Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Software.updater.ui.exe möchte an meinen Laptop

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.06.2013, 18:37   #1
Ottifant
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Nach dem Systemstart (manchmal auch während dem normalen Surfen) möchte eine Datei Software.updater.Ui.exe Unbekannter Herausgeber auf meinen Laptop zugreifen. Evtl. ist es mir vor einigen Wochen auch passiert, daß ich versehentlich einmal dies zugelassen habe. Sonst verneine ich immer.

Wenn ich alle Berichte hier so verfolgt habe, mache ich mir Sorgen, daß ich mir einen Trojaner o.ä. eingefangen haben könnte.

Ich habe die ersten Schritte nach Eurer Anleitung durchgeführt. Anbei die Ergebnisse zu OTL und Extra.

Das Programm GMER habe ich 2 x versucht und mir ist 2 x der Computer komplett gecrasht. Beim 1 x hieß die Windowsfehlermeldung PFN_LIST_CORRUPT, beim 2 x war es ein anderer Fehlerhinweis von Windows. Nach Neustart läuft aktuell alles wieder fehlerfrei.

Könnt Ihr mir bitte helfen?


OTL

OTL logfile created on: 12.06.2013 18:20:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rainer\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,01% Memory free
6,20 Gb Paging File | 4,98 Gb Available in Paging File | 80,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,37 Gb Total Space | 39,46 Gb Free Space | 13,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 26,62 Gb Free Space | 8,93% Space Free | Partition Type: NTFS

Computer Name: AMILO-LAPTOP | User Name: Rainer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.06.12 18:18:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rainer\Downloads\OTL.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.06 12:39:03 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.02 18:43:22 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.02 18:43:10 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.04.02 18:43:08 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Programme\PDF24\pdf24.exe
PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.07.28 19:05:34 | 000,472,664 | ---- | M] (PacketVideo) -- C:\Programme\TwonkyMedia\twonkymediaserverwatchdog.exe
PRC - [2009.04.10 23:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.06.02 14:43:58 | 003,915,784 | ---- | M] () -- C:\Programme\RKS Fax\rksfax_control.exe
PRC - [2008.01.18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.18 23:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.09.20 16:32:50 | 000,561,152 | ---- | M] (C&E) -- C:\Programme\C&E\OSD\osd.exe
PRC - [2007.05.10 17:10:06 | 004,468,736 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.01.11 13:57:20 | 000,291,760 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\lxcqmon.exe
PRC - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2006.12.05 09:36:10 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcqcoms.exe
PRC - [2006.12.05 09:35:58 | 000,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Programme\Lexmark 9300 Series\ezprint.exe
PRC - [2006.11.22 18:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe


========== Modules (No Company Name) ==========

MOD - [2013.05.16 13:11:18 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013.02.13 10:25:35 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dab997283369b95e0fc398cdb89d371c\System.Web.ni.dll
MOD - [2013.01.10 12:49:15 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
MOD - [2013.01.10 08:50:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 08:49:25 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013.01.10 08:48:27 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013.01.10 08:47:18 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013.01.10 08:47:09 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012.10.11 22:56:46 | 000,087,952 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.10.11 22:56:22 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Programme\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2009.03.29 21:42:14 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.29 21:42:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.06.02 14:43:58 | 003,915,784 | ---- | M] () -- C:\Programme\RKS Fax\rksfax_control.exe
MOD - [2008.05.07 18:33:46 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2895.26476__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l
MOD - [2008.05.07 18:33:46 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2895.26689__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.05.07 18:33:46 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2895.26666__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.05.07 18:33:46 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2895.26436__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:46 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2895.26488__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.05.07 18:33:46 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2895.26659__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:46 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2895.26623__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2895.26467__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.05.07 18:33:46 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2895.26582__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l
MOD - [2008.05.07 18:33:46 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2895.26455__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll
MOD - [2008.05.07 18:33:39 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2895.26631__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:39 | 000,192,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.1.0__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2008.05.07 18:33:39 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2895.26695__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:39 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2895.26638__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.05.07 18:33:39 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2895.26448__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:39 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2895.26713__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2008.05.07 18:33:39 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2895.26712__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2008.05.07 18:33:39 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2895.26713__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2008.05.07 18:33:38 | 000,794,624 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2895.26590__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:38 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2895.26501__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll
MOD - [2008.05.07 18:33:38 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2895.26456__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll
MOD - [2008.05.07 18:33:38 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2895.26651__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.05.07 18:33:38 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2895.26495__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:38 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2895.26688__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll
MOD - [2008.05.07 18:33:38 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2895.26603__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll
MOD - [2008.05.07 18:33:38 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2895.26589__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2895.26631__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2895.26687__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:38 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2895.26603__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll
MOD - [2008.05.07 18:33:37 | 000,901,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2895.26661__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:37 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2895.26584__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:37 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2895.26616__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:37 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2895.26577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.05.07 18:33:37 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2895.26507__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008.05.07 18:33:37 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2858.39394__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2895.26582__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:37 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2858.39381__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.05.07 18:33:37 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2858.39421__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.05.07 18:33:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2858.39454__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2895.26506__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll
MOD - [2008.05.07 18:33:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2895.26589__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2858.39378__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.05.07 18:33:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2895.26615__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.05.07 18:33:37 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2858.39490__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.05.07 18:33:37 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2858.39384__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.05.07 18:33:37 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2858.39453__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2858.39448__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2858.39397__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2858.39396__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2858.39386__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2858.39392__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2858.39389__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2858.39411__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2858.39449__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2858.39447__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2858.39392__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2858.39425__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2858.39446__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2858.39450__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2858.39398__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2858.39451__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.05.07 18:33:37 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.05.07 18:33:36 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2858.39457__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2858.39415__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2868.26817__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2858.39414__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2858.39420__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2858.39399__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2858.39423__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l
MOD - [2008.05.07 18:33:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2858.39445__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2858.39418__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l
MOD - [2008.05.07 18:33:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2858.39412__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2858.39379__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.05.07 18:33:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.05.07 18:33:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2858.39445__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l
MOD - [2008.05.07 18:33:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2858.39410__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.05.07 18:33:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2858.39391__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.05.07 18:33:34 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2895.26673_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2008.05.07 18:33:33 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2895.26443__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.05.07 18:33:33 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2895.26462__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.05.07 18:33:33 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2895.26673__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008.05.07 18:33:33 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2895.26680__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.05.07 18:33:33 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2895.26429__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.05.07 18:33:33 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2895.26430__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.05.07 18:33:33 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2895.26679__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.05.07 18:33:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2895.26429__90ba9c70f846762e\APM.Server.dll
MOD - [2008.05.07 18:33:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2895.26428__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.05.07 18:33:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2858.39387__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.05.07 18:33:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2858.39400__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.05.07 18:33:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2858.39393__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.05.07 18:33:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2895.26704__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.05.07 18:33:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2858.39389__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.05.07 18:33:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2895.26680__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.05.07 18:33:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.05.07 18:33:33 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2858.39398__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.05.07 18:33:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2858.39411__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.05.07 18:33:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2858.39398__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.05.07 18:33:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2858.39426__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.05.07 18:33:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2858.39384__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008.05.07 18:33:33 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2895.26714__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008.05.07 18:33:33 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2895.26428__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2007.12.04 22:56:42 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.01.11 13:57:20 | 000,291,760 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\lxcqmon.exe
MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56ita.dll
MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56esp.dll
MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56brz.dll
MOD - [2006.11.22 18:31:30 | 000,053,248 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56kor.dll
MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56ger.dll
MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56fra.dll
MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56dnk.dll
MOD - [2006.11.22 18:31:28 | 000,057,344 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56jpn.dll
MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56cht.dll
MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Programme\Motorola\SMSERIAL\sm56chs.dll
MOD - [2006.10.23 13:51:08 | 000,278,528 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\lxcqscw.dll
MOD - [2006.06.09 01:39:22 | 000,143,360 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\lxcqdrec.dll
MOD - [2006.05.25 15:20:44 | 000,241,664 | ---- | M] () -- C:\Programme\Lexmark 9300 Series\iptk.dll
MOD - [2004.09.08 13:45:58 | 000,368,128 | ---- | M] () -- C:\Programme\Filzip\fzshext.dll


