  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:07:17.0269 5096  lltdsvc - ok
18:07:17.0284 5096  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:07:17.0347 5096  lmhosts - ok
18:07:17.0440 5096  [ 1E2F802846EB944E0333EFEE7C9532A8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:07:17.0472 5096  LMS - ok
18:07:17.0503 5096  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:07:17.0518 5096  LSI_FC - ok
18:07:17.0550 5096  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:07:17.0565 5096  LSI_SAS - ok
18:07:17.0596 5096  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:07:17.0612 5096  LSI_SAS2 - ok
18:07:17.0643 5096  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:07:17.0659 5096  LSI_SCSI - ok
18:07:17.0706 5096  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:07:17.0799 5096  luafv - ok
18:07:17.0924 5096  [ 06407E13684E4B1AD56C62893E718248 ] lxdfCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdfserv.exe
18:07:17.0955 5096  lxdfCATSCustConnectService - ok
18:07:17.0971 5096  lxdf_device - ok
18:07:18.0018 5096  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:07:18.0049 5096  Mcx2Svc - ok
18:07:18.0080 5096  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:07:18.0096 5096  megasas - ok
18:07:18.0189 5096  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:07:18.0236 5096  MegaSR - ok
18:07:18.0267 5096  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:07:18.0345 5096  MMCSS - ok
18:07:18.0423 5096  [ F7AB9BBD2D973607C0E69B1D79C7611F ] mod7764         C:\Windows\system32\DRIVERS\mod77-64.sys
18:07:18.0486 5096  mod7764 - ok
18:07:18.0517 5096  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:07:18.0579 5096  Modem - ok
18:07:18.0610 5096  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:07:18.0657 5096  monitor - ok
18:07:18.0704 5096  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:07:18.0735 5096  mouclass - ok
18:07:18.0782 5096  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:07:18.0829 5096  mouhid - ok
18:07:18.0891 5096  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:07:18.0907 5096  mountmgr - ok
18:07:18.0969 5096  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:07:18.0985 5096  MozillaMaintenance - ok
18:07:19.0032 5096  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:07:19.0047 5096  mpio - ok
18:07:19.0094 5096  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:07:19.0172 5096  mpsdrv - ok
18:07:19.0422 5096  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:07:19.0500 5096  MpsSvc - ok
18:07:19.0546 5096  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:07:19.0609 5096  MRxDAV - ok
18:07:19.0687 5096  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:07:19.0765 5096  mrxsmb - ok
18:07:19.0874 5096  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:07:19.0952 5096  mrxsmb10 - ok
18:07:19.0999 5096  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:07:20.0030 5096  mrxsmb20 - ok
18:07:20.0061 5096  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:07:20.0092 5096  msahci - ok
18:07:20.0155 5096  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:07:20.0186 5096  msdsm - ok
18:07:20.0202 5096  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:07:20.0233 5096  MSDTC - ok
18:07:20.0264 5096  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:07:20.0311 5096  Msfs - ok
18:07:20.0342 5096  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:07:20.0373 5096  mshidkmdf - ok
18:07:20.0404 5096  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:07:20.0420 5096  msisadrv - ok
18:07:20.0451 5096  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:07:20.0514 5096  MSiSCSI - ok
18:07:20.0514 5096  msiserver - ok
18:07:20.0560 5096  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:07:20.0623 5096  MSKSSRV - ok
18:07:20.0623 5096  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:07:20.0701 5096  MSPCLOCK - ok
18:07:20.0732 5096  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:07:20.0794 5096  MSPQM - ok
18:07:20.0919 5096  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:07:20.0950 5096  MsRPC - ok
18:07:20.0982 5096  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:07:20.0997 5096  mssmbios - ok
18:07:21.0028 5096  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:07:21.0075 5096  MSTEE - ok
18:07:21.0122 5096  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:07:21.0138 5096  MTConfig - ok
18:07:21.0153 5096  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:07:21.0169 5096  Mup - ok
18:07:21.0231 5096  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:07:21.0294 5096  napagent - ok
18:07:21.0340 5096  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:07:21.0387 5096  NativeWifiP - ok
18:07:21.0606 5096  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130611.003\ENG64.SYS
18:07:21.0637 5096  NAVENG - ok
18:07:21.0730 5096  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130611.003\EX64.SYS
18:07:21.0840 5096  NAVEX15 - ok
18:07:21.0902 5096  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:07:21.0996 5096  NDIS - ok
18:07:22.0027 5096  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:07:22.0089 5096  NdisCap - ok
18:07:22.0136 5096  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:07:22.0183 5096  NdisTapi - ok
18:07:22.0214 5096  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:07:22.0261 5096  Ndisuio - ok
18:07:22.0308 5096  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:22.0386 5096  NdisWan - ok
18:07:22.0401 5096  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:07:22.0479 5096  NDProxy - ok
18:07:22.0526 5096  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:07:22.0588 5096  NetBIOS - ok
18:07:22.0635 5096  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:07:22.0698 5096  NetBT - ok
18:07:22.0713 5096  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:07:22.0729 5096  Netlogon - ok
18:07:22.0776 5096  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:07:22.0869 5096  Netman - ok
18:07:22.0885 5096  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:07:22.0932 5096  netprofm - ok
18:07:22.0978 5096  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:07:22.0978 5096  NetTcpPortSharing - ok
18:07:23.0010 5096  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:07:23.0025 5096  nfrd960 - ok
18:07:23.0696 5096  [ 241BD3019FB31E812A51B31B06906335 ] NIS             C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe
18:07:23.0727 5096  NIS - ok
18:07:23.0743 5096  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:07:23.0805 5096  NlaSvc - ok
18:07:23.0852 5096  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
18:07:23.0868 5096  NPF - ok
18:07:23.0883 5096  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:07:23.0930 5096  Npfs - ok
18:07:23.0992 5096  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:07:24.0055 5096  nsi - ok
18:07:24.0070 5096  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:07:24.0148 5096  nsiproxy - ok
18:07:24.0273 5096  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:07:24.0336 5096  Ntfs - ok
18:07:24.0367 5096  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:07:24.0460 5096  Null - ok
18:07:24.0476 5096  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:07:24.0492 5096  nvraid - ok
18:07:24.0554 5096  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:07:24.0585 5096  nvstor - ok
18:07:24.0616 5096  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:07:24.0632 5096  nv_agp - ok
18:07:24.0663 5096  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:07:24.0710 5096  ohci1394 - ok
18:07:24.0772 5096  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:24.0788 5096  ose - ok
18:07:25.0038 5096  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:07:25.0303 5096  osppsvc - ok
18:07:25.0428 5096  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:07:25.0474 5096  p2pimsvc - ok
18:07:25.0506 5096  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:07:25.0537 5096  p2psvc - ok
18:07:25.0552 5096  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:07:25.0584 5096  Parport - ok
18:07:25.0599 5096  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:07:25.0630 5096  partmgr - ok
18:07:25.0693 5096  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:07:25.0740 5096  PcaSvc - ok
18:07:25.0802 5096  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:07:25.0833 5096  pci - ok
18:07:25.0849 5096  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:07:25.0864 5096  pciide - ok
18:07:25.0896 5096  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:07:25.0911 5096  pcmcia - ok
18:07:25.0942 5096  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:07:25.0958 5096  pcw - ok
18:07:25.0989 5096  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:07:26.0067 5096  PEAUTH - ok
18:07:26.0301 5096  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:07:26.0379 5096  PerfHost - ok
18:07:26.0707 5096  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:07:26.0847 5096  pla - ok
18:07:26.0910 5096  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:07:26.0956 5096  PlugPlay - ok
18:07:26.0988 5096  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:07:27.0034 5096  PNRPAutoReg - ok
18:07:27.0050 5096  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:07:27.0081 5096  PNRPsvc - ok
18:07:27.0112 5096  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:07:27.0175 5096  PolicyAgent - ok
18:07:27.0222 5096  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:07:27.0284 5096  Power - ok
18:07:27.0331 5096  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:07:27.0409 5096  PptpMiniport - ok
18:07:27.0424 5096  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:07:27.0440 5096  Processor - ok
18:07:27.0487 5096  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:07:27.0534 5096  ProfSvc - ok
18:07:27.0549 5096  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:07:27.0580 5096  ProtectedStorage - ok
18:07:27.0627 5096  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:07:27.0690 5096  Psched - ok
18:07:27.0752 5096  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:07:27.0768 5096  PSI_SVC_2 - ok
18:07:28.0111 5096  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:07:28.0204 5096  ql2300 - ok
