Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Bitte kurz meine Logs auswerten :)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 06.08.2013, 23:14   #1
Julius123
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Hallo liebe Community

ich würde gerne eure Meinung über diesen Log, bzw. Report hören. Ich weiß leider nicht, ob das das richtige Format ist und ihr das überhaupt auswerten könnt, aber ich poste es jetzt einfach mal Ich bin ein relativer "Anfänger" im Gebiet PC, insbesondere im Gebiet Software ... also bitte nicht all zu viel Fachbegriffe verwenden

Danke schonmal im Voraus !!

Julius

Alt 06.08.2013, 23:25   #2
markusg
/// Malware-holic
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Hi,
log ist ok.
Gib uns ne Problembeschreibung, dann können wir evtl. was für dich tun :-)
__________________

__________________

Alt 07.08.2013, 15:47   #3
Julius123
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Und zwar, ich hatte Anfang des Jahres diesen "BKA" oder "Bundesagenturvirus" drauf ... keine Ahnung wie der genau heißt. Hab ihn dann mit Hilfe meines Virenprogramms gelöscht, glaube ich zumindest. Ausserdem hatte ich zwischendurch noch ein paar andere Viren drauf, die ich auch mit hilfe meines Virenprogramms gelöscht hab.

Meine Probleme sind jetzt ... wenn ich im Laufwerk C: z.B. den Ordner "Eigene Dateien" öffnen will, kommt die Meldung "Zugriff verweigert" ... hat mir da der Virus i-was kaputt gemacht? :/

Noch dazu kommt immer wenn ich den PC Neu gestartet habe eine Meldung, die ich euch in den Anhang beifüge ... (editiere ich gleich noch)
__________________

Alt 07.08.2013, 15:51   #4
markusg
/// Malware-holic
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Nein, es gibt einige gesperrte ordner, dass passt.
mit einfachem löschen ists nicht getan.
wer sich solche BKA Ransomware einfängt, sollte erst mal sein Surfverhalten überdenken, denn die meisten Leute gucken illegale Streams von Kinox.to und nachfolger....
Die leute stellen euch das Zeug nicht ins Netz, weil sie euch mögen, die wollen Geld verdienen.
und selbst wenn man dann nicht zahlt, können sie weiterhin geld verdienen in dem sie z.B. passwörter sammeln und die dann "gebündelt" verkaufen.
Pornoseiten sind auch gefährdet, natürlich kannst du auch nur auf ne gehackte Seite gelangs sein.
Gleich folgt eine Anleitung für frst, in der Addition benötige ich Zusatzinfos, bitte beachten.
Empfehlungen fürs Deinstallieren
Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte
hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.08.2013, 17:23   #5
Julius123
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Ich kann das Programm nicht installieren :/ (Siehe Anhang)

Miniaturansicht angehängter Grafiken
Bitte kurz meine Logs auswerten :)-fehlermeldung.jpg  

Alt 07.08.2013, 17:27   #6
markusg
/// Malware-holic
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



bitte meldung als Text posten
__________________
--> Bitte kurz meine Logs auswerten :)

Alt 07.08.2013, 17:32   #7
Julius123
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



"Unable to initialize installer GUI."

Alt 07.08.2013, 17:51   #8
markusg
/// Malware-holic
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Hast du auch die passene Version für dein Betriebssystem gewählt?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.08.2013, 18:00   #9
Julius123
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Hab ich, ja ...

Hab sicherheitshalber auch mal die 64 bit ausprobiert, kommt aber die gleiche Meldung.

Alt 07.08.2013, 18:03   #10
markusg
/// Malware-holic
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Ok,
Es sind 2 Logs zu erstellen, poste sie möglichst gleichzeitig.
1.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


2.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.08.2013, 18:22   #11
Julius123
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