========== Services (SafeList) ==========

SRV - [2013.05.26 22:20:03 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.10 07:40:21 | 000,296,448 | ---- | M] () [Auto | Stopped] -- C:\Programme\SoftwareUpdater\SystemStore.exe -- (SystemStoreService)
SRV - [2013.04.02 18:43:22 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.02 18:43:08 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.07.28 19:05:34 | 000,472,664 | ---- | M] (PacketVideo) [Auto | Running] -- C:\Programme\TwonkyMedia\twonkymediaserverwatchdog.exe -- (TwonkyMedia)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.09.03 17:01:50 | 000,053,248 | ---- | M] () [Auto | Stopped] -- C:\Programme\C&E\OSD\OsdService\OsdService.exe -- (OsdService)
SRV - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2006.12.05 09:36:10 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcqcoms.exe -- (lxcq_device)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013.04.02 18:43:25 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.02 18:43:25 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.02 18:43:25 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 16:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.11.16 19:17:48 | 000,144,384 | ---- | M] (1&1 Mail & Media GmbH) [File_System | System | Running] -- C:\Windows\System32\drivers\uigxrdr.SYS -- (uigxrdr)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.08.29 16:40:13 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011.02.16 18:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2011.01.24 17:34:02 | 000,082,688 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SD11CL32.sys -- (SD11CL32)
DRV - [2011.01.24 17:21:02 | 000,065,408 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SDI01132.sys -- (SDI01132)
DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2010.12.24 15:27:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2010.07.28 10:19:28 | 000,058,112 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabser.sys -- (silabser)
DRV - [2010.07.28 10:19:28 | 000,047,176 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\silabenm.sys -- (silabenm)
DRV - [2009.02.05 18:39:08 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2009.02.05 18:39:00 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2009.02.05 18:38:24 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Si3531.sys -- (Si3531)
DRV - [2008.09.26 20:06:24 | 000,129,824 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2008.09.26 20:06:24 | 000,032,048 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.26 12:55:31 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)
DRV - [2007.12.04 23:08:12 | 003,351,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.09.26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.09.04 16:20:00 | 000,005,120 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Programme\C&E\OSD\OsdService\cebuffer.sys -- (CEBFilter)
DRV - [2007.08.31 16:18:06 | 000,004,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Programme\C&E\OSD\OsdService\ceio.sys -- (CEIO)
DRV - [2007.08.31 14:22:26 | 000,007,168 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Programme\C&E\OSD\OsdService\kbfiltr.sys -- (cKBFilter)
DRV - [2007.07.02 17:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007.06.18 15:10:42 | 000,373,568 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv09.sys -- (acedrv09)
DRV - [2007.06.13 23:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2007.06.01 17:10:38 | 000,753,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2007.05.30 18:54:22 | 000,201,696 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp09.sys -- (acehlp09)
DRV - [2007.04.30 14:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.04.04 05:57:00 | 000,046,592 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2006.11.22 18:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2002.03.19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://spiegel.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=GLSV5&o=10168&src=crm&q={searchTerms}&locale=de_DE
IE - HKCU\..\SearchScopes\{4FA812D6-4D6B-403E-8EFD-03EBDAAE6D5E}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJC_de
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.bing.com/search?FORM=UP50DF&PC=UP50&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=FXT
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: nosquint%40urandom.ca:2.1.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..network.proxy.ftp: "178.33.105.59"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "178.33.105.59"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "178.33.105.59"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "178.33.105.59"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Rainer\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Rainer\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013.04.05 10:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\Extensions
[2013.05.03 09:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\Firefox\Profiles\3xug5btu.default\extensions
[2013.05.03 09:06:13 | 000,114,250 | ---- | M] () (No name found) -- C:\Users\Rainer\AppData\Roaming\mozilla\firefox\profiles\3xug5btu.default\extensions\nosquint@urandom.ca.xpi
[2013.05.26 22:20:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.26 22:20:04 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter},
CHR - homepage: https://www.google.de/webhp?source=search_app
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Rainer\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Rainer\AppData\Local\Google\Chrome\Application\27.0.1453.110\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rainer\AppData\Local\Google\Chrome\Application\27.0.1453.110\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (AusweisApp 1.8.0.0) - {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} - C:\Programme\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 9300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LXCQCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCQtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcqmon.exe] C:\Program Files\Lexmark 9300 Series\lxcqmon.exe ()
O4 - HKLM..\Run: [OSD] C:\Programme\C&E\OSD\osd.exe (C&E)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [recinfo742] c:\RecInfo\RecInfo.exe ()
O4 - HKLM..\Run: [RKS Fax Print Controller] C:\Program Files\RKS Fax\rksfax_control.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {BB608966-BC14-4875-9F63-853E5851A2B6} hxxp://download.microsoft.com/download/0/4/C/04CF1236-3181-4F87-8382-B56CCA6C15CF/pmupd806.exe (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E4D4F64-FD95-4731-AC09-CA93409E6231}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{722A890F-3357-4D8C-AE02-1C0390103954}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACC1DE24-9C8A-425E-8DAF-19BAF870A1A1}: NameServer = 195.50.140.178 195.50.140.252
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\2013 05 22 14 01 06 Bibione.JPG
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\2013 05 22 14 01 06 Bibione.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.06.07 21:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.06.07 19:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2013.05.24 12:34:30 | 000,000,000 | ---D | C] -- C:\Users\Rainer\Documents\PC Tipps
[2013.05.23 10:17:49 | 000,000,000 | ---D | C] -- C:\Users\Rainer\Documents\WiWo
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Rainer\*.tmp files -> C:\Users\Rainer\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.06.12 18:24:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{98615E68-E061-4150-859F-1819AC633BEB}.job
[2013.06.12 18:16:36 | 000,000,000 | ---- | M] () -- C:\Users\Rainer\defogger_reenable
[2013.06.12 17:47:40 | 000,632,242 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.12 17:47:40 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.12 17:47:40 | 000,127,278 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.12 17:47:40 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.12 17:44:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2449479715-2319816545-2623231108-1000UA.job
[2013.06.12 17:44:02 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2449479715-2319816545-2623231108-1000Core.job
[2013.06.12 17:36:43 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.12 17:35:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.12 17:34:36 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 17:34:35 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 17:34:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.12 17:32:57 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.06.12 08:33:37 | 000,076,521 | ---- | M] () -- C:\Users\Rainer\Documents\Adressliste.CSV
[2013.06.12 08:33:36 | 000,038,434 | ---- | M] () -- C:\Users\Rainer\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2013.06.11 14:01:26 | 000,046,446 | ---- | M] () -- C:\Users\Rainer\Documents\Paswörter.kdbx
[2013.06.10 06:17:09 | 000,007,052 | ---- | M] () -- C:\Users\Rainer\AppData\Local\d3d9caps.dat
[2013.06.07 21:16:13 | 000,000,041 | ---- | M] () -- C:\Windows\Filzip.ini
[2013.06.04 11:16:45 | 000,002,533 | ---- | M] () -- C:\Users\Rainer\Documents\Schufa.htm
[2013.05.24 14:48:42 | 000,095,744 | ---- | M] () -- C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.16 13:05:52 | 000,467,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Rainer\*.tmp files -> C:\Users\Rainer\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.06.12 18:16:36 | 000,000,000 | ---- | C] () -- C:\Users\Rainer\defogger_reenable
[2013.06.12 08:33:29 | 000,076,521 | ---- | C] () -- C:\Users\Rainer\Documents\Adressliste.CSV
[2013.06.07 19:27:44 | 000,001,690 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.06.04 11:16:45 | 000,002,533 | ---- | C] () -- C:\Users\Rainer\Documents\Schufa.htm
[2012.12.02 13:41:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.10.16 08:44:49 | 000,004,096 | -H-- | C] () -- C:\Users\Rainer\AppData\Local\keyfile3.drm
[2011.12.24 12:59:16 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.08.28 17:49:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.08.28 17:47:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.08.28 17:47:30 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.12.04 16:37:53 | 000,019,456 | ---- | C] () -- C:\Users\Rainer\AppData\Local\WebpageIcons.db
[2010.04.05 15:02:56 | 000,007,052 | ---- | C] () -- C:\Users\Rainer\AppData\Local\d3d9caps.dat
[2009.12.11 10:08:16 | 000,000,048 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\tigersetting.dll
[2009.12.11 09:42:43 | 000,000,701 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\init.dll
[2009.12.11 09:42:43 | 000,000,006 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\SYSTEM32.dll
[2009.12.11 09:42:32 | 000,000,701 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\sound.dll
[2009.09.04 16:27:50 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.06.28 13:18:45 | 018,042,880 | ---- | C] () -- C:\Users\Rainer\AppData\Local\filesync.metadata
[2009.06.12 15:19:19 | 000,001,542 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\wklnhst.dat
[2008.08.07 17:23:20 | 000,024,206 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\UserTile.png
[2008.07.23 12:09:52 | 000,038,430 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2008.07.17 11:54:19 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv
[2008.06.30 13:32:50 | 000,678,044 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\mdbu.bin
[2008.06.04 21:37:21 | 000,025,453 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\mdb.bin
[2008.06.04 16:07:41 | 000,012,947 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Microsoft Excel.CAL
[2008.05.23 09:46:00 | 000,022,036 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Microsoft Excel.ADR
[2008.05.23 09:42:10 | 000,038,434 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2008.05.23 09:40:51 | 000,012,965 | ---- | C] () -- C:\Users\Rainer\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
[2008.05.22 20:25:55 | 000,004,145 | ---- | C] () -- C:\ProgramData\powjnvfp.pmy
[2008.05.22 12:24:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.05.21 14:24:06 | 000,095,744 | ---- | C] () -- C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008.05.26 12:59:09 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\ACD Systems
[2011.02.01 14:40:28 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Amazon
[2009.12.23 14:01:32 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Ancient Quest of Saqqarah__intenium
[2012.12.20 10:27:51 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Ashampoo
[2010.03.21 23:57:59 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\BOM
[2010.11.20 15:05:45 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Canneverbe Limited
[2010.11.21 15:37:10 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\DeepBurner
[2011.06.05 17:16:36 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\dp3d
[2013.01.15 13:32:39 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\EAC
[2010.02.12 19:25:31 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\eXPert PDF 6
[2010.03.09 14:36:50 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Facebook
[2009.12.19 16:06:34 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\FarmingSimulator2008
[2013.05.16 11:01:11 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\foobar2000
[2010.02.12 18:49:09 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Foxit
[2009.01.22 11:08:15 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\FTD
[2009.12.21 10:15:50 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\GetRightToGo
[2009.11.13 16:12:07 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\GlarySoft
[2009.09.04 16:13:03 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\GMX
[2010.11.05 20:02:06 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Gutscheinmieze
[2008.06.04 14:22:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\HotSync
[2013.06.11 14:23:14 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\KeePass
[2008.05.22 11:05:53 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\KeyPass
[2008.06.04 14:28:53 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Leadertech
[2010.12.16 11:50:45 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\MAGIX
[2009.11.13 16:10:49 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\MP3Find
[2013.06.11 15:24:40 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Mp3tag
[2008.06.14 20:20:23 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Nikon
[2011.08.27 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Nokia
[2011.08.27 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Nokia Ovi Suite
[2010.11.06 12:15:24 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\OpenOffice.org
[2013.04.20 15:45:08 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Oracle
[2009.07.09 17:02:06 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\PC Suite
[2008.08.07 17:23:19 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\PeerNetworking
[2011.11.06 20:28:34 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\PersBackup5
[2011.03.13 18:58:18 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\RavensburgerTipToi
[2008.05.21 17:34:48 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\TeamViewer
[2010.02.18 18:58:39 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Template
[2008.11.20 19:11:14 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\TuxPaint
[2010.03.19 16:12:04 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\Uniblue
[2008.05.25 09:59:58 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\XCPCSync.OEM
[2011.09.14 21:08:18 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\XMedia Recode
[2009.12.11 09:44:46 | 000,000,000 | ---D | M] -- C:\Users\Rainer\AppData\Roaming\YCanPDF

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:8FF81EB0

< End of report >


EXTRAS

OTL Extras logfile created on: 12.06.2013 18:20:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rainer\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,01% Memory free
6,20 Gb Paging File | 4,98 Gb Available in Paging File | 80,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,37 Gb Total Space | 39,46 Gb Free Space | 13,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 26,62 Gb Free Space | 8,93% Space Free | Partition Type: NTFS