18:07:28.0236 5096  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:07:28.0267 5096  ql40xx - ok
18:07:28.0298 5096  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:07:28.0329 5096  QWAVE - ok
18:07:28.0345 5096  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:07:28.0392 5096  QWAVEdrv - ok
18:07:28.0407 5096  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:07:28.0454 5096  RasAcd - ok
18:07:28.0485 5096  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:07:28.0548 5096  RasAgileVpn - ok
18:07:28.0563 5096  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:07:28.0672 5096  RasAuto - ok
18:07:28.0719 5096  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:07:28.0782 5096  Rasl2tp - ok
18:07:28.0828 5096  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:07:28.0891 5096  RasMan - ok
18:07:28.0938 5096  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:07:29.0000 5096  RasPppoe - ok
18:07:29.0016 5096  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:07:29.0062 5096  RasSstp - ok
18:07:29.0109 5096  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:07:29.0172 5096  rdbss - ok
18:07:29.0203 5096  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:07:29.0218 5096  rdpbus - ok
18:07:29.0234 5096  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:07:29.0296 5096  RDPCDD - ok
18:07:29.0343 5096  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:07:29.0406 5096  RDPENCDD - ok
18:07:29.0406 5096  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:07:29.0452 5096  RDPREFMP - ok
18:07:29.0484 5096  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:07:29.0546 5096  RDPWD - ok
18:07:29.0593 5096  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:07:29.0624 5096  rdyboost - ok
18:07:29.0671 5096  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:07:29.0733 5096  RemoteAccess - ok
18:07:29.0764 5096  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:07:29.0827 5096  RemoteRegistry - ok
18:07:29.0920 5096  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:07:29.0936 5096  RichVideo ( UnsignedFile.Multi.Generic ) - warning
18:07:29.0936 5096  RichVideo - detected UnsignedFile.Multi.Generic (1)
18:07:30.0076 5096  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
18:07:30.0108 5096  rpcapd - ok
18:07:30.0139 5096  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:07:30.0232 5096  RpcEptMapper - ok
18:07:30.0264 5096  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:07:30.0326 5096  RpcLocator - ok
18:07:30.0388 5096  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:07:30.0451 5096  RpcSs - ok
18:07:30.0544 5096  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:07:30.0607 5096  rspndr - ok
18:07:30.0654 5096  [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:07:30.0700 5096  RSUSBSTOR - ok
18:07:30.0763 5096  [ 8E843C0340C30994161C10FBA87EEA18 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
18:07:30.0810 5096  rtl8192se - ok
18:07:30.0825 5096  RtsUIR - ok
18:07:30.0841 5096  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:07:30.0856 5096  SamSs - ok
18:07:30.0888 5096  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:07:30.0934 5096  sbp2port - ok
18:07:30.0966 5096  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:07:31.0044 5096  SCardSvr - ok
18:07:31.0090 5096  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:07:31.0168 5096  scfilter - ok
18:07:31.0231 5096  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:07:31.0356 5096  Schedule - ok
18:07:31.0418 5096  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:07:31.0480 5096  SCPolicySvc - ok
18:07:31.0574 5096  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:07:31.0636 5096  SDRSVC - ok
18:07:31.0668 5096  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:07:31.0746 5096  secdrv - ok
18:07:31.0777 5096  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:07:31.0839 5096  seclogon - ok
18:07:31.0886 5096  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:07:31.0948 5096  SENS - ok
18:07:31.0964 5096  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:07:32.0042 5096  SensrSvc - ok
18:07:32.0073 5096  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:07:32.0120 5096  Serenum - ok
18:07:32.0151 5096  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:07:32.0167 5096  Serial - ok
18:07:32.0198 5096  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:07:32.0245 5096  sermouse - ok
18:07:32.0307 5096  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:07:32.0385 5096  SessionEnv - ok
18:07:32.0416 5096  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:07:32.0432 5096  sffdisk - ok
18:07:32.0463 5096  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:07:32.0510 5096  sffp_mmc - ok
18:07:32.0510 5096  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:07:32.0541 5096  sffp_sd - ok
18:07:32.0557 5096  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:07:32.0588 5096  sfloppy - ok
18:07:32.0619 5096  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:07:32.0682 5096  SharedAccess - ok
18:07:32.0713 5096  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:07:32.0775 5096  ShellHWDetection - ok
18:07:32.0822 5096  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:07:32.0838 5096  SiSRaid2 - ok
18:07:32.0869 5096  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:07:32.0884 5096  SiSRaid4 - ok
18:07:32.0947 5096  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:07:32.0978 5096  SkypeUpdate - ok
18:07:33.0025 5096  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:07:33.0087 5096  Smb - ok
18:07:33.0134 5096  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:07:33.0165 5096  SNMPTRAP - ok
18:07:33.0196 5096  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:07:33.0212 5096  spldr - ok
18:07:33.0243 5096  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:07:33.0321 5096  Spooler - ok
18:07:33.0446 5096  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:07:33.0618 5096  sppsvc - ok
18:07:33.0664 5096  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:07:33.0742 5096  sppuinotify - ok
18:07:34.0008 5096  [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1403010.016\SRTSP64.SYS
18:07:34.0039 5096  SRTSP - ok
18:07:34.0070 5096  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1403010.016\SRTSPX64.SYS
18:07:34.0070 5096  SRTSPX - ok
18:07:34.0132 5096  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:07:34.0195 5096  srv - ok
18:07:34.0210 5096  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:07:34.0257 5096  srv2 - ok
18:07:34.0304 5096  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:07:34.0335 5096  srvnet - ok
18:07:34.0382 5096  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:07:34.0429 5096  SSDPSRV - ok
18:07:34.0444 5096  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:07:34.0491 5096  SstpSvc - ok
18:07:34.0522 5096  Steam Client Service - ok
18:07:34.0538 5096  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:07:34.0554 5096  stexstor - ok
18:07:34.0616 5096  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:07:34.0694 5096  stisvc - ok
18:07:34.0897 5096  [ 3FB1D84D673B4A9AF3856C8843C7A464 ] StumbleUponUpdater C:\Users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
18:07:34.0897 5096  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - warning
18:07:34.0897 5096  StumbleUponUpdater - detected UnsignedFile.Multi.Generic (1)
18:07:34.0928 5096  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:07:34.0944 5096  swenum - ok
18:07:35.0053 5096  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:07:35.0115 5096  swprv - ok
18:07:35.0162 5096  [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS           C:\Windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS
18:07:35.0193 5096  SymDS - ok
18:07:35.0256 5096  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS
18:07:35.0334 5096  SymEFA - ok
18:07:35.0380 5096  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:07:35.0412 5096  SymEvent - ok
18:07:35.0427 5096  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
18:07:35.0427 5096  SymIM - ok
18:07:35.0474 5096  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS
18:07:35.0490 5096  SymIRON - ok
18:07:35.0536 5096  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS
18:07:35.0568 5096  SymNetS - ok
18:07:35.0661 5096  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:07:35.0692 5096  SynTP - ok
18:07:35.0755 5096  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:07:35.0895 5096  SysMain - ok
18:07:35.0926 5096  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:07:35.0942 5096  TabletInputService - ok
18:07:35.0989 5096  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:07:36.0067 5096  TapiSrv - ok
18:07:36.0098 5096  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:07:36.0176 5096  TBS - ok
18:07:36.0254 5096  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:07:36.0363 5096  Tcpip - ok
18:07:36.0394 5096  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:07:36.0441 5096  TCPIP6 - ok
18:07:36.0488 5096  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:07:36.0519 5096  tcpipreg - ok
18:07:36.0550 5096  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:07:36.0597 5096  TDPIPE - ok
18:07:36.0628 5096  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:07:36.0660 5096  TDTCP - ok
18:07:36.0691 5096  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:07:36.0753 5096  tdx - ok
18:07:36.0800 5096  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:07:36.0831 5096  TermDD - ok
18:07:36.0878 5096  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:07:36.0925 5096  TermService - ok
18:07:36.0956 5096  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:07:37.0034 5096  Themes - ok
18:07:37.0065 5096  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:07:37.0112 5096  THREADORDER - ok
18:07:37.0143 5096  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:07:37.0221 5096  TrkWks - ok
18:07:37.0315 5096  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:07:37.0377 5096  TrustedInstaller - ok
18:07:37.0424 5096  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:07:37.0471 5096  tssecsrv - ok
18:07:37.0518 5096  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:07:37.0564 5096  TsUsbFlt - ok