19:21:21.0184 8152 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:21:21.0421 8152 ============================================================
19:21:21.0421 8152 Current date / time: 2013/08/07 19:21:21.0421
19:21:21.0421 8152 SystemInfo:
19:21:21.0421 8152
19:21:21.0421 8152 OS Version: 6.1.7601 ServicePack: 1.0
19:21:21.0421 8152 Product type: Workstation
19:21:21.0421 8152 ComputerName: EXPERT-PC
19:21:21.0421 8152 UserName: expert
19:21:21.0421 8152 Windows directory: C:\windows
19:21:21.0421 8152 System windows directory: C:\windows
19:21:21.0421 8152 Processor architecture: Intel x86
19:21:21.0421 8152 Number of processors: 4
19:21:21.0422 8152 Page size: 0x1000
19:21:21.0422 8152 Boot type: Normal boot
19:21:21.0422 8152 ============================================================
19:21:22.0032 8152 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:21:22.0036 8152 ============================================================
19:21:22.0036 8152 \Device\Harddisk0\DR0:
19:21:22.0036 8152 MBR partitions:
19:21:22.0036 8152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:21:22.0036 8152 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x1C2A9000
19:21:22.0036 8152 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E0DB800, BlocksNum 0x1C2AA000
19:21:22.0036 8152 ============================================================
19:21:22.0055 8152 C: <-> \Device\Harddisk0\DR0\Partition2
19:21:22.0106 8152 D: <-> \Device\Harddisk0\DR0\Partition3
19:21:22.0107 8152 ============================================================
19:21:22.0107 8152 Initialize success
19:21:22.0107 8152 ============================================================
19:21:25.0038 3520 ============================================================
19:21:25.0038 3520 Scan started
19:21:25.0039 3520 Mode: Manual;
19:21:25.0039 3520 ============================================================
19:21:26.0237 3520 ================ Scan system memory ========================
19:21:26.0237 3520 System memory - ok
19:21:26.0238 3520 ================ Scan services =============================
19:21:26.0453 3520 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:21:26.0456 3520 1394ohci - ok
19:21:26.0523 3520 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:21:26.0529 3520 ACPI - ok
19:21:26.0586 3520 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:21:26.0588 3520 AcpiPmi - ok
19:21:26.0699 3520 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:21:26.0702 3520 AdobeFlashPlayerUpdateSvc - ok
19:21:26.0755 3520 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
19:21:26.0764 3520 adp94xx - ok
19:21:26.0792 3520 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
19:21:26.0798 3520 adpahci - ok
19:21:26.0816 3520 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
19:21:26.0820 3520 adpu320 - ok
19:21:26.0856 3520 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:21:26.0858 3520 AeLookupSvc - ok
19:21:26.0924 3520 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
19:21:26.0930 3520 AFD - ok
19:21:26.0977 3520 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
19:21:26.0979 3520 agp440 - ok
19:21:27.0024 3520 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
19:21:27.0027 3520 aic78xx - ok
19:21:27.0064 3520 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
19:21:27.0068 3520 ALG - ok
19:21:27.0138 3520 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
19:21:27.0140 3520 aliide - ok
19:21:27.0162 3520 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
19:21:27.0164 3520 amdagp - ok
19:21:27.0226 3520 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
19:21:27.0228 3520 amdide - ok
19:21:27.0247 3520 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
19:21:27.0249 3520 AmdK8 - ok
19:21:27.0261 3520 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
19:21:27.0263 3520 AmdPPM - ok
19:21:27.0312 3520 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
19:21:27.0314 3520 amdsata - ok
19:21:27.0345 3520 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
19:21:27.0349 3520 amdsbs - ok
19:21:27.0378 3520 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:21:27.0380 3520 amdxata - ok
19:21:27.0606 3520 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:21:27.0608 3520 AntiVirSchedulerService - ok
19:21:27.0684 3520 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:21:27.0687 3520 AntiVirService - ok
19:21:27.0744 3520 [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:21:27.0751 3520 AntiVirWebService - ok
19:21:27.0842 3520 [ D41231AECFEE88973D56AEC2EE5B962D ] APNMCP C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
19:21:27.0844 3520 APNMCP - ok
19:21:27.0906 3520 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
19:21:27.0909 3520 AppID - ok
19:21:27.0948 3520 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:21:27.0951 3520 AppIDSvc - ok
19:21:27.0990 3520 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\windows\System32\appinfo.dll