Computer Name: AMILO-LAPTOP | User Name: Rainer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12C04B56-FC33-40B1-887F-9053DAF9773C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{212D6A2B-F22D-4773-9E89-805FC35C9598}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2BFE05C8-F25F-44EB-9672-4E04CB578B3E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{470A039A-833E-4309-825A-EDA01F516E5F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4C5D5528-8870-4F76-93C9-B9252B991A7F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{704D969B-3787-47A7-A394-3857FBD49B13}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7596385E-AE85-4D8F-AC9E-F82718504B00}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7C730BD8-ADDA-4FA3-9950-33D44542355C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{86676C27-4E31-48DC-8860-345DA25404F6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC2C98E0-3D91-41E2-9078-216820AC1708}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E574FB85-BB04-4FE9-AF00-FF0872D10432}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04E4EF70-5F3B-45B3-B298-3C9B415912F6}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymedia.exe |
"{08DB0A56-7B98-49FB-AEF2-69BC9716CC90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0D987FAA-A8A8-4B4C-AFD9-A25C889AA32C}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{1D672ABD-8076-49B0-B548-091D71491761}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2441628A-80F9-465D-B9F0-0652460F114C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26B1C1D9-AE16-4562-B773-C42DAC6DCC86}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe |
"{44754781-2D46-4757-8CFE-CA46326D474B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5764EFDA-EAA1-44FE-9264-E515D46D50DA}" = protocol=6 | dir=in | app=c:\windows\system32\lxcqcoms.exe |
"{59CA9FB1-BFC4-463A-B3BE-94B1DF6D651E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{63A132C1-E750-43CA-849E-B93F786A5069}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{640BA681-86BD-4F41-BD92-772B812397C7}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe |
"{6546BB09-15FA-49AE-A424-404ED5EAA3D0}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{82E1842E-07F6-417F-BBD6-D4D15432D084}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{88375265-EB78-44C3-B109-925E131561AE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8AD110F2-79E4-4A10-946A-EAB7894DB63D}" = protocol=6 | dir=out | app=system |
"{8BB65E38-0C44-465C-A6A6-B5053E4DFB25}" = protocol=17 | dir=in | app=c:\windows\system32\lxcqcoms.exe |
"{9A9BCDBB-178E-4BEF-BABF-7951477FD87E}" = protocol=17 | dir=in | app=c:\windows\system32\lxcqcoms.exe |
"{AB95168B-DC4A-4E34-87E1-D96127C26842}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AE396D1D-3C80-48DD-B40B-EEEB3F509955}" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe |
"{B2642678-2334-4ECB-944A-A1236E0063D5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B49DC05C-B60A-4B46-B542-A8FE7024CAAD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B71E9097-ECC7-42D5-AA84-304D82CB2173}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B73EFC94-0559-4E7D-A92B-AACB21CC8F6A}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{C159A3B9-F9BB-4777-A7D9-D30CAC2E3652}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C61031C2-64B6-4345-BCD0-D1AB18000472}" = protocol=6 | dir=in | app=c:\windows\system32\lxcqcoms.exe |
"{C9ACF5CB-A6DB-4B85-9816-203BEFFE4BCA}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymedia.exe |
"{DE60DEC8-EFAA-4738-919A-4F321D031E62}" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserverwatchdog.exe |
"{DEA77B5B-303E-4BA3-9221-F60BFE3EFBD2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{FDB8882A-CE64-4607-AF83-67274D48C18C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FE06B2C0-1C50-4752-AA18-12772A5EE37B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0E6F812F-73DE-4D4E-8952-72AB7A741E3E}C:\users\rainer\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\rainer\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{2D36A106-C649-4F65-B99D-D9621C0A3D2F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{3D59FE12-2598-4433-8380-721586A1E5FF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{4C68D8BD-6D05-4BE2-954E-3D407B64AC98}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{9BD4415A-E09B-43B1-9AE6-9758F6EEDA3A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{B1733EC6-CF72-440F-805D-7EC61D7A73EA}C:\program files\twonkymedia\twonkymediaserver.exe" = protocol=6 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe |
"UDP Query User{10DBC3EA-7E62-4F97-90F6-1856F1BC6AE5}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{2222DC57-358C-47AD-8E0B-5AB19C9F3058}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{2C2D02EC-0C4E-4889-A5DD-6B2C678D719D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{53CFFD83-FCBC-48E1-BCAD-D6C58E9DDBC5}C:\users\rainer\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\rainer\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{C8CC2D8A-76D2-44DC-A0DE-45D20AC72263}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E9690183-3B4B-499E-A6EF-F244FC192E08}C:\program files\twonkymedia\twonkymediaserver.exe" = protocol=17 | dir=in | app=c:\program files\twonkymedia\twonkymediaserver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05742219-6EDB-229B-925C-45434EB327B8}" = Catalyst Control Center Localization Japanese
"{0673654C-5296-453B-9798-B61CD7E03FEB}" = SES Driver
"{07BA8628-85A9-9A2C-2B3A-60682FD7F663}" = Catalyst Control Center Localization German
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{245109BB-1FF9-DEB6-4A6E-FEF022A098EC}" = CCC Help German
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{2FE63165-6D35-0F90-1147-7FF4BEFA373A}" = CCC Help Portuguese
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35EBAC05-5A13-085B-86F9-7AEA83576999}" = Catalyst Control Center Localization Spanish
"{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}" = Joe
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4864C602-6ED6-8BB6-A423-6037A1D5CAB3}" = Catalyst Control Center Localization Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = WebCam
"{4BE0F5DC-1936-4774-DCAE-23A092D2DBED}" = CCC Help Italian
"{4F8697F4-3D30-4BD0-8F26-455C01F4EE8B}" = Integrity Tool
"{50EC1829-2F5B-68D3-EA04-159F4EFE2B71}" = CCC Help Dutch
"{579784C5-0C5C-39A7-C577-8F2D5CEE97E8}" = Skins
"{579DCEAB-A977-7B56-6701-82766CDADEFB}" = Catalyst Control Center Graphics Full New
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69ECC898-2C9B-3138-6496-ADF8A0A17D04}" = Catalyst Control Center Graphics Previews Vista
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C6A0CAE-731C-495D-DCA1-002F3FF38C23}" = CCC Help Spanish
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7D6137CE-AA7F-3097-F043-A0FA6569A679}" = Catalyst Control Center Localization Chinese Traditional
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86250F83-AF3E-0A78-3240-BEBEFBE0F14C}" = Catalyst Control Center Localization Korean
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E014610-ED01-5E15-8114-4581F46395A9}" = Catalyst Control Center Graphics Light
"{8F97A88E-7135-A629-A838-4EF3E8F94F60}" = CCC Help English
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.5
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{973E7604-4861-3C13-4D93-8B2182C6A964}" = CCC Help Japanese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge
"{9B050CDA-7803-7989-905D-BCB7CDFC523C}" = CCC Help Swedish
"{9B49DB13-5F0F-2A7E-C0EC-16F1B432DCC6}" = Catalyst Control Center Graphics Full Existing
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E34E568-EE5B-8A11-CE05-446A0B404886}" = Catalyst Control Center Localization Portuguese
"{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86)
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AD1F90F1-98FD-5AD5-9075-A474154B970B}" = ccc-utility
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B116E95E-01B1-420A-AECB-B2B330B9BD97}" = Polar Precision Performance SW
"{B7515BC5-D109-006A-BC58-C8D58C4F49B7}" = CCC Help Korean
"{C07A4CD1-DB39-C7FB-ADD4-EDE9864C4B78}" = Catalyst Control Center Core Implementation
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CB01ED55-1879-6D0D-7A02-E39B3CAEFF8D}" = CCC Help French
"{CB7600E5-E524-11D6-9218-00D0B70768DA}" = piasync
"{CB7A367B-8CDD-A2AA-E806-79D1DE611159}" = CCC Help Chinese Standard
"{CC795547-983F-D95B-5BB0-3BA544EBD97C}" = Catalyst Control Center Localization French
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D0ED9100-DFFB-482C-8DB6-C626264757BD}" = SDI011 dual interface reader
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5E08D30-3AEE-822C-A4F9-1255E61DDB97}" = CCC Help Chinese Traditional
"{D5E409E8-3AF3-4B19-A291-E27AECC905B3}" = Janosch Vorschule Englisch
"{DC9A378D-FA0F-140F-8FD8-C8D2951DED04}" = ccc-core-static
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B4DFB8-3D06-9767-0F3C-4F3023662752}" = Catalyst Control Center Localization Italian
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E441D229-FBD9-6632-579F-EB618D4F9ED6}" = Catalyst Control Center Localization Swedish
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E53270E8-C27B-2C21-3819-C0FA52EFDA87}" = Catalyst Control Center Localization Dutch
"{EA561FC0-A965-11E2-94D3-B8AC6F98CCE3}" = Google Earth Plug-in
"{EB863CFD-6889-47B0-9D79-492DE0D07EE7}" = OSDInstall
"{EE56DCD1-13FD-435B-BC4C-EE8CD83FF17A}" = AusweisApp
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Album Art Downloader XUI" = Album Art Downloader XUI 0.45
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bengal (VOLLVERSION)" = Bengal (VOLLVERSION)
"CCleaner" = CCleaner
"ClocX" = ClocX (1.4)
"Dream Pinball 3D Demo" = Dream Pinball 3D Demo
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"Duden Deutsch 3_is1" = Duden Deutsch 3
"Duden Langenscheidt Englisch 3_is1" = Duden Langenscheidt Englisch 3
"Duden Mathematik 3_is1" = Duden Mathematik 3
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7)
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"FastStone Capture" = FastStone Capture 5.3
"Filzip 3.0.6.93_is1" = Filzip 3.06
"foobar2000" = foobar2000 v1.2.2
"FormatFactory" = FormatFactory 3.0.1
"GMX Upload-Manager" = GMX Upload-Manager
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.14
"Leseabenteuer_is1" = Toggolino - Leseabenteuer
"Lexmark 9300 Series" = Lexmark 9300 Series
"Lidl-Fotos_is1" = Lidl-Fotos
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49a
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"Nokia PC Suite" = Nokia PC Suite
"pdfsam" = pdfsam
"Picasa 3" = Picasa 3
"ProtectDisc Driver" = ProtectDisc Helper Driver
"Ravensburger tiptoi" = Ravensburger tiptoi
"RKSFaxVersion1_is1" = RKS Fax
"s25atonce_is1" = s25atonce 3.6.9
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SMSERIAL" = Motorola SM56 Data Fax Modem
"sp6" = Logitech SetPoint 6.32
"SpO2_is1" = SpO2 V1.2
"TwInbox" = TwInbox (remove only)
"TwonkyMediaTwonkyMedia" = TwonkyMedia
"TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia
"VLC media player" = VLC media player 2.0.6
"WinLiveSuite" = Windows Live Essentials
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Zattoo4" = Zattoo4 4.0.5

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.06.2013 09:19:40 | Computer Name = Amilo-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2215

Error - 10.06.2013 15:05:37 | Computer Name = Amilo-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10.06.2013 15:05:37 | Computer Name = Amilo-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1513

Error - 10.06.2013 15:05:37 | Computer Name = Amilo-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1513

Error - 12.06.2013 11:07:53 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12.06.2013 11:07:54 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12.06.2013 11:16:48 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12.06.2013 11:16:48 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12.06.2013 11:45:22 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 12.06.2013 11:45:27 | Computer Name = Amilo-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ System Events ]
Error - 09.06.2013 07:06:03 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003
Description =

Error - 10.06.2013 08:29:01 | Computer Name = Amilo-Laptop | Source = Print | ID = 6161
Description = Das Dokument Lufu Gesamttabelle.xls im Besitz von Rainer konnte nicht
auf dem Drucker Lexmark 9300 Series gedruckt werden. Versuchen Sie erneut, das
Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: LEMF. Größe
der Spooldatei in Bytes: 1576684. Anzahl der gedruckten Bytes: 1576684. Gesamtanzahl
der Seiten des Dokuments: 2. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\AMILO-LAPTOP.
Vom Druckprozessor zurückgegebener Win32-Fehlercode: 0. Der Vorgang wurde erfolgreich
beendet.