18:07:37.0627 5096  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:07:37.0705 5096  tunnel - ok
18:07:37.0752 5096  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:07:37.0783 5096  uagp35 - ok
18:07:37.0830 5096  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:07:37.0923 5096  udfs - ok
18:07:37.0986 5096  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:07:38.0032 5096  UI0Detect - ok
18:07:38.0079 5096  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:07:38.0095 5096  uliagpkx - ok
18:07:38.0126 5096  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:07:38.0157 5096  umbus - ok
18:07:38.0204 5096  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:07:38.0220 5096  UmPass - ok
18:07:38.0968 5096  [ AF905F4966CFC8B973623AB150CD4B2B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:07:39.0093 5096  UNS - ok
18:07:39.0218 5096  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:07:39.0280 5096  upnphost - ok
18:07:39.0343 5096  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:07:39.0390 5096  usbaudio - ok
18:07:39.0452 5096  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:07:39.0514 5096  usbccgp - ok
18:07:39.0530 5096  USBCCID - ok
18:07:39.0561 5096  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:07:39.0592 5096  usbcir - ok
18:07:39.0624 5096  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:07:39.0655 5096  usbehci - ok
18:07:39.0780 5096  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:07:39.0826 5096  usbhub - ok
18:07:39.0842 5096  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:07:39.0889 5096  usbohci - ok
18:07:39.0920 5096  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:07:39.0967 5096  usbprint - ok
18:07:39.0982 5096  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:07:39.0998 5096  usbscan - ok
18:07:40.0045 5096  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:07:40.0107 5096  USBSTOR - ok
18:07:40.0138 5096  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:07:40.0170 5096  usbuhci - ok
18:07:40.0248 5096  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:07:40.0294 5096  usbvideo - ok
18:07:40.0326 5096  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:07:40.0388 5096  UxSms - ok
18:07:40.0435 5096  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:07:40.0466 5096  VaultSvc - ok
18:07:40.0513 5096  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:07:40.0528 5096  vdrvroot - ok
18:07:40.0560 5096  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:07:40.0638 5096  vds - ok
18:07:40.0684 5096  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:07:40.0700 5096  vga - ok
18:07:40.0716 5096  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:07:40.0762 5096  VgaSave - ok
18:07:40.0856 5096  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:07:40.0887 5096  vhdmp - ok
18:07:40.0934 5096  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:07:40.0950 5096  viaide - ok
18:07:40.0981 5096  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:07:40.0996 5096  volmgr - ok
18:07:41.0090 5096  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:07:41.0121 5096  volmgrx - ok
18:07:41.0152 5096  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:07:41.0168 5096  volsnap - ok
18:07:41.0215 5096  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:07:41.0246 5096  vsmraid - ok
18:07:41.0480 5096  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:07:41.0558 5096  VSS - ok
18:07:41.0589 5096  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:07:41.0636 5096  vwifibus - ok
18:07:41.0667 5096  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:41.0714 5096  vwififlt - ok
18:07:41.0761 5096  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:07:41.0823 5096  W32Time - ok
18:07:41.0870 5096  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:07:41.0917 5096  WacomPen - ok
18:07:41.0948 5096  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:07:42.0026 5096  WANARP - ok
18:07:42.0026 5096  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:07:42.0073 5096  Wanarpv6 - ok
18:07:42.0166 5096  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:07:42.0260 5096  wbengine - ok
18:07:42.0291 5096  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:07:42.0338 5096  WbioSrvc - ok
18:07:42.0400 5096  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:07:42.0463 5096  wcncsvc - ok
18:07:42.0478 5096  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:07:42.0541 5096  WcsPlugInService - ok
18:07:42.0572 5096  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:07:42.0588 5096  Wd - ok
18:07:42.0634 5096  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:07:42.0666 5096  Wdf01000 - ok
18:07:42.0697 5096  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:07:42.0790 5096  WdiServiceHost - ok
18:07:42.0806 5096  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:07:42.0822 5096  WdiSystemHost - ok
18:07:42.0853 5096  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:07:42.0900 5096  WebClient - ok
18:07:42.0931 5096  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:07:42.0993 5096  Wecsvc - ok
18:07:43.0024 5096  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:07:43.0087 5096  wercplsupport - ok
18:07:43.0118 5096  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:07:43.0165 5096  WerSvc - ok
18:07:43.0212 5096  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:07:43.0290 5096  WfpLwf - ok
18:07:43.0305 5096  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:07:43.0321 5096  WIMMount - ok
18:07:43.0321 5096  WinDefend - ok
18:07:43.0352 5096  WinHttpAutoProxySvc - ok
18:07:43.0383 5096  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:07:43.0477 5096  Winmgmt - ok
18:07:43.0836 5096  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:07:44.0023 5096  WinRM - ok
18:07:44.0054 5096  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:07:44.0070 5096  WinUsb - ok
18:07:44.0179 5096  [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc        C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
18:07:44.0179 5096  WisLMSvc - ok
18:07:44.0257 5096  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:07:44.0319 5096  Wlansvc - ok
18:07:44.0943 5096  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:45.0084 5096  wlidsvc - ok
18:07:45.0115 5096  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:07:45.0162 5096  WmiAcpi - ok
18:07:45.0208 5096  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:07:45.0255 5096  wmiApSrv - ok
18:07:45.0286 5096  WMPNetworkSvc - ok
18:07:45.0318 5096  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:07:45.0349 5096  WPCSvc - ok
18:07:45.0380 5096  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:07:45.0396 5096  WPDBusEnum - ok
18:07:45.0427 5096  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:07:45.0474 5096  ws2ifsl - ok
18:07:45.0520 5096  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:07:45.0583 5096  wscsvc - ok
18:07:45.0583 5096  WSearch - ok
18:07:45.0676 5096  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:07:45.0848 5096  wuauserv - ok
18:07:45.0910 5096  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:07:45.0957 5096  WudfPf - ok
18:07:46.0020 5096  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:07:46.0051 5096  WUDFRd - ok
18:07:46.0113 5096  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:07:46.0160 5096  wudfsvc - ok
18:07:46.0207 5096  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:07:46.0269 5096  WwanSvc - ok
18:07:46.0316 5096  [ BAA813A76F5DB6CC3C2CEAB7D82B6972 ] X10Hid          C:\Windows\System32\Drivers\x10hid.sys
18:07:46.0332 5096  X10Hid - ok
18:07:46.0394 5096  [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets         C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
18:07:46.0410 5096  x10nets ( UnsignedFile.Multi.Generic ) - warning
18:07:46.0410 5096  x10nets - detected UnsignedFile.Multi.Generic (1)
18:07:46.0441 5096  [ A4B2A8751A8F96134BE6063B8A759116 ] XUIF            C:\Windows\System32\Drivers\x10ufx2.sys
18:07:46.0456 5096  XUIF - ok
18:07:46.0488 5096  ================ Scan global ===============================
18:07:46.0519 5096  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:07:46.0550 5096  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:07:46.0550 5096  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:07:46.0581 5096  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:07:46.0597 5096  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:07:46.0612 5096  [Global] - ok
18:07:46.0612 5096  ================ Scan MBR ==================================
18:07:46.0628 5096  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
18:07:50.0840 5096  \Device\Harddisk0\DR0 - ok
18:07:50.0840 5096  ================ Scan VBR ==================================
18:07:50.0871 5096  [ 56301140A3C91A5C1DAD71C89DE78A9F ] \Device\Harddisk0\DR0\Partition1
18:07:50.0871 5096  \Device\Harddisk0\DR0\Partition1 - ok
18:07:50.0934 5096  [ DE3B932713AAD7095AC3A00C4F0A245E ] \Device\Harddisk0\DR0\Partition2
18:07:50.0934 5096  \Device\Harddisk0\DR0\Partition2 - ok
18:07:50.0965 5096  [ B194FE945CEFEF9FB26C96C6E6BE0016 ] \Device\Harddisk0\DR0\Partition3
18:07:50.0965 5096  \Device\Harddisk0\DR0\Partition3 - ok
18:07:50.0965 5096  ============================================================
18:07:50.0965 5096  Scan finished
18:07:50.0965 5096  ============================================================
18:07:50.0980 3380  Detected object count: 4
18:07:50.0980 3380  Actual detected object count: 4
18:08:12.0883 3380  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:12.0883 3380  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:08:12.0883 3380  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:12.0883 3380  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:08:12.0883 3380  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:12.0883 3380  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:08:12.0883 3380  x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:12.0883 3380  x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 12.06.2013, 17:49   #8
markusg
/// Malware-holic
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 18:12   #9
Trollo
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



ich weiß nicht, was ich falsch mache o_O
- ich habe alle programme geschlossen
- programm ausgeführt und die zwei häkchen ergänzt
- scan gestartet
- alles auf skip, continue, programm geschlossen und pc neugestartet

ich hoffe jetzt passt alles...

Code:
ATTFilter
19:05:08.0199 4420  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:05:08.0433 4420  ============================================================
19:05:08.0433 4420  Current date / time: 2013/06/12 19:05:08.0433
19:05:08.0433 4420  SystemInfo:
19:05:08.0433 4420  
19:05:08.0433 4420  OS Version: 6.1.7601 ServicePack: 1.0
19:05:08.0433 4420  Product type: Workstation
19:05:08.0433 4420  ComputerName: ****-PC
19:05:08.0433 4420  UserName: ****
19:05:08.0433 4420  Windows directory: C:\Windows
19:05:08.0433 4420  System windows directory: C:\Windows
19:05:08.0433 4420  Running under WOW64
19:05:08.0433 4420  Processor architecture: Intel x64
19:05:08.0433 4420  Number of processors: 4
19:05:08.0433 4420  Page size: 0x1000
19:05:08.0433 4420  Boot type: Normal boot
19:05:08.0433 4420  ============================================================
19:05:08.0964 4420  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:05:08.0964 4420  ============================================================
19:05:08.0964 4420  \Device\Harddisk0\DR0:
19:05:08.0964 4420  MBR partitions:
19:05:08.0964 4420  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:05:08.0964 4420  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x35152000
19:05:08.0964 4420  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x35184800, BlocksNum 0x5000000
19:05:08.0964 4420  ============================================================
19:05:08.0995 4420  C: <-> \Device\Harddisk0\DR0\Partition2
19:05:09.0151 4420  D: <-> \Device\Harddisk0\DR0\Partition3
19:05:09.0151 4420  ============================================================
19:05:09.0151 4420  Initialize success
19:05:09.0151 4420  ============================================================
19:05:31.0802 0988  ============================================================
19:05:31.0802 0988  Scan started
19:05:31.0802 0988  Mode: Manual; SigCheck; TDLFS; 
19:05:31.0802 0988  ============================================================
19:05:32.0036 0988  ================ Scan system memory ========================
19:05:32.0036 0988  System memory - ok
19:05:32.0036 0988  ================ Scan services =============================
19:05:32.0426 0988  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:05:32.0613 0988  1394ohci - ok
19:05:32.0676 0988  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:05:32.0707 0988  ACPI - ok
19:05:32.0754 0988  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:05:32.0801 0988  AcpiPmi - ok
19:05:32.0988 0988  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:05:33.0019 0988  AdobeARMservice - ok
19:05:33.0237 0988  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:05:33.0269 0988  AdobeFlashPlayerUpdateSvc - ok
19:05:33.0315 0988  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:05:33.0362 0988  adp94xx - ok
19:05:33.0409 0988  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:05:33.0425 0988  adpahci - ok
19:05:33.0456 0988  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:05:33.0487 0988  adpu320 - ok
19:05:33.0534 0988  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:05:33.0596 0988  AeLookupSvc - ok
19:05:33.0674 0988  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:05:33.0752 0988  AFD - ok
19:05:33.0783 0988  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:05:33.0815 0988  agp440 - ok
19:05:33.0877 0988  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:05:33.0971 0988  ALG - ok
19:05:34.0017 0988  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:05:34.0033 0988  aliide - ok
19:05:34.0049 0988  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:05:34.0064 0988  amdide - ok
19:05:34.0095 0988  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:05:34.0158 0988  AmdK8 - ok
19:05:34.0189 0988  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:05:34.0251 0988  AmdPPM - ok
19:05:34.0283 0988  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:05:34.0314 0988  amdsata - ok
19:05:34.0361 0988  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:05:34.0392 0988  amdsbs - ok
19:05:34.0407 0988  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:05:34.0423 0988  amdxata - ok
19:05:34.0470 0988  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:05:34.0548 0988  AppID - ok
19:05:34.0579 0988  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:05:34.0673 0988  AppIDSvc - ok
19:05:34.0735 0988  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
19:05:34.0782 0988  Appinfo - ok
19:05:34.0860 0988  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:05:34.0891 0988  arc - ok
19:05:34.0907 0988  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:05:34.0922 0988  arcsas - ok
19:05:34.0969 0988  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:05:35.0063 0988  AsyncMac - ok
19:05:35.0109 0988  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:05:35.0125 0988  atapi - ok
19:05:35.0203 0988  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:05:35.0281 0988  AudioEndpointBuilder - ok
19:05:35.0312 0988  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:05:35.0359 0988  AudioSrv - ok
19:05:35.0406 0988  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:05:35.0499 0988  AxInstSV - ok
19:05:35.0562 0988  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:05:35.0655 0988  b06bdrv - ok
19:05:35.0702 0988  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:05:35.0749 0988  b57nd60a - ok
19:05:35.0843 0988  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
19:05:35.0889 0988  BBSvc - ok
19:05:35.0936 0988  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
19:05:35.0983 0988  BBUpdate - ok
19:05:36.0030 0988  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:05:36.0061 0988  BDESVC - ok
19:05:36.0123 0988  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:05:36.0248 0988  Beep - ok
19:05:36.0311 0988  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:05:36.0373 0988  BFE - ok
19:05:36.0576 0988  [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130531.001\BHDrvx64.sys
19:05:36.0701 0988  BHDrvx64 - ok
19:05:36.0763 0988  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:05:36.0888 0988  BITS - ok
19:05:36.0919 0988  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:05:36.0950 0988  blbdrive - ok
19:05:36.0997 0988  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:05:37.0028 0988  bowser - ok
19:05:37.0075 0988  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:05:37.0137 0988  BrFiltLo - ok
19:05:37.0169 0988  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:05:37.0184 0988  BrFiltUp - ok
19:05:37.0215 0988  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:05:37.0278 0988  Browser - ok
19:05:37.0325 0988  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:05:37.0387 0988  Brserid - ok
19:05:37.0418 0988  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:05:37.0449 0988  BrSerWdm - ok
19:05:37.0496 0988  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:05:37.0559 0988  BrUsbMdm - ok
19:05:37.0590 0988  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:05:37.0621 0988  BrUsbSer - ok
19:05:37.0652 0988  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:05:37.0683 0988  BTHMODEM - ok
19:05:37.0730 0988  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:05:37.0824 0988  bthserv - ok
19:05:37.0933 0988  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys
19:05:37.0949 0988  ccSet_NIS - ok
19:05:37.0980 0988  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:05:38.0058 0988  cdfs - ok
19:05:38.0105 0988  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
19:05:38.0167 0988  cdrom - ok
19:05:38.0229 0988  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:05:38.0307 0988  CertPropSvc - ok
19:05:38.0323 0988  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:05:38.0385 0988  circlass - ok
19:05:38.0432 0988  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:05:38.0463 0988  CLFS - ok
19:05:38.0557 0988  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:05:38.0573 0988  clr_optimization_v2.0.50727_32 - ok
19:05:38.0635 0988  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:05:38.0651 0988  clr_optimization_v2.0.50727_64 - ok
19:05:38.0713 0988  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:05:38.0744 0988  clr_optimization_v4.0.30319_32 - ok
19:05:38.0775 0988  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:05:38.0791 0988  clr_optimization_v4.0.30319_64 - ok
19:05:38.0838 0988  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:05:38.0885 0988  CmBatt - ok
19:05:38.0947 0988  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:05:38.0978 0988  cmdide - ok
19:05:39.0025 0988  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:05:39.0072 0988  CNG - ok
19:05:39.0103 0988  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:05:39.0119 0988  Compbatt - ok
19:05:39.0150 0988  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:05:39.0212 0988  CompositeBus - ok
19:05:39.0228 0988  COMSysApp - ok
19:05:39.0243 0988  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:05:39.0259 0988  crcdisk - ok
19:05:39.0290 0988  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:05:39.0368 0988  CryptSvc - ok
19:05:39.0415 0988  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:05:39.0477 0988  DcomLaunch - ok
19:05:39.0524 0988  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:05:39.0633 0988  defragsvc - ok
19:05:39.0680 0988  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:05:39.0758 0988  DfsC - ok
19:05:39.0805 0988  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:05:39.0883 0988  Dhcp - ok
19:05:39.0930 0988  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:05:40.0008 0988  discache - ok
19:05:40.0055 0988  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:05:40.0070 0988  Disk - ok
19:05:40.0101 0988  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:05:40.0164 0988  Dnscache - ok
19:05:40.0195 0988  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:05:40.0289 0988  dot3svc - ok
19:05:40.0320 0988  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:05:40.0398 0988  DPS - ok
19:05:40.0429 0988  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:05:40.0476 0988  drmkaud - ok
19:05:40.0523 0988  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:05:40.0569 0988  DXGKrnl - ok
19:05:40.0601 0988  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:05:40.0647 0988  EapHost - ok
19:05:40.0757 0988  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:05:40.0928 0988  ebdrv - ok
19:05:41.0006 0988  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:05:41.0037 0988  eeCtrl - ok
19:05:41.0069 0988  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:05:41.0147 0988  EFS - ok
19:05:41.0225 0988  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:05:41.0318 0988  ehRecvr - ok
19:05:41.0365 0988  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:05:41.0412 0988  ehSched - ok
19:05:41.0459 0988  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:05:41.0490 0988  elxstor - ok
19:05:41.0537 0988  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:05:41.0552 0988  EraserUtilRebootDrv - ok
19:05:41.0583 0988  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:05:41.0615 0988  ErrDev - ok
19:05:41.0661 0988  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:05:41.0739 0988  EventSystem - ok
19:05:41.0771 0988  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:05:41.0817 0988  exfat - ok
19:05:41.0895 0988  Fabs - ok
19:05:41.0911 0988  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:05:41.0989 0988  fastfat - ok
19:05:42.0067 0988  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:05:42.0161 0988  Fax - ok
19:05:42.0207 0988  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:05:42.0223 0988  fdc - ok
19:05:42.0254 0988  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:05:42.0301 0988  fdPHost - ok
19:05:42.0317 0988  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:05:42.0379 0988  FDResPub - ok
19:05:42.0426 0988  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:05:42.0441 0988  FileInfo - ok
19:05:42.0457 0988  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:05:42.0566 0988  Filetrace - ok