Error - 10.06.2013 11:38:38 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003
Description =

Error - 11.06.2013 03:55:23 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003
Description =

Error - 11.06.2013 03:58:23 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003
Description =

Error - 11.06.2013 09:47:03 | Computer Name = Amilo-Laptop | Source = bowser | ID = 8003
Description =

Error - 12.06.2013 11:29:45 | Computer Name = Amilo-Laptop | Source = DCOM | ID = 10010
Description =

Error - 12.06.2013 11:36:21 | Computer Name = Amilo-Laptop | Source = Service Control Manager | ID = 7009
Description =

Error - 12.06.2013 11:36:21 | Computer Name = Amilo-Laptop | Source = Service Control Manager | ID = 7000
Description =

Error - 12.06.2013 11:36:31 | Computer Name = Amilo-Laptop | Source = Service Control Manager | ID = 7034
Description =


< End of report >

Alt 12.06.2013, 18:40   #2
markusg
/// Malware-holic
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 12.06.2013, 19:15   #3
Ottifant
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Hallo, danke für die schnelle Rückmeldung.

Habe Auftrag ausgeführt, hier das Ergebnis:

20:02:16.0714 5692 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:02:16.0950 5692 ============================================================
20:02:16.0950 5692 Current date / time: 2013/06/12 20:02:16.0950
20:02:16.0950 5692 SystemInfo:
20:02:16.0950 5692
20:02:16.0950 5692 OS Version: 6.0.6002 ServicePack: 2.0
20:02:16.0950 5692 Product type: Workstation
20:02:16.0950 5692 ComputerName: AMILO-LAPTOP
20:02:16.0950 5692 UserName: Rainer
20:02:16.0950 5692 Windows directory: C:\Windows
20:02:16.0950 5692 System windows directory: C:\Windows
20:02:16.0950 5692 Processor architecture: Intel x86
20:02:16.0950 5692 Number of processors: 2
20:02:16.0950 5692 Page size: 0x1000
20:02:16.0950 5692 Boot type: Normal boot
20:02:16.0950 5692 ============================================================
20:02:17.0566 5692 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
20:02:17.0567 5692 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
20:02:17.0573 5692 ============================================================
20:02:17.0573 5692 \Device\Harddisk0\DR0:
20:02:17.0574 5692 MBR partitions:
20:02:17.0574 5692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x23CBD800
20:02:17.0574 5692 \Device\Harddisk1\DR1:
20:02:17.0574 5692 MBR partitions:
20:02:17.0574 5692 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542DFC1
20:02:17.0574 5692 ============================================================
20:02:17.0606 5692 C: <-> \Device\Harddisk0\DR0\Partition1
20:02:18.0012 5692 D: <-> \Device\Harddisk1\DR1\Partition1
20:02:18.0013 5692 ============================================================
20:02:18.0013 5692 Initialize success
20:02:18.0013 5692 ============================================================
20:03:03.0458 1664 ============================================================
20:03:03.0459 1664 Scan started
20:03:03.0459 1664 Mode: Manual; SigCheck; TDLFS;
20:03:03.0459 1664 ============================================================
20:03:04.0154 1664 ================ Scan system memory ========================
20:03:04.0154 1664 System memory - ok
20:03:04.0155 1664 ================ Scan services =============================
20:03:04.0361 1664 [ 585E64BB6DFBC0A2F1F0B554DED012DF ] 61883 C:\Windows\system32\DRIVERS\61883.sys
20:03:04.0555 1664 61883 - ok
20:03:04.0592 1664 [ BD4E8C841716D5F2804CE000CFE61524 ] acedrv09 C:\Windows\system32\drivers\acedrv09.sys
20:03:04.0616 1664 acedrv09 - ok
20:03:04.0639 1664 [ 7B19E528F2F40524E2C40F754A571EB8 ] acehlp09 C:\Windows\system32\drivers\acehlp09.sys
20:03:04.0653 1664 acehlp09 - ok
20:03:04.0689 1664 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:03:04.0707 1664 ACPI - ok
20:03:04.0806 1664 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:03:04.0818 1664 AdobeARMservice - ok
20:03:04.0867 1664 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:03:04.0889 1664 adp94xx - ok
20:03:04.0938 1664 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:03:04.0953 1664 adpahci - ok
20:03:04.0964 1664 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:03:04.0977 1664 adpu160m - ok
20:03:04.0997 1664 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:03:05.0009 1664 adpu320 - ok
20:03:05.0034 1664 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:03:05.0086 1664 AeLookupSvc - ok
20:03:05.0127 1664 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
20:03:05.0177 1664 AFD - ok
20:03:05.0205 1664 [ 198636E76971EBC96404547EC0FD5E75 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:03:05.0221 1664 agp440 - ok
20:03:05.0255 1664 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:03:05.0268 1664 aic78xx - ok
20:03:05.0298 1664 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
20:03:05.0355 1664 ALG - ok
20:03:05.0398 1664 [ 0B3B337A68D9A75CC8D787DC98B53D79 ] aliide C:\Windows\system32\drivers\aliide.sys
20:03:05.0412 1664 aliide - ok
20:03:05.0432 1664 [ 2363ABC8989A14FD7247CA6F4E89D397 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:03:05.0449 1664 amdagp - ok
20:03:05.0464 1664 [ 468A204966D09F327A662C35F4B15DD3 ] amdide C:\Windows\system32\drivers\amdide.sys
20:03:05.0481 1664 amdide - ok
20:03:05.0495 1664 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:03:05.0566 1664 AmdK7 - ok
20:03:05.0596 1664 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:03:05.0676 1664 AmdK8 - ok
20:03:05.0747 1664 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:03:05.0763 1664 AntiVirSchedulerService - ok
20:03:05.0798 1664 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:03:05.0814 1664 AntiVirService - ok
20:03:05.0844 1664 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
20:03:05.0878 1664 Appinfo - ok
20:03:05.0958 1664 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:03:05.0976 1664 Apple Mobile Device - ok
20:03:05.0998 1664 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
20:03:06.0014 1664 arc - ok
20:03:06.0027 1664 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:03:06.0043 1664 arcsas - ok
20:03:06.0063 1664 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:03:06.0127 1664 AsyncMac - ok
20:03:06.0160 1664 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
20:03:06.0183 1664 atapi - ok
20:03:06.0223 1664 [ FC06DD11A101A6801449A1AC6D484849 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
20:03:06.0300 1664 Ati External Event Utility - ok
20:03:06.0418 1664 [ 7F2B377BD478AB97C43678B8C80705DC ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:03:06.0616 1664 atikmdag - ok
20:03:06.0680 1664 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:03:06.0741 1664 AudioEndpointBuilder - ok
20:03:06.0769 1664 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:03:06.0829 1664 Audiosrv - ok
20:03:06.0863 1664 [ F4B56425A00BEB32F5FA6603FF7B0EA2 ] Avc C:\Windows\system32\DRIVERS\avc.sys
20:03:06.0944 1664 Avc - ok
20:03:06.0990 1664 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:03:07.0022 1664 avgntflt - ok
20:03:07.0054 1664 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:03:07.0089 1664 avipbb - ok
20:03:07.0113 1664 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:03:07.0146 1664 avkmgr - ok
20:03:07.0177 1664 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:03:07.0254 1664 Beep - ok
20:03:07.0294 1664 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
20:03:07.0399 1664 BFE - ok
20:03:07.0477 1664 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
20:03:07.0616 1664 BITS - ok
20:03:07.0626 1664 blbdrive - ok
20:03:07.0705 1664 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:03:07.0751 1664 Bonjour Service - ok
20:03:07.0788 1664 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:03:07.0840 1664 bowser - ok
20:03:07.0882 1664 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:03:07.0957 1664 BrFiltLo - ok
20:03:07.0987 1664 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:03:08.0063 1664 BrFiltUp - ok
20:03:08.0111 1664 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
20:03:08.0192 1664 Browser - ok
20:03:08.0227 1664 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:03:08.0362 1664 Brserid - ok
20:03:08.0465 1664 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:03:08.0520 1664 BrSerWdm - ok
20:03:08.0548 1664 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:03:08.0587 1664 BrUsbMdm - ok
20:03:08.0596 1664 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:03:08.0656 1664 BrUsbSer - ok
20:03:08.0820 1664 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
20:03:08.0832 1664 BthEnum - ok
20:03:08.0880 1664 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:03:08.0911 1664 BTHMODEM - ok
20:03:08.0987 1664 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:03:09.0034 1664 BthPan - ok
20:03:09.0183 1664 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
20:03:09.0229 1664 BTHPORT - ok
20:03:09.0307 1664 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
20:03:09.0339 1664 BthServ - ok
20:03:09.0373 1664 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
20:03:09.0418 1664 BTHUSB - ok
20:03:09.0932 1664 [ 166EBA385178229475B6AEB950E0A082 ] Cam5603D C:\Windows\system32\Drivers\BisonCam.sys
20:03:10.0002 1664 Cam5603D - ok
20:03:10.0070 1664 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:03:10.0125 1664 cdfs - ok
20:03:10.0191 1664 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:03:10.0272 1664 cdrom - ok
20:03:10.0427 1664 [ 039F27EA2344C541CB6A0EF288BC8996 ] CEBFilter C:\Program Files\C&E\OSD\OsdService\cebuffer.sys
20:03:10.0460 1664 CEBFilter ( UnsignedFile.Multi.Generic ) - warning
20:03:10.0460 1664 CEBFilter - detected UnsignedFile.Multi.Generic (1)
20:03:10.0463 1664 [ 147019ABEB922507F2FA107032C480CE ] CEIO C:\Program Files\C&E\OSD\OsdService\ceio.sys
20:03:10.0468 1664 CEIO ( UnsignedFile.Multi.Generic ) - warning
20:03:10.0468 1664 CEIO - detected UnsignedFile.Multi.Generic (1)
20:03:10.0511 1664 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:03:10.0552 1664 CertPropSvc - ok
20:03:10.0588 1664 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:03:10.0611 1664 circlass - ok
20:03:10.0614 1664 [ CB11E608025AA6E601FF0C097E6009BD ] cKBFilter C:\Program Files\C&E\OSD\OsdService\kbfiltr.sys
20:03:10.0620 1664 cKBFilter ( UnsignedFile.Multi.Generic ) - warning
20:03:10.0620 1664 cKBFilter - detected UnsignedFile.Multi.Generic (1)
20:03:10.0638 1664 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
20:03:10.0672 1664 CLFS - ok
20:03:10.0743 1664 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:03:10.0761 1664 clr_optimization_v2.0.50727_32 - ok
20:03:10.0830 1664 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:03:10.0842 1664 clr_optimization_v4.0.30319_32 - ok
20:03:10.0865 1664 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:03:10.0920 1664 CmBatt - ok
20:03:10.0964 1664 [ 2AC0C92B29EC21838F4CB46ADB26BCC0 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:03:10.0978 1664 cmdide - ok
20:03:10.0995 1664 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:03:11.0009 1664 Compbatt - ok
20:03:11.0014 1664 COMSysApp - ok
20:03:11.0031 1664 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:03:11.0042 1664 crcdisk - ok
20:03:11.0061 1664 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:03:11.0123 1664 Crusoe - ok
20:03:11.0169 1664 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:03:11.0200 1664 CryptSvc - ok
20:03:11.0248 1664 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:03:11.0322 1664 DcomLaunch - ok
20:03:11.0359 1664 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:03:11.0391 1664 DfsC - ok
20:03:11.0480 1664 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
20:03:11.0637 1664 DFSR - ok
20:03:11.0681 1664 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:03:11.0733 1664 Dhcp - ok
20:03:11.0783 1664 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
20:03:11.0798 1664 disk - ok
20:03:11.0834 1664 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:03:11.0872 1664 Dnscache - ok
20:03:11.0908 1664 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:03:11.0965 1664 dot3svc - ok
20:03:12.0015 1664 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
20:03:12.0076 1664 DPS - ok
20:03:12.0114 1664 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:03:12.0156 1664 drmkaud - ok
20:03:12.0204 1664 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:03:12.0262 1664 DXGKrnl - ok
20:03:12.0308 1664 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:03:12.0416 1664 E1G60 - ok
20:03:12.0453 1664 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
20:03:12.0489 1664 EapHost - ok
20:03:12.0520 1664 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:03:12.0533 1664 Ecache - ok
20:03:12.0609 1664 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:03:12.0656 1664 ehRecvr - ok
20:03:12.0697 1664 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:03:12.0737 1664 ehSched - ok