19:05:42.0675 0988  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:05:42.0816 0988  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:05:42.0816 0988  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:05:42.0863 0988  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:05:42.0878 0988  flpydisk - ok
19:05:42.0925 0988  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:05:42.0972 0988  FltMgr - ok
19:05:43.0019 0988  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
19:05:43.0112 0988  FontCache - ok
19:05:43.0190 0988  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:05:43.0206 0988  FontCache3.0.0.0 - ok
19:05:43.0237 0988  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:05:43.0268 0988  FsDepends - ok
19:05:43.0315 0988  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
19:05:43.0346 0988  fssfltr - ok
19:05:43.0455 0988  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:05:43.0533 0988  fsssvc - ok
19:05:43.0565 0988  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:05:43.0580 0988  Fs_Rec - ok
19:05:43.0627 0988  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:05:43.0674 0988  fvevol - ok
19:05:43.0705 0988  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:05:43.0736 0988  gagp30kx - ok
19:05:43.0783 0988  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:05:43.0861 0988  gpsvc - ok
19:05:43.0908 0988  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
19:05:43.0923 0988  hamachi - ok
19:05:44.0048 0988  [ DBCF8F2EA9111510B5B86E1EE9CD8816 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:05:44.0157 0988  Hamachi2Svc - ok
19:05:44.0189 0988  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:05:44.0267 0988  hcw85cir - ok
19:05:44.0313 0988  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:05:44.0376 0988  HdAudAddService - ok
19:05:44.0423 0988  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:05:44.0454 0988  HDAudBus - ok
19:05:44.0516 0988  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
19:05:44.0532 0988  HECIx64 - ok
19:05:44.0563 0988  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:05:44.0610 0988  HidBatt - ok
19:05:44.0641 0988  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:05:44.0688 0988  HidBth - ok
19:05:44.0719 0988  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:05:44.0750 0988  HidIr - ok
19:05:44.0797 0988  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:05:44.0875 0988  hidserv - ok
19:05:44.0906 0988  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:05:44.0937 0988  HidUsb - ok
19:05:44.0984 0988  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:05:45.0078 0988  hkmsvc - ok
19:05:45.0125 0988  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:05:45.0203 0988  HomeGroupListener - ok
19:05:45.0249 0988  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:05:45.0296 0988  HomeGroupProvider - ok
19:05:45.0312 0988  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:05:45.0343 0988  HpSAMD - ok
19:05:45.0405 0988  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:05:45.0483 0988  HTTP - ok
19:05:45.0515 0988  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:05:45.0530 0988  hwpolicy - ok
19:05:45.0561 0988  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:05:45.0608 0988  i8042prt - ok
19:05:45.0655 0988  [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:05:45.0686 0988  iaStor - ok
19:05:45.0749 0988  [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:05:45.0764 0988  IAStorDataMgrSvc - ok
19:05:45.0795 0988  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:05:45.0827 0988  iaStorV - ok
19:05:45.0951 0988  [ C58305AC412A2DE95D461072E0AF5AAF ] IBUpdaterService C:\Windows\system32\dmwu.exe
19:05:46.0029 0988  IBUpdaterService - ok
19:05:46.0092 0988  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:05:46.0154 0988  idsvc - ok
19:05:46.0264 0988  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130611.001\IDSvia64.sys
19:05:46.0295 0988  IDSVia64 - ok
19:05:46.0576 0988  [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:05:46.0950 0988  igfx - ok
19:05:46.0997 0988  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:05:47.0012 0988  iirsp - ok
19:05:47.0059 0988  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:05:47.0137 0988  IKEEXT - ok
19:05:47.0168 0988  [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
19:05:47.0215 0988  Impcd - ok
19:05:47.0293 0988  [ 257CE93C4C83A869F67C8121A34D57EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:05:47.0418 0988  IntcAzAudAddService - ok
19:05:47.0449 0988  [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:05:47.0465 0988  IntcDAud - ok
19:05:47.0496 0988  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:05:47.0512 0988  intelide - ok
19:05:47.0543 0988  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:05:47.0574 0988  intelppm - ok
19:05:47.0605 0988  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:05:47.0668 0988  IPBusEnum - ok
19:05:47.0714 0988  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:47.0777 0988  IpFilterDriver - ok
19:05:47.0870 0988  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:05:47.0902 0988  iphlpsvc - ok
19:05:47.0948 0988  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:05:47.0995 0988  IPMIDRV - ok
19:05:48.0026 0988  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:05:48.0089 0988  IPNAT - ok
19:05:48.0136 0988  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:05:48.0182 0988  IRENUM - ok
19:05:48.0214 0988  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:05:48.0229 0988  isapnp - ok
19:05:48.0260 0988  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:05:48.0292 0988  iScsiPrt - ok
19:05:48.0307 0988  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
19:05:48.0323 0988  kbdclass - ok
19:05:48.0370 0988  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:05:48.0401 0988  kbdhid - ok
19:05:48.0448 0988  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:05:48.0463 0988  KeyIso - ok
19:05:48.0494 0988  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:05:48.0510 0988  KSecDD - ok
19:05:48.0541 0988  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:05:48.0572 0988  KSecPkg - ok
19:05:48.0588 0988  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:05:48.0666 0988  ksthunk - ok
19:05:48.0713 0988  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:05:48.0775 0988  KtmRm - ok
19:05:48.0822 0988  [ 39918DB0EFCF045A1CE6FABBF339F975 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
19:05:48.0853 0988  L1C - ok
19:05:48.0900 0988  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:05:48.0962 0988  LanmanServer - ok
19:05:49.0009 0988  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:05:49.0056 0988  LanmanWorkstation - ok
19:05:49.0103 0988  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:05:49.0165 0988  lltdio - ok
19:05:49.0196 0988  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:05:49.0243 0988  lltdsvc - ok
19:05:49.0259 0988  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:05:49.0306 0988  lmhosts - ok
19:05:49.0384 0988  [ 1E2F802846EB944E0333EFEE7C9532A8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:05:49.0415 0988  LMS - ok
19:05:49.0446 0988  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:05:49.0462 0988  LSI_FC - ok
19:05:49.0493 0988  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:05:49.0508 0988  LSI_SAS - ok
19:05:49.0524 0988  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:05:49.0540 0988  LSI_SAS2 - ok
19:05:49.0571 0988  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:05:49.0586 0988  LSI_SCSI - ok
19:05:49.0618 0988  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:05:49.0696 0988  luafv - ok
19:05:49.0789 0988  [ 06407E13684E4B1AD56C62893E718248 ] lxdfCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdfserv.exe
19:05:49.0820 0988  lxdfCATSCustConnectService - ok
19:05:49.0867 0988  lxdf_device - ok
19:05:49.0914 0988  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:05:49.0961 0988  Mcx2Svc - ok
19:05:49.0992 0988  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:05:50.0008 0988  megasas - ok
19:05:50.0039 0988  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:05:50.0054 0988  MegaSR - ok
19:05:50.0086 0988  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:05:50.0148 0988  MMCSS - ok
19:05:50.0226 0988  [ F7AB9BBD2D973607C0E69B1D79C7611F ] mod7764         C:\Windows\system32\DRIVERS\mod77-64.sys
19:05:50.0288 0988  mod7764 - ok
19:05:50.0320 0988  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:05:50.0398 0988  Modem - ok
19:05:50.0413 0988  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:05:50.0444 0988  monitor - ok
19:05:50.0491 0988  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:05:50.0522 0988  mouclass - ok
19:05:50.0554 0988  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:05:50.0600 0988  mouhid - ok
19:05:50.0632 0988  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:05:50.0647 0988  mountmgr - ok
19:05:50.0694 0988  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:05:50.0710 0988  MozillaMaintenance - ok
19:05:50.0741 0988  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:05:50.0772 0988  mpio - ok
19:05:50.0819 0988  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:05:50.0881 0988  mpsdrv - ok
19:05:50.0928 0988  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:05:50.0990 0988  MpsSvc - ok
19:05:51.0022 0988  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:05:51.0068 0988  MRxDAV - ok
19:05:51.0100 0988  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:05:51.0131 0988  mrxsmb - ok
19:05:51.0162 0988  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:05:51.0193 0988  mrxsmb10 - ok
19:05:51.0224 0988  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:05:51.0240 0988  mrxsmb20 - ok
19:05:51.0271 0988  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:05:51.0287 0988  msahci - ok
19:05:51.0318 0988  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:05:51.0349 0988  msdsm - ok
19:05:51.0380 0988  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:05:51.0396 0988  MSDTC - ok
19:05:51.0443 0988  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:05:51.0490 0988  Msfs - ok
19:05:51.0521 0988  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:05:51.0568 0988  mshidkmdf - ok
19:05:51.0599 0988  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:05:51.0614 0988  msisadrv - ok
19:05:51.0646 0988  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:05:51.0692 0988  MSiSCSI - ok
19:05:51.0692 0988  msiserver - ok
19:05:51.0739 0988  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:05:51.0802 0988  MSKSSRV - ok
19:05:51.0817 0988  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:05:51.0880 0988  MSPCLOCK - ok
19:05:51.0895 0988  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:05:51.0958 0988  MSPQM - ok
19:05:51.0989 0988  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:05:52.0036 0988  MsRPC - ok
19:05:52.0051 0988  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:05:52.0067 0988  mssmbios - ok
19:05:52.0098 0988  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:05:52.0160 0988  MSTEE - ok
19:05:52.0192 0988  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:05:52.0223 0988  MTConfig - ok
19:05:52.0238 0988  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:05:52.0254 0988  Mup - ok
19:05:52.0316 0988  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:05:52.0426 0988  napagent - ok
19:05:52.0472 0988  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:05:52.0535 0988  NativeWifiP - ok
19:05:52.0644 0988  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130611.003\ENG64.SYS
19:05:52.0675 0988  NAVENG - ok
19:05:52.0753 0988  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130611.003\EX64.SYS
19:05:52.0909 0988  NAVEX15 - ok
19:05:52.0956 0988  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:05:52.0987 0988  NDIS - ok
19:05:53.0034 0988  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:05:53.0096 0988  NdisCap - ok
19:05:53.0128 0988  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:05:53.0159 0988  NdisTapi - ok
19:05:53.0206 0988  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:05:53.0252 0988  Ndisuio - ok
19:05:53.0299 0988  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:05:53.0362 0988  NdisWan - ok
19:05:53.0377 0988  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:05:53.0455 0988  NDProxy - ok
19:05:53.0502 0988  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:05:53.0580 0988  NetBIOS - ok