20:03:12.0760 1664 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:03:12.0793 1664 ehstart - ok
20:03:12.0840 1664 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:03:12.0855 1664 elxstor - ok
20:03:12.0898 1664 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:03:12.0977 1664 EMDMgmt - ok
20:03:13.0019 1664 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
20:03:13.0065 1664 EventSystem - ok
20:03:13.0087 1664 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
20:03:13.0113 1664 exfat - ok
20:03:13.0147 1664 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:03:13.0184 1664 fastfat - ok
20:03:13.0207 1664 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:03:13.0273 1664 fdc - ok
20:03:13.0308 1664 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:03:13.0361 1664 fdPHost - ok
20:03:13.0400 1664 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:03:13.0475 1664 FDResPub - ok
20:03:13.0498 1664 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:03:13.0516 1664 FileInfo - ok
20:03:13.0530 1664 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:03:13.0577 1664 Filetrace - ok
20:03:13.0607 1664 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:03:13.0680 1664 flpydisk - ok
20:03:13.0722 1664 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:03:13.0747 1664 FltMgr - ok
20:03:13.0804 1664 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
20:03:13.0893 1664 FontCache - ok
20:03:13.0977 1664 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:03:13.0992 1664 FontCache3.0.0.0 - ok
20:03:14.0021 1664 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:03:14.0059 1664 Fs_Rec - ok
20:03:14.0084 1664 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:03:14.0099 1664 gagp30kx - ok
20:03:14.0126 1664 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:03:14.0144 1664 GEARAspiWDM - ok
20:03:14.0191 1664 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:03:14.0306 1664 gpsvc - ok
20:03:14.0379 1664 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:03:14.0399 1664 gupdate - ok
20:03:14.0423 1664 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:03:14.0442 1664 gupdatem - ok
20:03:14.0469 1664 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:03:14.0507 1664 gusvc - ok
20:03:14.0545 1664 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:03:14.0593 1664 HdAudAddService - ok
20:03:14.0644 1664 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:03:14.0738 1664 HDAudBus - ok
20:03:14.0781 1664 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:03:14.0853 1664 HidBth - ok
20:03:14.0880 1664 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:03:14.0932 1664 HidIr - ok
20:03:14.0985 1664 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
20:03:15.0011 1664 hidserv - ok
20:03:15.0046 1664 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:03:15.0098 1664 HidUsb - ok
20:03:15.0143 1664 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:03:15.0219 1664 hkmsvc - ok
20:03:15.0249 1664 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:03:15.0270 1664 HpCISSs - ok
20:03:15.0310 1664 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:03:15.0371 1664 HTTP - ok
20:03:15.0397 1664 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:03:15.0417 1664 i2omp - ok
20:03:15.0455 1664 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:03:15.0507 1664 i8042prt - ok
20:03:15.0551 1664 [ 5DF93509037399B53D3ECAA8A67B6C58 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:03:15.0589 1664 iaStor - ok
20:03:15.0632 1664 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:03:15.0675 1664 iaStorV - ok
20:03:15.0754 1664 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:03:15.0788 1664 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:03:15.0789 1664 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:03:15.0861 1664 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:03:15.0974 1664 idsvc - ok
20:03:15.0999 1664 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:03:16.0009 1664 iirsp - ok
20:03:16.0052 1664 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:03:16.0098 1664 IKEEXT - ok
20:03:16.0200 1664 [ 5D854CBAC8B7B4B964406F9808C95FAE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:03:16.0269 1664 IntcAzAudAddService - ok
20:03:16.0303 1664 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
20:03:16.0315 1664 intelide - ok
20:03:16.0348 1664 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:03:16.0395 1664 intelppm - ok
20:03:16.0432 1664 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:03:16.0476 1664 IPBusEnum - ok
20:03:16.0510 1664 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:03:16.0553 1664 IpFilterDriver - ok
20:03:16.0592 1664 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:03:16.0609 1664 iphlpsvc - ok
20:03:16.0614 1664 IpInIp - ok
20:03:16.0637 1664 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:03:16.0699 1664 IPMIDRV - ok
20:03:16.0733 1664 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:03:16.0781 1664 IPNAT - ok
20:03:16.0834 1664 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:03:16.0878 1664 iPod Service - ok
20:03:16.0900 1664 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:03:16.0953 1664 IRENUM - ok
20:03:16.0988 1664 [ CE2997A0C3B0049A3188C4F0C7A04BC9 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:03:17.0005 1664 isapnp - ok
20:03:17.0039 1664 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:03:17.0061 1664 iScsiPrt - ok
20:03:17.0078 1664 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:03:17.0093 1664 iteatapi - ok
20:03:17.0119 1664 [ E4B04A0D8B237ECF026D849439F1BCCE ] itecir C:\Windows\system32\DRIVERS\itecir.sys
20:03:17.0155 1664 itecir - ok
20:03:17.0182 1664 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:03:17.0197 1664 iteraid - ok
20:03:17.0220 1664 [ C1632FE31D1824A43DEA29725312E3FA ] JRAID C:\Windows\system32\drivers\jraid.sys
20:03:17.0264 1664 JRAID - ok
20:03:17.0292 1664 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:03:17.0310 1664 kbdclass - ok
20:03:17.0340 1664 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:03:17.0389 1664 kbdhid - ok
20:03:17.0429 1664 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
20:03:17.0467 1664 KeyIso - ok
20:03:17.0515 1664 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:03:17.0552 1664 KSecDD - ok
20:03:17.0590 1664 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:03:17.0657 1664 KtmRm - ok
20:03:17.0687 1664 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
20:03:17.0759 1664 LanmanServer - ok
20:03:17.0789 1664 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:03:17.0835 1664 LanmanWorkstation - ok
20:03:17.0946 1664 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:03:18.0001 1664 LBTServ - ok
20:03:18.0045 1664 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:03:18.0077 1664 LHidFilt - ok
20:03:18.0113 1664 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:03:18.0203 1664 lltdio - ok
20:03:18.0281 1664 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:03:18.0389 1664 lltdsvc - ok
20:03:18.0427 1664 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:03:18.0533 1664 lmhosts - ok
20:03:18.0553 1664 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:03:18.0564 1664 LMouFilt - ok
20:03:18.0590 1664 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:03:18.0601 1664 LSI_FC - ok
20:03:18.0624 1664 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:03:18.0635 1664 LSI_SAS - ok
20:03:18.0655 1664 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:03:18.0666 1664 LSI_SCSI - ok
20:03:18.0700 1664 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
20:03:18.0743 1664 luafv - ok
20:03:18.0784 1664 [ DDFA88E36D5F8DB5FBDBDDDC4969DB0A ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
20:03:18.0794 1664 LUsbFilt - ok
20:03:18.0798 1664 lxcq_device - ok
20:03:18.0835 1664 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:03:18.0893 1664 Mcx2Svc - ok
20:03:18.0925 1664 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
20:03:18.0935 1664 megasas - ok
20:03:18.0977 1664 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:03:19.0021 1664 MMCSS - ok
20:03:19.0051 1664 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
20:03:19.0073 1664 Modem - ok
20:03:19.0109 1664 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:03:19.0155 1664 monitor - ok
20:03:19.0189 1664 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:03:19.0201 1664 mouclass - ok
20:03:19.0223 1664 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:03:19.0269 1664 mouhid - ok
20:03:19.0290 1664 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:03:19.0305 1664 MountMgr - ok
20:03:19.0365 1664 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:03:19.0393 1664 MozillaMaintenance - ok
20:03:19.0414 1664 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
20:03:19.0430 1664 mpio - ok
20:03:19.0451 1664 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:03:19.0474 1664 mpsdrv - ok
20:03:19.0505 1664 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:03:19.0566 1664 MpsSvc - ok
20:03:19.0591 1664 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:03:19.0606 1664 Mraid35x - ok
20:03:19.0640 1664 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:03:19.0661 1664 MRxDAV - ok
20:03:19.0693 1664 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:03:19.0730 1664 mrxsmb - ok
20:03:19.0764 1664 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:03:19.0784 1664 mrxsmb10 - ok
20:03:19.0800 1664 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:03:19.0841 1664 mrxsmb20 - ok
20:03:19.0885 1664 [ 13FA01D10C95762E3E191BB023DFA8CC ] msahci C:\Windows\system32\drivers\msahci.sys
20:03:19.0909 1664 msahci - ok
20:03:19.0930 1664 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:03:19.0952 1664 msdsm - ok
20:03:19.0980 1664 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
20:03:20.0052 1664 MSDTC - ok
20:03:20.0098 1664 [ 343291A4DFD7C923C3F71F550830EC1C ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
20:03:20.0166 1664 MSDV - ok
20:03:20.0209 1664 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:03:20.0281 1664 Msfs - ok
20:03:20.0289 1664 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:03:20.0312 1664 msisadrv - ok
20:03:20.0339 1664 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:03:20.0412 1664 MSiSCSI - ok
20:03:20.0418 1664 msiserver - ok
20:03:20.0461 1664 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:03:20.0523 1664 MSKSSRV - ok
20:03:20.0563 1664 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:03:20.0605 1664 MSPCLOCK - ok
20:03:20.0615 1664 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:03:20.0657 1664 MSPQM - ok
20:03:20.0689 1664 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:03:20.0716 1664 MsRPC - ok
20:03:20.0731 1664 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:03:20.0754 1664 mssmbios - ok
20:03:20.0769 1664 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:03:20.0827 1664 MSTEE - ok
20:03:20.0852 1664 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
20:03:20.0876 1664 Mup - ok
20:03:20.0913 1664 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
20:03:20.0956 1664 napagent - ok
20:03:20.0986 1664 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:03:21.0044 1664 NativeWifiP - ok
20:03:21.0088 1664 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:03:21.0129 1664 NDIS - ok
20:03:21.0172 1664 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:03:21.0223 1664 NdisTapi - ok
20:03:21.0254 1664 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:03:21.0297 1664 Ndisuio - ok
20:03:21.0309 1664 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:03:21.0373 1664 NdisWan - ok
20:03:21.0406 1664 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:03:21.0434 1664 NDProxy - ok
20:03:21.0467 1664 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:03:21.0490 1664 NetBIOS - ok
20:03:21.0508 1664 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:03:21.0549 1664 netbt - ok
20:03:21.0576 1664 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
20:03:21.0589 1664 Netlogon - ok
20:03:21.0626 1664 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
20:03:21.0670 1664 Netman - ok
20:03:21.0715 1664 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
20:03:21.0761 1664 netprofm - ok
20:03:21.0805 1664 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:03:21.0828 1664 NetTcpPortSharing - ok
20:03:21.0906 1664 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
20:03:22.0062 1664 NETw4v32 - ok
20:03:22.0095 1664 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:03:22.0105 1664 nfrd960 - ok
20:03:22.0121 1664 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:03:22.0176 1664 NlaSvc - ok
20:03:22.0220 1664 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:03:22.0263 1664 Npfs - ok
20:03:22.0297 1664 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
20:03:22.0348 1664 nsi - ok
20:03:22.0371 1664 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:03:22.0413 1664 nsiproxy - ok
20:03:22.0483 1664 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:03:22.0582 1664 Ntfs - ok
20:03:22.0633 1664 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:03:22.0689 1664 ntrigdigi - ok
20:03:22.0708 1664 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
20:03:22.0740 1664 Null - ok
20:03:22.0759 1664 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:03:22.0776 1664 nvraid - ok
20:03:22.0809 1664 [ ED399014A8029DE02BA5AE01DA8CC9EE ] nvrd32 C:\Windows\system32\drivers\nvrd32.sys
20:03:22.0826 1664 nvrd32 - ok
20:03:22.0850 1664 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:03:22.0866 1664 nvstor - ok
20:03:22.0888 1664 [ 703E3A7093B0FAC0EEBADBB8E931ECAF ] nvstor32 C:\Windows\system32\drivers\nvstor32.sys
20:03:22.0902 1664 nvstor32 - ok
20:03:22.0953 1664 [ 925EB9E53ECA4473A2D156A02B7418E3 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:03:22.0972 1664 nv_agp - ok
20:03:22.0978 1664 NwlnkFlt - ok
20:03:22.0985 1664 NwlnkFwd - ok
20:03:23.0018 1664 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:03:23.0066 1664 ohci1394 - ok
20:03:23.0102 1664 [ FD8CE9DDE60565D4158F9DD7C179E002 ] OsdService C:\Program Files\C&E\OSD\OsdService\OsdService.exe
20:03:23.0116 1664 OsdService ( UnsignedFile.Multi.Generic ) - warning
20:03:23.0116 1664 OsdService - detected UnsignedFile.Multi.Generic (1)
20:03:23.0163 1664 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:03:23.0187 1664 ose - ok
20:03:23.0242 1664 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:03:23.0381 1664 p2pimsvc - ok
20:03:23.0396 1664 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:03:23.0454 1664 p2psvc - ok
20:03:23.0460 1664 PalmUSBD - ok
20:03:23.0511 1664 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
20:03:23.0580 1664 Parport - ok
20:03:23.0619 1664 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:03:23.0643 1664 partmgr - ok
20:03:23.0662 1664 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:03:23.0741 1664 Parvdm - ok
20:03:23.0779 1664 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
20:03:23.0810 1664 PcaSvc - ok
20:03:23.0847 1664 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:03:23.0888 1664 pccsmcfd - ok
20:03:23.0928 1664 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
20:03:23.0941 1664 pci - ok
20:03:23.0995 1664 [ 353968946BCB766F6C5C01717686B382 ] pciide C:\Windows\system32\drivers\pciide.sys
20:03:24.0006 1664 pciide - ok
20:03:24.0034 1664 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\Windows\system32\drivers\pclepci.sys
20:03:24.0064 1664 PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
20:03:24.0064 1664 PCLEPCI - detected UnsignedFile.Multi.Generic (1)
20:03:24.0087 1664 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:03:24.0099 1664 pcmcia - ok
20:03:24.0140 1664 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:03:24.0235 1664 PEAUTH - ok
20:03:24.0285 1664 [ 5903FA75200807AD739286BBF40C4904 ] pfc C:\Windows\system32\drivers\pfc.sys
20:03:24.0324 1664 pfc ( UnsignedFile.Multi.Generic ) - warning
20:03:24.0324 1664 pfc - detected UnsignedFile.Multi.Generic (1)
20:03:24.0395 1664 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
20:03:24.0593 1664 pla - ok
20:03:24.0631 1664 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:03:24.0681 1664 PlugPlay - ok
20:03:24.0742 1664 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:03:24.0776 1664 PNRPAutoReg - ok
20:03:24.0842 1664 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:03:24.0926 1664 PNRPsvc - ok
20:03:24.0978 1664 [ 3F1110901DA07CC428710460276E28A0 ] PolarUSB C:\Windows\system32\DRIVERS\PolarUSB.sys
20:03:24.0997 1664 PolarUSB ( UnsignedFile.Multi.Generic ) - warning
20:03:24.0997 1664 PolarUSB - detected UnsignedFile.Multi.Generic (1)
20:03:25.0043 1664 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:03:25.0090 1664 PolicyAgent - ok
20:03:25.0138 1664 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:03:25.0181 1664 PptpMiniport - ok
20:03:25.0196 1664 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
20:03:25.0297 1664 Processor - ok
20:03:25.0346 1664 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:03:25.0391 1664 ProfSvc - ok
20:03:25.0412 1664 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:03:25.0424 1664 ProtectedStorage - ok
20:03:25.0455 1664 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:03:25.0472 1664 PSched - ok
20:03:25.0497 1664 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:03:25.0507 1664 PxHelp20 - ok
20:03:25.0563 1664 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:03:25.0624 1664 ql2300 - ok
20:03:25.0663 1664 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:03:25.0675 1664 ql40xx - ok
20:03:25.0713 1664 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
20:03:25.0747 1664 QWAVE - ok
20:03:25.0757 1664 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:03:25.0770 1664 QWAVEdrv - ok
20:03:25.0782 1664 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:03:25.0804 1664 RasAcd - ok
20:03:25.0817 1664 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
20:03:25.0863 1664 RasAuto - ok
20:03:25.0895 1664 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:03:25.0940 1664 Rasl2tp - ok
20:03:25.0975 1664 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
20:03:26.0015 1664 RasMan - ok
20:03:26.0050 1664 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:03:26.0089 1664 RasPppoe - ok
20:03:26.0111 1664 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:03:26.0148 1664 RasSstp - ok
20:03:26.0193 1664 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:03:26.0238 1664 rdbss - ok
20:03:26.0267 1664 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:03:26.0316 1664 RDPCDD - ok
20:03:26.0377 1664 [ 87EE019FE9FBFF071D76CCF9EC794646 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:03:26.0418 1664 rdpdr - ok
20:03:26.0449 1664 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:03:26.0481 1664 RDPENCDD - ok
20:03:26.0531 1664 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:03:26.0572 1664 RDPWD - ok
20:03:26.0603 1664 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:03:26.0664 1664 RemoteAccess - ok
20:03:26.0703 1664 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:03:26.0764 1664 RemoteRegistry - ok
20:03:26.0802 1664 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:03:26.0854 1664 RFCOMM - ok
20:03:26.0889 1664 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:03:26.0935 1664 RpcLocator - ok
20:03:26.0970 1664 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
20:03:27.0008 1664 RpcSs - ok
20:03:27.0033 1664 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:03:27.0084 1664 rspndr - ok
20:03:27.0120 1664 [ B8B159FA669C6386A458FCD468EBB1E6 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
20:03:27.0168 1664 RTL8169 - ok
20:03:27.0174 1664 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
20:03:27.0193 1664 SamSs - ok
20:03:27.0233 1664 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:03:27.0250 1664 sbp2port - ok
20:03:27.0287 1664 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:03:27.0341 1664 SCardSvr - ok
20:03:27.0388 1664 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
20:03:27.0444 1664 Schedule - ok
20:03:27.0466 1664 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:03:27.0492 1664 SCPolicySvc - ok
20:03:27.0523 1664 [ 632E1FD3164690FE2D17FC1B1E2D737F ] SD11CL32 C:\Windows\system32\DRIVERS\SD11CL32.sys
20:03:27.0563 1664 SD11CL32 - ok
20:03:27.0600 1664 [ 7C4BFD67D04A13955C59392639490E1C ] SDI01132 C:\Windows\system32\DRIVERS\SDI01132.sys
20:03:27.0634 1664 SDI01132 - ok
20:03:27.0679 1664 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:03:27.0767 1664 SDRSVC - ok
20:03:27.0803 1664 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:03:27.0872 1664 secdrv - ok
20:03:27.0896 1664 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
20:03:27.0944 1664 seclogon - ok
20:03:27.0988 1664 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
20:03:28.0034 1664 SENS - ok
20:03:28.0055 1664 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:03:28.0112 1664 Serenum - ok
20:03:28.0168 1664 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
20:03:28.0224 1664 Serial - ok
20:03:28.0257 1664 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:03:28.0278 1664 sermouse - ok
20:03:28.0731 1664 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:03:28.0781 1664 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
20:03:28.0781 1664 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
20:03:28.0846 1664 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:03:28.0870 1664 SessionEnv - ok
20:03:28.0908 1664 [ 55B145D4248012D306DA8E92FA9FDC20 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:03:28.0920 1664 sffdisk - ok
20:03:28.0948 1664 [ B86DFCD55294A0495571A27B861E6EF3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:03:28.0984 1664 sffp_mmc - ok
20:03:29.0029 1664 [ 5B327B59FAE2B01C34690D91ED03786E ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:03:29.0063 1664 sffp_sd - ok
20:03:29.0104 1664 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:03:29.0149 1664 sfloppy - ok
20:03:29.0202 1664 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:03:29.0255 1664 SharedAccess - ok
20:03:29.0303 1664 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:03:29.0375 1664 ShellHWDetection - ok
20:03:29.0412 1664 [ 93BEACC3815A4653A655C8BD7622FF63 ] Si3531 C:\Windows\system32\DRIVERS\Si3531.sys
20:03:29.0431 1664 Si3531 - ok
20:03:29.0443 1664 [ 165448BC832D424B97270C8D1276E24A ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
20:03:29.0456 1664 SiFilter - ok
20:03:29.0484 1664 [ 3EAD8E1668CE42A0AFE41D56E7157BCF ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
20:03:29.0526 1664 silabenm - ok
20:03:29.0586 1664 [ 5EC84546635D8F6E306F9C80FE09433D ] silabser C:\Windows\system32\DRIVERS\silabser.sys
20:03:29.0616 1664 silabser - ok
20:03:29.0655 1664 [ 9BE8EA3A8C7E6D47E710F6FA14B7442B ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
20:03:29.0668 1664 SiRemFil - ok
20:03:29.0714 1664 [ E5773C4CFF310D00A59DB01EF4074135 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:03:29.0735 1664 sisagp - ok
20:03:29.0773 1664 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:03:29.0789 1664 SiSRaid2 - ok
20:03:29.0827 1664 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:03:29.0843 1664 SiSRaid4 - ok
20:03:29.0893 1664 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:03:30.0004 1664 SkypeUpdate - ok
20:03:30.0128 1664 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
20:03:30.0359 1664 slsvc - ok
20:03:30.0393 1664 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:03:30.0478 1664 SLUINotify - ok
20:03:30.0501 1664 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:03:30.0560 1664 Smb - ok
20:03:30.0625 1664 [ D9BFD2298F5CF116D8EAAE3B02DCEE2E ] smserial C:\Windows\system32\DRIVERS\smserial.sys
20:03:30.0689 1664 smserial - ok
20:03:30.0734 1664 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:03:30.0781 1664 SNMPTRAP - ok
20:03:30.0811 1664 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
20:03:30.0834 1664 spldr - ok
20:03:30.0865 1664 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:03:30.0893 1664 Spooler - ok
20:03:30.0932 1664 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:03:30.0960 1664 srv - ok
20:03:30.0991 1664 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:03:31.0036 1664 srv2 - ok
20:03:31.0079 1664 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:03:31.0121 1664 srvnet - ok
20:03:31.0155 1664 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:03:31.0227 1664 SSDPSRV - ok
20:03:31.0261 1664 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
20:03:31.0284 1664 ssmdrv - ok
20:03:31.0304 1664 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:03:31.0357 1664 SstpSvc - ok
20:03:31.0416 1664 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
20:03:31.0483 1664 stisvc - ok
20:03:31.0508 1664 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:03:31.0530 1664 swenum - ok
20:03:31.0569 1664 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
20:03:31.0635 1664 swprv - ok
20:03:31.0681 1664 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:03:31.0702 1664 Symc8xx - ok
20:03:31.0720 1664 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:03:31.0743 1664 Sym_hi - ok
20:03:31.0766 1664 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:03:31.0787 1664 Sym_u3 - ok
20:03:31.0821 1664 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
20:03:31.0915 1664 SysMain - ok
20:03:31.0983 1664 [ 9D40AC2003DCA9F045181241C2BF47A2 ] SystemStoreService C:\Program Files\SoftwareUpdater\SystemStore.exe
20:03:31.0997 1664 SystemStoreService ( UnsignedFile.Multi.Generic ) - warning
20:03:31.0997 1664 SystemStoreService - detected UnsignedFile.Multi.Generic (1)
20:03:32.0030 1664 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:03:32.0084 1664 TabletInputService - ok
20:03:32.0125 1664 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:03:32.0183 1664 TapiSrv - ok