19:05:53.0627 0988  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:05:53.0720 0988  NetBT - ok
19:05:53.0736 0988  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:05:53.0752 0988  Netlogon - ok
19:05:53.0814 0988  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:05:53.0892 0988  Netman - ok
19:05:53.0908 0988  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:05:53.0970 0988  netprofm - ok
19:05:54.0001 0988  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:05:54.0032 0988  NetTcpPortSharing - ok
19:05:54.0048 0988  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:05:54.0064 0988  nfrd960 - ok
19:05:54.0173 0988  [ 241BD3019FB31E812A51B31B06906335 ] NIS             C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe
19:05:54.0188 0988  NIS - ok
19:05:54.0220 0988  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:05:54.0266 0988  NlaSvc - ok
19:05:54.0298 0988  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
19:05:54.0313 0988  NPF - ok
19:05:54.0329 0988  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:05:54.0376 0988  Npfs - ok
19:05:54.0407 0988  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:05:54.0469 0988  nsi - ok
19:05:54.0485 0988  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:05:54.0563 0988  nsiproxy - ok
19:05:54.0641 0988  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:05:54.0734 0988  Ntfs - ok
19:05:54.0750 0988  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:05:54.0828 0988  Null - ok
19:05:54.0859 0988  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:05:54.0875 0988  nvraid - ok
19:05:54.0906 0988  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:05:54.0922 0988  nvstor - ok
19:05:54.0968 0988  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:05:55.0000 0988  nv_agp - ok
19:05:55.0015 0988  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:05:55.0062 0988  ohci1394 - ok
19:05:55.0124 0988  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:05:55.0140 0988  ose - ok
19:05:55.0327 0988  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:05:55.0530 0988  osppsvc - ok
19:05:55.0577 0988  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:05:55.0639 0988  p2pimsvc - ok
19:05:55.0670 0988  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:05:55.0702 0988  p2psvc - ok
19:05:55.0733 0988  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:05:55.0748 0988  Parport - ok
19:05:55.0780 0988  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:05:55.0795 0988  partmgr - ok
19:05:55.0842 0988  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:05:55.0889 0988  PcaSvc - ok
19:05:55.0920 0988  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:05:55.0951 0988  pci - ok
19:05:55.0982 0988  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:05:55.0998 0988  pciide - ok
19:05:56.0029 0988  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:05:56.0045 0988  pcmcia - ok
19:05:56.0092 0988  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:05:56.0123 0988  pcw - ok
19:05:56.0185 0988  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:05:56.0279 0988  PEAUTH - ok
19:05:56.0404 0988  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:05:56.0435 0988  PerfHost - ok
19:05:56.0528 0988  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:05:56.0669 0988  pla - ok
19:05:56.0731 0988  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:05:56.0778 0988  PlugPlay - ok
19:05:56.0809 0988  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:05:56.0856 0988  PNRPAutoReg - ok
19:05:56.0887 0988  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:05:56.0918 0988  PNRPsvc - ok
19:05:56.0965 0988  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:05:57.0028 0988  PolicyAgent - ok
19:05:57.0059 0988  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:05:57.0106 0988  Power - ok
19:05:57.0152 0988  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:05:57.0230 0988  PptpMiniport - ok
19:05:57.0262 0988  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:05:57.0277 0988  Processor - ok
19:05:57.0308 0988  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:05:57.0340 0988  ProfSvc - ok
19:05:57.0355 0988  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:05:57.0371 0988  ProtectedStorage - ok
19:05:57.0433 0988  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:05:57.0511 0988  Psched - ok
19:05:57.0558 0988  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
19:05:57.0605 0988  PSI_SVC_2 - ok
19:05:57.0652 0988  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:05:57.0761 0988  ql2300 - ok
19:05:57.0792 0988  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:05:57.0808 0988  ql40xx - ok
19:05:57.0854 0988  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:05:57.0901 0988  QWAVE - ok
19:05:57.0932 0988  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:05:57.0995 0988  QWAVEdrv - ok
19:05:58.0010 0988  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:05:58.0042 0988  RasAcd - ok
19:05:58.0073 0988  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:05:58.0120 0988  RasAgileVpn - ok
19:05:58.0151 0988  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:05:58.0229 0988  RasAuto - ok
19:05:58.0276 0988  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:05:58.0354 0988  Rasl2tp - ok
19:05:58.0385 0988  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:05:58.0463 0988  RasMan - ok
19:05:58.0494 0988  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:05:58.0541 0988  RasPppoe - ok
19:05:58.0556 0988  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:05:58.0619 0988  RasSstp - ok
19:05:58.0650 0988  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:05:58.0744 0988  rdbss - ok
19:05:58.0775 0988  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:05:58.0806 0988  rdpbus - ok
19:05:58.0837 0988  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:05:58.0900 0988  RDPCDD - ok
19:05:58.0931 0988  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:05:58.0993 0988  RDPENCDD - ok
19:05:59.0009 0988  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:05:59.0040 0988  RDPREFMP - ok
19:05:59.0087 0988  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:05:59.0149 0988  RDPWD - ok
19:05:59.0196 0988  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:05:59.0227 0988  rdyboost - ok
19:05:59.0274 0988  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:05:59.0336 0988  RemoteAccess - ok
19:05:59.0383 0988  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:05:59.0461 0988  RemoteRegistry - ok
19:05:59.0539 0988  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:05:59.0555 0988  RichVideo ( UnsignedFile.Multi.Generic ) - warning
19:05:59.0555 0988  RichVideo - detected UnsignedFile.Multi.Generic (1)
19:05:59.0633 0988  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
19:05:59.0664 0988  rpcapd - ok
19:05:59.0695 0988  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:05:59.0773 0988  RpcEptMapper - ok
19:05:59.0820 0988  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:05:59.0836 0988  RpcLocator - ok
19:05:59.0914 0988  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:05:59.0992 0988  RpcSs - ok
19:06:00.0007 0988  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:06:00.0070 0988  rspndr - ok
19:06:00.0132 0988  [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
19:06:00.0179 0988  RSUSBSTOR - ok
19:06:00.0226 0988  [ 8E843C0340C30994161C10FBA87EEA18 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
19:06:00.0304 0988  rtl8192se - ok
19:06:00.0304 0988  RtsUIR - ok
19:06:00.0335 0988  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:06:00.0350 0988  SamSs - ok
19:06:00.0382 0988  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:06:00.0397 0988  sbp2port - ok
19:06:00.0428 0988  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:06:00.0506 0988  SCardSvr - ok
19:06:00.0538 0988  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:06:00.0631 0988  scfilter - ok
19:06:00.0662 0988  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:06:00.0740 0988  Schedule - ok
19:06:00.0772 0988  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:06:00.0834 0988  SCPolicySvc - ok
19:06:00.0881 0988  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:06:00.0928 0988  SDRSVC - ok
19:06:00.0974 0988  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:06:01.0037 0988  secdrv - ok
19:06:01.0068 0988  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:06:01.0130 0988  seclogon - ok
19:06:01.0177 0988  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:06:01.0255 0988  SENS - ok
19:06:01.0286 0988  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:06:01.0349 0988  SensrSvc - ok
19:06:01.0396 0988  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:06:01.0427 0988  Serenum - ok
19:06:01.0458 0988  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:06:01.0489 0988  Serial - ok
19:06:01.0536 0988  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:06:01.0567 0988  sermouse - ok
19:06:01.0598 0988  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:06:01.0661 0988  SessionEnv - ok
19:06:01.0692 0988  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:06:01.0708 0988  sffdisk - ok
19:06:01.0739 0988  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:06:01.0770 0988  sffp_mmc - ok
19:06:01.0786 0988  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:06:01.0817 0988  sffp_sd - ok
19:06:01.0848 0988  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:06:01.0895 0988  sfloppy - ok
19:06:01.0926 0988  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:06:02.0004 0988  SharedAccess - ok
19:06:02.0035 0988  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:06:02.0098 0988  ShellHWDetection - ok
19:06:02.0129 0988  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:06:02.0160 0988  SiSRaid2 - ok
19:06:02.0191 0988  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:06:02.0222 0988  SiSRaid4 - ok
19:06:02.0316 0988  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:06:02.0347 0988  SkypeUpdate - ok
19:06:02.0378 0988  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:06:02.0441 0988  Smb - ok
19:06:02.0488 0988  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:06:02.0519 0988  SNMPTRAP - ok
19:06:02.0534 0988  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:06:02.0550 0988  spldr - ok
19:06:02.0597 0988  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:06:02.0659 0988  Spooler - ok
19:06:02.0800 0988  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:06:02.0971 0988  sppsvc - ok
19:06:03.0002 0988  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:06:03.0049 0988  sppuinotify - ok
19:06:03.0143 0988  [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1403010.016\SRTSP64.SYS
19:06:03.0205 0988  SRTSP - ok
19:06:03.0221 0988  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1403010.016\SRTSPX64.SYS
19:06:03.0236 0988  SRTSPX - ok
19:06:03.0268 0988  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:06:03.0314 0988  srv - ok
19:06:03.0346 0988  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:06:03.0377 0988  srv2 - ok
19:06:03.0408 0988  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:06:03.0439 0988  srvnet - ok
19:06:03.0470 0988  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:06:03.0517 0988  SSDPSRV - ok
19:06:03.0533 0988  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:06:03.0580 0988  SstpSvc - ok
19:06:03.0611 0988  Steam Client Service - ok
19:06:03.0626 0988  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:06:03.0642 0988  stexstor - ok
19:06:03.0704 0988  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:06:03.0782 0988  stisvc - ok
19:06:03.0923 0988  [ 3FB1D84D673B4A9AF3856C8843C7A464 ] StumbleUponUpdater C:\Users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
19:06:03.0938 0988  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - warning
19:06:03.0938 0988  StumbleUponUpdater - detected UnsignedFile.Multi.Generic (1)
19:06:03.0970 0988  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:06:03.0985 0988  swenum - ok
19:06:04.0032 0988  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:06:04.0110 0988  swprv - ok
19:06:04.0172 0988  [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS           C:\Windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS
19:06:04.0204 0988  SymDS - ok
19:06:04.0250 0988  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS
19:06:04.0313 0988  SymEFA - ok
19:06:04.0375 0988  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:06:04.0406 0988  SymEvent - ok
19:06:04.0438 0988  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
19:06:04.0453 0988  SymIM - ok
19:06:04.0484 0988  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS
19:06:04.0500 0988  SymIRON - ok
19:06:04.0531 0988  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS
19:06:04.0562 0988  SymNetS - ok
19:06:04.0625 0988  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:06:04.0656 0988  SynTP - ok
19:06:04.0734 0988  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:06:04.0828 0988  SysMain - ok
19:06:04.0843 0988  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:06:04.0874 0988  TabletInputService - ok
19:06:04.0890 0988  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:06:04.0952 0988  TapiSrv - ok
19:06:04.0984 0988  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:06:05.0062 0988  TBS - ok
19:06:05.0140 0988  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:06:05.0264 0988  Tcpip - ok
19:06:05.0327 0988  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:06:05.0374 0988  TCPIP6 - ok
19:06:05.0420 0988  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:06:05.0452 0988  tcpipreg - ok
19:06:05.0483 0988  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:06:05.0530 0988  TDPIPE - ok
19:06:05.0545 0988  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:06:05.0592 0988  TDTCP - ok
19:06:05.0623 0988  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:06:05.0686 0988  tdx - ok
19:06:05.0717 0988  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:06:05.0732 0988  TermDD - ok
19:06:05.0779 0988  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:06:05.0826 0988  TermService - ok
19:06:05.0857 0988  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:06:05.0904 0988  Themes - ok
19:06:05.0935 0988  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:06:05.0998 0988  THREADORDER - ok
19:06:06.0013 0988  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:06:06.0076 0988  TrkWks - ok
19:06:06.0138 0988  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:06:06.0216 0988  TrustedInstaller - ok
19:06:06.0247 0988  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:06:06.0294 0988  tssecsrv - ok
19:06:06.0341 0988  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:06:06.0388 0988  TsUsbFlt - ok
19:06:06.0466 0988  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:06:06.0528 0988  tunnel - ok
19:06:06.0559 0988  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:06:06.0575 0988  uagp35 - ok
19:06:06.0622 0988  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:06:06.0684 0988  udfs - ok
19:06:06.0715 0988  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:06:06.0762 0988  UI0Detect - ok
19:06:06.0793 0988  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:06:06.0809 0988  uliagpkx - ok
19:06:06.0840 0988  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
19:06:06.0871 0988  umbus - ok
19:06:06.0902 0988  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:06:06.0918 0988  UmPass - ok
19:06:07.0043 0988  [ AF905F4966CFC8B973623AB150CD4B2B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:06:07.0136 0988  UNS - ok
19:06:07.0168 0988  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:06:07.0214 0988  upnphost - ok
19:06:07.0261 0988  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:06:07.0324 0988  usbaudio - ok
19:06:07.0370 0988  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:06:07.0402 0988  usbccgp - ok
19:06:07.0417 0988  USBCCID - ok
19:06:07.0448 0988  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:06:07.0480 0988  usbcir - ok
19:06:07.0511 0988  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:06:07.0558 0988  usbehci - ok
19:06:07.0604 0988  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:06:07.0651 0988  usbhub - ok
19:06:07.0667 0988  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:06:07.0698 0988  usbohci - ok
19:06:07.0729 0988  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:06:07.0776 0988  usbprint - ok
19:06:07.0792 0988  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:06:07.0823 0988  usbscan - ok
19:06:07.0854 0988  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:06:07.0901 0988  USBSTOR - ok
19:06:07.0932 0988  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:06:07.0948 0988  usbuhci - ok
19:06:07.0994 0988  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:06:08.0041 0988  usbvideo - ok
19:06:08.0072 0988  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:06:08.0119 0988  UxSms - ok
19:06:08.0135 0988  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:06:08.0150 0988  VaultSvc - ok
19:06:08.0182 0988  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:06:08.0213 0988  vdrvroot - ok
19:06:08.0244 0988  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:06:08.0291 0988  vds - ok
19:06:08.0322 0988  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:06:08.0338 0988  vga - ok
19:06:08.0369 0988  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:06:08.0447 0988  VgaSave - ok
19:06:08.0462 0988  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:06:08.0494 0988  vhdmp - ok
19:06:08.0525 0988  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:06:08.0556 0988  viaide - ok
19:06:08.0587 0988  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:06:08.0603 0988  volmgr - ok
19:06:08.0650 0988  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:06:08.0681 0988  volmgrx - ok
19:06:08.0712 0988  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:06:08.0743 0988  volsnap - ok
19:06:08.0790 0988  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:06:08.0806 0988  vsmraid - ok
19:06:08.0884 0988  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:06:08.0977 0988  VSS - ok
19:06:09.0008 0988  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:06:09.0071 0988  vwifibus - ok
19:06:09.0086 0988  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:06:09.0133 0988  vwififlt - ok
19:06:09.0164 0988  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:06:09.0227 0988  W32Time - ok
19:06:09.0258 0988  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:06:09.0289 0988  WacomPen - ok
19:06:09.0336 0988  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:06:09.0414 0988  WANARP - ok
19:06:09.0430 0988  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:06:09.0476 0988  Wanarpv6 - ok
19:06:09.0539 0988  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:06:09.0648 0988  wbengine - ok
19:06:09.0695 0988  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:06:09.0726 0988  WbioSrvc - ok
19:06:09.0757 0988  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:06:09.0851 0988  wcncsvc - ok
19:06:09.0866 0988  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:06:09.0898 0988  WcsPlugInService - ok
19:06:09.0944 0988  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:06:09.0960 0988  Wd - ok
19:06:10.0007 0988  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:06:10.0085 0988  Wdf01000 - ok
19:06:10.0116 0988  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:06:10.0210 0988  WdiServiceHost - ok
19:06:10.0210 0988  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:06:10.0241 0988  WdiSystemHost - ok
19:06:10.0272 0988  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:06:10.0303 0988  WebClient - ok
19:06:10.0334 0988  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:06:10.0397 0988  Wecsvc - ok
19:06:10.0412 0988  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:06:10.0490 0988  wercplsupport - ok
19:06:10.0522 0988  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:06:10.0568 0988  WerSvc - ok
19:06:10.0584 0988  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:06:10.0631 0988  WfpLwf - ok
19:06:10.0631 0988  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:06:10.0646 0988  WIMMount - ok
19:06:10.0662 0988  WinDefend - ok
19:06:10.0678 0988  WinHttpAutoProxySvc - ok
19:06:10.0709 0988  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:06:10.0771 0988  Winmgmt - ok
19:06:10.0849 0988  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:06:11.0021 0988  WinRM - ok
19:06:11.0083 0988  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:06:11.0099 0988  WinUsb - ok
19:06:11.0161 0988  [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc        C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
19:06:11.0192 0988  WisLMSvc - ok
19:06:11.0239 0988  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:06:11.0270 0988  Wlansvc - ok
19:06:11.0411 0988  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:06:11.0520 0988  wlidsvc - ok
19:06:11.0551 0988  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:06:11.0582 0988  WmiAcpi - ok
19:06:11.0614 0988  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:06:11.0660 0988  wmiApSrv - ok
19:06:11.0692 0988  WMPNetworkSvc - ok
19:06:11.0723 0988  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:06:11.0754 0988  WPCSvc - ok
19:06:11.0785 0988  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:06:11.0832 0988  WPDBusEnum - ok
19:06:11.0863 0988  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:06:11.0910 0988  ws2ifsl - ok
19:06:11.0957 0988  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:06:12.0019 0988  wscsvc - ok
19:06:12.0019 0988  WSearch - ok
19:06:12.0113 0988  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:06:12.0269 0988  wuauserv - ok
19:06:12.0300 0988  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:06:12.0347 0988  WudfPf - ok
19:06:12.0378 0988  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:06:12.0394 0988  WUDFRd - ok
19:06:12.0409 0988  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:06:12.0440 0988  wudfsvc - ok
19:06:12.0472 0988  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:06:12.0518 0988  WwanSvc - ok
19:06:12.0581 0988  [ BAA813A76F5DB6CC3C2CEAB7D82B6972 ] X10Hid          C:\Windows\System32\Drivers\x10hid.sys
19:06:12.0596 0988  X10Hid - ok
19:06:12.0643 0988  [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets         C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
19:06:12.0674 0988  x10nets ( UnsignedFile.Multi.Generic ) - warning
19:06:12.0674 0988  x10nets - detected UnsignedFile.Multi.Generic (1)
19:06:12.0706 0988  [ A4B2A8751A8F96134BE6063B8A759116 ] XUIF            C:\Windows\System32\Drivers\x10ufx2.sys
19:06:12.0721 0988  XUIF - ok
19:06:12.0752 0988  ================ Scan global ===============================
19:06:12.0784 0988  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:06:12.0799 0988  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:06:12.0815 0988  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:06:12.0846 0988  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:06:12.0877 0988  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:06:12.0877 0988  [Global] - ok
19:06:12.0877 0988  ================ Scan MBR ==================================
19:06:12.0893 0988  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
19:06:16.0106 0988  \Device\Harddisk0\DR0 - ok
19:06:16.0106 0988  ================ Scan VBR ==================================
19:06:16.0106 0988  [ 56301140A3C91A5C1DAD71C89DE78A9F ] \Device\Harddisk0\DR0\Partition1
19:06:16.0122 0988  \Device\Harddisk0\DR0\Partition1 - ok
19:06:16.0153 0988  [ DE3B932713AAD7095AC3A00C4F0A245E ] \Device\Harddisk0\DR0\Partition2
19:06:16.0153 0988  \Device\Harddisk0\DR0\Partition2 - ok
19:06:16.0184 0988  [ B194FE945CEFEF9FB26C96C6E6BE0016 ] \Device\Harddisk0\DR0\Partition3
19:06:16.0184 0988  \Device\Harddisk0\DR0\Partition3 - ok
19:06:16.0184 0988  ============================================================
19:06:16.0184 0988  Scan finished
19:06:16.0184 0988  ============================================================
19:06:16.0200 4240  Detected object count: 4
19:06:16.0200 4240  Actual detected object count: 4
19:06:28.0259 4240  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:28.0259 4240  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:28.0259 4240  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:28.0259 4240  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:28.0274 4240  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:28.0274 4240  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:28.0274 4240  x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
19:06:28.0274 4240  x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:06:37.0619 4568  Deinitialize success
         