20:03:32.0224 1664 [ 77BD6143C6DCE0A1BF7B5571BED860DC ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
20:03:32.0242 1664 tbhsd - ok
20:03:32.0273 1664 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
20:03:32.0321 1664 TBS - ok
20:03:32.0381 1664 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:03:32.0463 1664 Tcpip - ok
20:03:32.0526 1664 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:03:32.0579 1664 Tcpip6 - ok
20:03:32.0618 1664 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:03:32.0650 1664 tcpipreg - ok
20:03:32.0688 1664 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:03:32.0733 1664 TDPIPE - ok
20:03:32.0756 1664 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:03:32.0796 1664 TDTCP - ok
20:03:32.0834 1664 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:03:32.0871 1664 tdx - ok
20:03:32.0904 1664 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:03:32.0918 1664 TermDD - ok
20:03:32.0939 1664 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
20:03:33.0027 1664 TermService - ok
20:03:33.0111 1664 [ 8C80A73A5D77B2208CA91E4FA269981D ] TestHandler C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
20:03:33.0141 1664 TestHandler ( UnsignedFile.Multi.Generic ) - warning
20:03:33.0141 1664 TestHandler - detected UnsignedFile.Multi.Generic (1)
20:03:33.0172 1664 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
20:03:33.0190 1664 Themes - ok
20:03:33.0208 1664 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:03:33.0236 1664 THREADORDER - ok
20:03:33.0274 1664 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
20:03:33.0303 1664 TrkWks - ok
20:03:33.0330 1664 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:03:33.0381 1664 TrustedInstaller - ok
20:03:33.0425 1664 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:03:33.0474 1664 tssecsrv - ok
20:03:33.0507 1664 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:03:33.0547 1664 tunmp - ok
20:03:33.0554 1664 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:03:33.0573 1664 tunnel - ok
20:03:33.0605 1664 TwonkyMedia - ok
20:03:33.0640 1664 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:03:33.0657 1664 uagp35 - ok
20:03:33.0687 1664 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:03:33.0740 1664 udfs - ok
20:03:33.0783 1664 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:03:33.0843 1664 UI0Detect - ok
20:03:33.0873 1664 [ 518A2E91349D0EBB1CA1F09260C7202E ] uigxrdr C:\Windows\system32\DRIVERS\uigxrdr.sys
20:03:33.0906 1664 uigxrdr ( UnsignedFile.Multi.Generic ) - warning
20:03:33.0906 1664 uigxrdr - detected UnsignedFile.Multi.Generic (1)
20:03:33.0941 1664 [ A25E0481DA469C3AF6AD18C1534B874C ] UimBus C:\Windows\system32\DRIVERS\UimBus.sys
20:03:33.0955 1664 UimBus - ok
20:03:33.0995 1664 [ EC2EDE874E0EB50A509269676CF5F4BD ] Uim_IM C:\Windows\system32\Drivers\Uim_IM.sys
20:03:34.0011 1664 Uim_IM - ok
20:03:34.0055 1664 [ 5895EF4D0F1424392EE6439250E25677 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:03:34.0080 1664 uliagpkx - ok
20:03:34.0121 1664 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:03:34.0148 1664 uliahci - ok
20:03:34.0177 1664 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:03:34.0200 1664 UlSata - ok
20:03:34.0220 1664 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:03:34.0236 1664 ulsata2 - ok
20:03:34.0257 1664 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:03:34.0280 1664 umbus - ok
20:03:34.0309 1664 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
20:03:34.0338 1664 upnphost - ok
20:03:34.0362 1664 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:03:34.0374 1664 USBAAPL - ok
20:03:34.0395 1664 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:03:34.0413 1664 usbccgp - ok
20:03:34.0433 1664 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:03:34.0471 1664 usbcir - ok
20:03:34.0500 1664 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:03:34.0533 1664 usbehci - ok
20:03:34.0569 1664 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:03:34.0591 1664 usbhub - ok
20:03:34.0608 1664 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:03:34.0646 1664 usbohci - ok
20:03:34.0678 1664 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:03:34.0724 1664 usbprint - ok
20:03:34.0772 1664 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:03:34.0790 1664 usbscan - ok
20:03:34.0805 1664 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:03:34.0828 1664 USBSTOR - ok
20:03:34.0857 1664 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:03:34.0876 1664 usbuhci - ok
20:03:34.0906 1664 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
20:03:34.0949 1664 UxSms - ok
20:03:34.0987 1664 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
20:03:35.0101 1664 vds - ok
20:03:35.0145 1664 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:03:35.0190 1664 vga - ok
20:03:35.0230 1664 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:03:35.0277 1664 VgaSave - ok
20:03:35.0308 1664 [ 66E64D5CBEB047C90E65F0962483A5B2 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:03:35.0327 1664 viaagp - ok
20:03:35.0347 1664 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:03:35.0403 1664 ViaC7 - ok
20:03:35.0431 1664 [ 7100B56688C5D6D7695D18FD001F0CD6 ] viaide C:\Windows\system32\drivers\viaide.sys
20:03:35.0448 1664 viaide - ok
20:03:35.0477 1664 [ 7DC3E1DC6E4F8BE381C31BFEA578412A ] viamraid C:\Windows\system32\drivers\viamraid.sys
20:03:35.0515 1664 viamraid - ok
20:03:35.0552 1664 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:03:35.0570 1664 volmgr - ok
20:03:35.0611 1664 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:03:35.0637 1664 volmgrx - ok
20:03:35.0675 1664 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:03:35.0700 1664 volsnap - ok
20:03:35.0736 1664 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:03:35.0760 1664 vsmraid - ok
20:03:35.0826 1664 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
20:03:35.0966 1664 VSS - ok
20:03:36.0030 1664 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
20:03:36.0074 1664 W32Time - ok
20:03:36.0107 1664 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:03:36.0201 1664 WacomPen - ok
20:03:36.0242 1664 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:03:36.0301 1664 Wanarp - ok
20:03:36.0307 1664 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:03:36.0344 1664 Wanarpv6 - ok
20:03:36.0392 1664 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:03:36.0442 1664 wcncsvc - ok
20:03:36.0475 1664 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:03:36.0539 1664 WcsPlugInService - ok
20:03:36.0584 1664 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
20:03:36.0606 1664 Wd - ok
20:03:36.0638 1664 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
20:03:36.0658 1664 WDC_SAM - ok
20:03:36.0706 1664 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:03:36.0782 1664 Wdf01000 - ok
20:03:36.0817 1664 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:03:36.0910 1664 WdiServiceHost - ok
20:03:36.0939 1664 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:03:37.0011 1664 WdiSystemHost - ok
20:03:37.0045 1664 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
20:03:37.0086 1664 WebClient - ok
20:03:37.0132 1664 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:03:37.0180 1664 Wecsvc - ok
20:03:37.0225 1664 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:03:37.0266 1664 wercplsupport - ok
20:03:37.0308 1664 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:03:37.0328 1664 WerSvc - ok
20:03:37.0378 1664 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:03:37.0392 1664 WinDefend - ok
20:03:37.0397 1664 WinHttpAutoProxySvc - ok
20:03:37.0472 1664 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:03:37.0491 1664 Winmgmt - ok
20:03:37.0548 1664 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:03:37.0678 1664 WinRM - ok
20:03:37.0760 1664 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:03:37.0833 1664 Wlansvc - ok
20:03:37.0937 1664 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:03:38.0060 1664 wlidsvc - ok
20:03:38.0091 1664 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:03:38.0117 1664 WmiAcpi - ok
20:03:38.0156 1664 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:03:38.0192 1664 wmiApSrv - ok
20:03:38.0256 1664 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:03:38.0356 1664 WMPNetworkSvc - ok
20:03:38.0389 1664 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:03:38.0464 1664 WPCSvc - ok
20:03:38.0497 1664 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:03:38.0519 1664 WPDBusEnum - ok
20:03:38.0555 1664 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:03:38.0597 1664 WpdUsb - ok
20:03:38.0721 1664 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:03:38.0806 1664 WPFFontCache_v0400 - ok
20:03:38.0851 1664 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:03:38.0915 1664 ws2ifsl - ok
20:03:38.0966 1664 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
20:03:38.0993 1664 WsAudio_DeviceS(1) - ok
20:03:39.0028 1664 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
20:03:39.0037 1664 WsAudio_DeviceS(2) - ok
20:03:39.0082 1664 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
20:03:39.0091 1664 WsAudio_DeviceS(3) - ok
20:03:39.0110 1664 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
20:03:39.0119 1664 WsAudio_DeviceS(4) - ok
20:03:39.0164 1664 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
20:03:39.0173 1664 WsAudio_DeviceS(5) - ok
20:03:39.0213 1664 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
20:03:39.0247 1664 wscsvc - ok
20:03:39.0251 1664 WSearch - ok
20:03:39.0345 1664 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:03:39.0481 1664 wuauserv - ok
20:03:39.0517 1664 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:03:39.0563 1664 WudfPf - ok
20:03:39.0593 1664 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:03:39.0626 1664 WUDFRd - ok
20:03:39.0655 1664 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:03:39.0669 1664 wudfsvc - ok
20:03:39.0687 1664 ================ Scan global ===============================
20:03:39.0738 1664 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:03:39.0781 1664 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
20:03:39.0821 1664 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
20:03:39.0862 1664 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:03:39.0866 1664 [Global] - ok
20:03:39.0866 1664 ================ Scan MBR ==================================
20:03:39.0882 1664 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:03:40.0249 1664 \Device\Harddisk0\DR0 - ok
20:03:40.0253 1664 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:03:41.0016 1664 \Device\Harddisk1\DR1 - ok
20:03:41.0017 1664 ================ Scan VBR ==================================
20:03:41.0019 1664 [ 90A8DA667EC988BE5A29B0F3426B5D50 ] \Device\Harddisk0\DR0\Partition1
20:03:41.0020 1664 \Device\Harddisk0\DR0\Partition1 - ok
20:03:41.0023 1664 [ 7FF865B2927D6E065B9D2E5F7320F896 ] \Device\Harddisk1\DR1\Partition1
20:03:41.0025 1664 \Device\Harddisk1\DR1\Partition1 - ok
20:03:41.0026 1664 ============================================================
20:03:41.0026 1664 Scan finished
20:03:41.0026 1664 ============================================================
20:03:41.0036 0488 Detected object count: 12
20:03:41.0036 0488 Actual detected object count: 12
20:12:37.0168 0488 CEBFilter ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0168 0488 CEBFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0171 0488 CEIO ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0171 0488 CEIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0174 0488 cKBFilter ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0174 0488 cKBFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0177 0488 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0178 0488 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0181 0488 OsdService ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0182 0488 OsdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0186 0488 PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0186 0488 PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0189 0488 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0189 0488 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0192 0488 PolarUSB ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0192 0488 PolarUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0195 0488 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0195 0488 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0198 0488 SystemStoreService ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0199 0488 SystemStoreService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0203 0488 TestHandler ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0203 0488 TestHandler ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:12:37.0206 0488 uigxrdr ( UnsignedFile.Multi.Generic ) - skipped by user
20:12:37.0206 0488 uigxrdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:13:37.0171 2444 Deinitialize success
__________________