Alt 12.06.2013, 18:14   #10
markusg
/// Malware-holic
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 18:27   #11
Trollo
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



ganz kurrz noch vorher: norton meckert kombofix seii nicht sicher und löscht es sofort. was tun? norton jz schon ausschalten?

außerdem sind meine accounst noch sicher? habe mich ja trotz der meldung ja bei facebook und co. eingeloggt... bislang kann ich noch auf alles zugreifen

Alt 12.06.2013, 18:35   #12
markusg
/// Malware-holic
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



erst einloggen dann fragen, is ja ne komische reihenfolge, aber ja sollten sie.
norton dann schon während des downloads aus.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 19:29   #13
Trollo
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



hmm ja stimmt^^
also nur am anfang eine meldung, dass noch nicht alles bei Norton deaktiviert ist, hab ich dann aber gemacht (war n bissel umständlich). sonst aber nix. neugestartet -> DIE MELDUNG KOMMT NICHT MEHR! das ganze Verzeichnis (C:\Users\****\AppData\Local\Temp\908209415\wssetup.exe) ist nicht mehr da :-D Noch n Quickscan mit Norton gemacht - nix.

Hier der Log:
Code:
ATTFilter
ComboFix 13-06-08.02 - **** 12.06.2013  19:48:28.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3895.2327 [GMT 2:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
AV: Norton Internet Security CBE *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security CBE *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security CBE *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SPLE59F.tmp
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-12 bis 2013-06-12  ))))))))))))))))))))))))))))))
.
.
2013-06-12 17:59 . 2013-06-12 17:59	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-11 14:02 . 2013-06-11 14:02	--------	d-----w-	c:\windows\system32\drivers\NISx64\1404000.028
2013-06-02 13:17 . 2013-06-02 13:18	--------	d-----w-	c:\windows\SysWow64\jmdp
2013-06-02 13:17 . 2013-06-02 13:17	--------	d-----w-	c:\windows\SysWow64\ARFC
2013-06-02 13:17 . 2013-05-21 13:31	1447728	----a-w-	c:\windows\system32\dmwu.exe
2013-06-02 13:17 . 2013-05-21 13:30	33792	----a-w-	c:\windows\system32\ImHttpComm.dll
2013-06-02 13:17 . 2013-02-05 07:25	829264	----a-w-	c:\windows\system32\msvcr100.dll
2013-06-02 13:17 . 2013-02-05 07:25	608080	----a-w-	c:\windows\system32\msvcp100.dll
2013-06-02 13:17 . 2013-06-08 00:44	--------	d-----w-	c:\windows\SysWow64\WNLT
2013-05-30 10:00 . 2013-05-30 10:00	--------	d-----w-	c:\program files (x86)\GeoGebra 4.2
2013-05-27 18:08 . 2013-05-27 18:08	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-05-27 18:08 . 2013-05-27 18:07	788896	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-05-27 18:08 . 2013-05-27 18:07	866720	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-05-27 18:07 . 2013-05-27 18:07	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-23 14:55 . 2013-05-23 14:55	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-05-18 20:22 . 2013-05-20 10:37	--------	d-----w-	c:\users\****\Photo(graphie)
2013-05-15 13:12 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-11 18:46 . 2012-09-15 14:46	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 18:46 . 2012-09-15 14:46	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 14:48 . 2010-03-03 08:41	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-12 11:04 . 2012-07-17 12:37	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 05:49 . 2013-05-15 13:12	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 13:12	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 13:12	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 13:12	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 13:12	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 13:12	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:39	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-08 17:13 . 2012-09-25 18:53	952	--sha-w-	c:\programdata\KGyGaAvL.sys
2013-04-04 12:50 . 2012-09-15 17:41	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-03-19 06:04 . 2013-04-10 12:35	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 12:35	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 12:35	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 12:35	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 12:35	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 12:35	112640	----a-w-	c:\windows\system32\smss.exe
2013-03-15 17:54 . 2013-03-15 17:54	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-15 17:54 . 2013-03-15 17:54	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-03-15 17:54 . 2013-03-15 17:54	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-03-15 17:54 . 2013-03-15 17:54	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-03-15 17:54 . 2013-03-15 17:54	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-03-15 17:54 . 2013-03-15 17:54	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-03-15 17:54 . 2013-03-15 17:54	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-03-15 17:54 . 2013-03-15 17:54	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-03-15 17:54 . 2013-03-15 17:54	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-03-15 17:54 . 2013-03-15 17:54	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-03-15 17:54 . 2013-03-15 17:54	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-03-15 17:54 . 2013-03-15 17:54	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-03-15 17:54 . 2013-03-15 17:54	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-03-15 17:54 . 2013-03-15 17:54	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-03-15 17:54 . 2013-03-15 17:54	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-03-15 17:54 . 2013-03-15 17:54	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-03-15 17:54 . 2013-03-15 17:54	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-03-15 17:54 . 2013-03-15 17:54	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-15 17:54 . 2013-03-15 17:54	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-03-15 17:54 . 2013-03-15 17:54	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-03-15 17:54 . 2013-03-15 17:54	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-03-15 17:54 . 2013-03-15 17:54	81408	----a-w-	c:\windows\system32\icardie.dll
2013-03-15 17:54 . 2013-03-15 17:54	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-03-15 17:54 . 2013-03-15 17:54	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-03-15 17:54 . 2013-03-15 17:54	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-03-15 17:54 . 2013-03-15 17:54	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-03-15 17:54 . 2013-03-15 17:54	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-03-15 17:54 . 2013-03-15 17:54	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-03-15 17:54 . 2013-03-15 17:54	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-03-15 17:54 . 2013-03-15 17:54	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-03-15 17:54 . 2013-03-15 17:54	441856	----a-w-	c:\windows\system32\html.iec
2013-03-15 17:54 . 2013-03-15 17:54	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-03-15 17:54 . 2013-03-15 17:54	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-03-15 17:54 . 2013-03-15 17:54	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-03-15 17:54 . 2013-03-15 17:54	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-03-15 17:54 . 2013-03-15 17:54	235008	----a-w-	c:\windows\system32\url.dll
2013-03-15 17:54 . 2013-03-15 17:54	216064	----a-w-	c:\windows\system32\msls31.dll
2013-03-15 17:54 . 2013-03-15 17:54	197120	----a-w-	c:\windows\system32\msrating.dll
2013-03-15 17:54 . 2013-03-15 17:54	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-03-15 17:54 . 2013-03-15 17:54	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-03-15 17:54 . 2013-03-15 17:54	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-03-15 17:54 . 2013-03-15 17:54	149504	----a-w-	c:\windows\system32\occache.dll
2013-03-15 17:54 . 2013-03-15 17:54	144896	----a-w-	c:\windows\system32\wextract.exe
2013-03-15 17:54 . 2013-03-15 17:54	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-03-15 17:54 . 2013-03-15 17:54	13824	----a-w-	c:\windows\system32\mshta.exe
2013-03-15 17:54 . 2013-03-15 17:54	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-03-15 17:54 . 2013-03-15 17:54	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-03-15 17:54 . 2013-03-15 17:54	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-03-15 17:54 . 2013-03-15 17:54	102912	----a-w-	c:\windows\system32\inseng.dll
2011-01-12 00:00 . 2011-01-12 00:00	30208	----a-w-	c:\program files (x86)\Common Files\wmpinfo.dll
2011-01-12 00:00 . 2011-01-12 00:00	240128	----a-w-	c:\program files (x86)\Common Files\dsfVorbisDecoder.dll
2011-01-12 00:00 . 2011-01-12 00:00	195584	----a-w-	c:\program files (x86)\Common Files\dsfOggDemux2.dll
2011-01-12 00:00 . 2011-01-12 00:00	146944	----a-w-	c:\program files (x86)\Common Files\dsfFLACDecoder.dll
2011-01-12 00:00 . 2011-01-12 00:00	221184	----a-w-	c:\program files (x86)\Common Files\dsfFLACEncoder.dll
2011-01-12 00:00 . 2011-01-12 00:00	204800	----a-w-	c:\program files (x86)\Common Files\dsfNativeFLACSource.dll
2010-12-16 19:39 . 2010-12-16 19:39	302592	----a-w-	c:\program files (x86)\Common Files\webmmux.dll
2010-12-16 19:39 . 2010-12-16 19:39	701440	----a-w-	c:\program files (x86)\Common Files\vp8encoder.dll
2010-12-16 19:39 . 2010-12-16 19:39	412672	----a-w-	c:\program files (x86)\Common Files\vp8decoder.dll
2010-12-16 19:39 . 2010-12-16 19:39	292352	----a-w-	c:\program files (x86)\Common Files\webmsplit.dll
2009-07-11 21:02 . 2009-07-11 21:02	653120	----a-w-	c:\program files (x86)\Common Files\MSVCR90.dll
2009-07-11 21:02 . 2009-07-11 21:02	569664	----a-w-	c:\program files (x86)\Common Files\MSVCP90.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}]
2011-11-22 08:59	269824	----a-w-	c:\users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 13:03	1310040	----a-r-	c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-02 12:14	220632	----a-w-	c:\users\****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-02 12:14	220632	----a-w-	c:\users\****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-02 12:14	220632	----a-w-	c:\users\****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2009-12-14 200704]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-01-13 413696]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_16_Premium\TrayServer.exe" [2008-08-07 90112]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 lxdfCATSCustConnectService;lxdfCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdfserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxdfserv.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 StumbleUponUpdater;StumbleUpon Updater;c:\users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe;c:\users\****\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 mod7764;TV Tuner device;c:\windows\system32\DRIVERS\mod77-64.sys;c:\windows\SYSNATIVE\DRIVERS\mod77-64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1403010.016\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1403010.016\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130531.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security CBE Settings Manager;c:\windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1403010.016\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130611.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130611.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1403010.016\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1403010.016\SYMNETS.SYS [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
S2 lxdf_device;lxdf_device;c:\windows\system32\lxdfcoms.exe;c:\windows\SYSNATIVE\lxdfcoms.exe [x]
S2 NIS;Norton Internet Security CBE;c:\program files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x]
S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys;c:\windows\SYSNATIVE\Drivers\x10hid.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-15 18:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-02 12:14	244696	----a-w-	c:\users\****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-02 12:14	244696	----a-w-	c:\users\****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-02 12:14	244696	----a-w-	c:\users\****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-02 10087456]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-02 877600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.aldi.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\n1faaxrq.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10001&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{0B8565BA-BAD5-4732-B122-5FD78EFC50A9} - c:\programdata\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}\Service Center Setup PC.exe
AddRemove-{0E086923-AAA3-4F98-A6E2-48B64CE27553} - c:\programdata\{F21A5765-AACF-4530-991E-CE1346273F96}\Reaktor Factory Selection Setup PC.exe
AddRemove-{E9EA5F38-6299-45A1-9D23-F21729A19357} - c:\programdata\{970460A3-BA7D-4974-965A-D2CBA609B007}\Reaktor 5 Setup PC.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4008165590-655134110-1656986159-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4008165590-655134110-1656986159-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-12  20:10:23
ComboFix-quarantined-files.txt  2013-06-12 18:10
.
Vor Suchlauf: 9 Verzeichnis(se), 293.560.930.304 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 293.417.033.728 Bytes frei
.
- - End Of File - - 1D6AC16DB27735EB7DE434B48AC22493
D41D8CD98F00B204E9800998ECF8427E
         
ist der pc wieder clean?

Alt 12.06.2013, 20:07   #14
markusg
/// Malware-holic
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 22:30   #15
Trollo
 
wssetup.exe - Virus ja/ nein? - Standard

wssetup.exe - Virus ja/ nein?



WICHTIG: Wie schon beschrieben wurde von ComboFix wssetup.exe gelöscht. Sie wurde aber wieder (ca. 21:19 Uhr) nachgeladen!!

Wurde nach dem Scan aber nicht mehr gelöscht.

Hier der Log:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
**** :: ****-PC [Administrator]

12.06.2013 21:15:27
mbam-log-2013-06-12 (21-15-27).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 507193
Laufzeit: 2 Stunde(n), 2 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Antwort

Themen zu wssetup.exe - Virus ja/ nein?
anderes, anfrage, anleitungen, ausführen, bereinigung, einfach, einiger, facebook, forum, frage, gen, home, network, neustart, perion network, perion network ltd., reich, schädlich, sweet, virus, woche, wochen, wssetup.exe, überall



Ähnliche Themen: wssetup.exe - Virus ja/ nein?


  1. Virus? Trojaner? wiederauftauchendes Fenster wssetup.exe von Perion Ltd zu installieren!
    Log-Analyse und Auswertung - 24.01.2014 (90)
  2. Virus ja oder nein?
    Log-Analyse und Auswertung - 05.01.2014 (1)
  3. wssetup exe
    Log-Analyse und Auswertung - 29.06.2013 (29)
  4. wssetup.exe
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (7)
  5. wssetup.exe
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (13)
  6. wssetup.exe
    Log-Analyse und Auswertung - 11.06.2013 (3)
  7. Virus? Trojaner? wiederauftauchendes Fenster wssetup.exe von Perion Ltd zu installieren!
    Log-Analyse und Auswertung - 11.06.2013 (5)
  8. wssetup.exe
    Plagegeister aller Art und deren Bekämpfung - 10.06.2013 (7)
  9. Habe ich einen Virus..? Werde aufgefordert wssetup.exe zu installieren
    Plagegeister aller Art und deren Bekämpfung - 09.06.2013 (11)
  10. System Check - Virus ja/nein, wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 01.03.2012 (1)
  11. Bka virus ja oder nein ?
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (24)
  12. virus ja oder nein?
    Plagegeister aller Art und deren Bekämpfung - 05.06.2011 (10)
  13. Virus ja nein?Anti Virus geht nicht mehr!
    Antiviren-, Firewall- und andere Schutzprogramme - 05.08.2010 (23)
  14. WIN32/KRYPTIK.ALZ -- Wird dieser Virus von Antivir erkannt? Wenn nein warum nicht?
    Plagegeister aller Art und deren Bekämpfung - 13.01.2010 (1)
  15. Virus/ja/nein?
    Log-Analyse und Auswertung - 20.08.2009 (1)
  16. virus ja oder nein ?
    Log-Analyse und Auswertung - 26.08.2005 (1)
  17. Wirklich ein Virus? Kaspersky sagt nein andere ja
    Plagegeister aller Art und deren Bekämpfung - 14.02.2005 (0)

Zum Thema wssetup.exe - Virus ja/ nein? - Hi, hatte mal vor einiger Zeit Sweet Home 3D. Wie ich schon wo anderes gelesen habe, ist dies von Perion Network ltd. Seit nun ca. ein - 2 wochen kommt - wssetup.exe - Virus ja/ nein?...
Archiv
Du betrachtest: wssetup.exe - Virus ja/ nein? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.