Alt 12.06.2013, 20:12   #4
markusg
/// Malware-holic
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 20:13   #5
Ottifant
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Noch eine Ergänzung:

Habe unter C Programme ein Verzeichnis Software Updater gefunden (siehe Anhang) - evtl. hängt das damit zusammen ?

Miniaturansicht angehängter Grafiken
-software-updater.jpg.jpg  

Alt 12.06.2013, 20:20   #6
markusg
/// Malware-holic
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



bitte weiter erst mal mit combofix
__________________
--> Software.updater.ui.exe möchte an meinen Laptop

Alt 12.06.2013, 21:48   #7
Ottifant
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Habe combofix heruntergeladen und 2 x gestartet. Das Programm läuft an, und kommt dann auf eine Seite, auf der steht "... dauert ca. 10 Min., bei stark infizierten Rechnern kann es auch das doppelte dauern ...". Beide male habe mind. 30 Min gewartet, nichts passierte mehr. Fenster ließ sich auch nicht mehr schließen usw. Habe 2 x den Laptop hart abgeschaltet und neu gestartet. beim 2 x kam auch wieder der Versuch der software.updater.ui.exe .....

War damit leider erfolglos.

Nur zur Sicherheit: mit "war leider verfolglos" meinte ich nicht, daß ich jetzt die Flinte ins Korn werfen möchte.

Ich meinte: Combofix war leider erfolglos (wie auch das Programm GMER bei mir am Anfang nicht funktioniert hat).

Jetzt warte ich, bis ich wieder weiter versuchen darf

Alt 21.06.2013, 12:58   #8
aharonov
/// TB-Ausbilder
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Hi und sorry für die Verzögerung,

ich springe hier für Markus ein, da er eine Wochen im wohlverdienten Urlaub weilt..

Brauchst du immer noch Hilfe oder hat sich die Sache mittlerweile erledigt?
__________________
cheers,
Leo

Alt 21.06.2013, 15:12   #9
Ottifant
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Hat sich erledigt.

Alt 21.06.2013, 17:56   #10
aharonov
/// TB-Ausbilder
 
Software.updater.ui.exe möchte an meinen Laptop - Standard

Software.updater.ui.exe möchte an meinen Laptop



Ok, danke für die Mitteilung.
__________________
cheers,
Leo

Antwort

Themen zu Software.updater.ui.exe möchte an meinen Laptop
antivir, audiograbber, avira, bho, bonjour, browser, computer, desktop, error, excel, expert pdf, firefox, flash player, helper, home, homepage, iexplore.exe, install.exe, logfile, programm, realtek, registry, scan, security, software.updater.ui.exe, softwareupdater, starten, svchost.exe, trojaner, vista



Ähnliche Themen: Software.updater.ui.exe möchte an meinen Laptop


  1. Software.Updater.Ui
    Log-Analyse und Auswertung - 27.03.2015 (7)
  2. Ich möchte gerne das Programm LPT System Updater Service deinstallieren
    Alles rund um Windows - 06.11.2014 (27)
  3. Windows7, Trojaner Software.Updater.UI.exe, Popup erscheint hartnäckig
    Log-Analyse und Auswertung - 21.03.2014 (17)
  4. Trojaner Software.Updater.UI.exe dank Schreiber entfernt
    Lob, Kritik und Wünsche - 20.03.2014 (0)
  5. Win 7: Software Updater Malware ?
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (7)
  6. Software-Updater beim Hochfahren
    Log-Analyse und Auswertung - 29.01.2014 (10)
  7. Hilfe bei trojaner Software Updater Ui.exe
    Log-Analyse und Auswertung - 17.11.2013 (10)
  8. Software Updater UI, benötigte Unterstützung bei Entfernung
    Log-Analyse und Auswertung - 02.11.2013 (1)
  9. Software Updater.ui ebenfalls eingefangen :/
    Plagegeister aller Art und deren Bekämpfung - 15.10.2013 (2)
  10. Software Updater.ui .exe/ windows vista
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (13)
  11. software.updater.ui.exe legt Rechner komplett Lahm
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (17)
  12. Laptop langsam - Gescannt und gereinigt - software.updater.exe gefunden
    Log-Analyse und Auswertung - 07.10.2013 (7)
  13. Windows Vista : Software Updater.ui
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (7)
  14. Software.Updater.ui.exe nun auf dem Rechner meiner Freundin nach dem Hochfahren
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (9)
  15. Software Updater UI.exe wie entferne ich das von meinem Laptop?
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (11)
  16. software.updater.ui.exe Netzwerk bricht ab
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (12)
  17. ich möchte meinen PC reinigen
    Plagegeister aller Art und deren Bekämpfung - 04.08.2012 (57)

Zum Thema Software.updater.ui.exe möchte an meinen Laptop - Nach dem Systemstart (manchmal auch während dem normalen Surfen) möchte eine Datei Software.updater.Ui.exe Unbekannter Herausgeber auf meinen Laptop zugreifen. Evtl. ist es mir vor einigen Wochen auch passiert, daß ich - Software.updater.ui.exe möchte an meinen Laptop...
Archiv
Du betrachtest: Software.updater.ui.exe möchte an meinen Laptop auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.