19:21:27.0992 3520 Appinfo - ok
19:21:28.0084 3520 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:21:28.0087 3520 Apple Mobile Device - ok
19:21:28.0159 3520 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
19:21:28.0162 3520 arc - ok
19:21:28.0182 3520 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
19:21:28.0185 3520 arcsas - ok
19:21:28.0220 3520 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:21:28.0221 3520 AsyncMac - ok
19:21:28.0270 3520 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
19:21:28.0272 3520 atapi - ok
19:21:28.0351 3520 [ 49F17A2E79469BE6581D491706720671 ] athr C:\windows\system32\DRIVERS\athr.sys
19:21:28.0382 3520 athr - ok
19:21:28.0448 3520 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:21:28.0456 3520 AudioEndpointBuilder - ok
19:21:28.0467 3520 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
19:21:28.0471 3520 Audiosrv - ok
19:21:28.0535 3520 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
19:21:28.0538 3520 avgntflt - ok
19:21:28.0593 3520 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
19:21:28.0596 3520 avipbb - ok
19:21:28.0658 3520 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
19:21:28.0659 3520 avkmgr - ok
19:21:28.0723 3520 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
19:21:28.0741 3520 AxInstSV - ok
19:21:28.0798 3520 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
19:21:28.0806 3520 b06bdrv - ok
19:21:28.0853 3520 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
19:21:28.0858 3520 b57nd60x - ok
19:21:28.0918 3520 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
19:21:28.0920 3520 BDESVC - ok
19:21:28.0938 3520 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
19:21:28.0939 3520 Beep - ok
19:21:29.0106 3520 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
19:21:29.0114 3520 BFE - ok
19:21:29.0163 3520 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
19:21:29.0175 3520 BITS - ok
19:21:29.0200 3520 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:21:29.0202 3520 blbdrive - ok
19:21:29.0331 3520 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:21:29.0338 3520 Bonjour Service - ok
19:21:29.0393 3520 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:21:29.0396 3520 bowser - ok
19:21:29.0421 3520 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
19:21:29.0423 3520 BrFiltLo - ok
19:21:29.0438 3520 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
19:21:29.0439 3520 BrFiltUp - ok
19:21:29.0519 3520 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
19:21:29.0521 3520 BridgeMP - ok
19:21:29.0571 3520 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
19:21:29.0574 3520 Browser - ok
19:21:29.0723 3520 [ BD2D29BAF273E029BBAC627AACA37594 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
19:21:29.0744 3520 BrowserDefendert - ok
19:21:29.0797 3520 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:21:29.0803 3520 Brserid - ok
19:21:29.0828 3520 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:21:29.0830 3520 BrSerWdm - ok
19:21:29.0851 3520 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:21:29.0853 3520 BrUsbMdm - ok
19:21:29.0879 3520 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:21:29.0881 3520 BrUsbSer - ok
19:21:29.0937 3520 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
19:21:29.0939 3520 BthEnum - ok
19:21:29.0975 3520 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
19:21:29.0977 3520 BTHMODEM - ok
19:21:30.0031 3520 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
19:21:30.0033 3520 BthPan - ok
19:21:30.0093 3520 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
19:21:30.0100 3520 BTHPORT - ok
19:21:30.0150 3520 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
19:21:30.0152 3520 bthserv - ok
19:21:30.0215 3520 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
19:21:30.0217 3520 BTHUSB - ok
19:21:30.0424 3520 catchme - ok
19:21:30.0566 3520 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:21:30.0568 3520 cdfs - ok
19:21:30.0636 3520 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
19:21:30.0639 3520 cdrom - ok
19:21:30.0687 3520 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
19:21:30.0689 3520 CertPropSvc - ok
19:21:30.0713 3520 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
19:21:30.0714 3520 circlass - ok
19:21:30.0752 3520 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
19:21:30.0756 3520 CLFS - ok
19:21:30.0860 3520 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:21:30.0863 3520 clr_optimization_v2.0.50727_32 - ok
19:21:30.0935 3520 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:21:30.0946 3520 clr_optimization_v4.0.30319_32 - ok
19:21:30.0986 3520 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:21:30.0988 3520 CmBatt - ok
19:21:31.0049 3520 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
19:21:31.0051 3520 cmdide - ok
19:21:31.0110 3520 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
19:21:31.0118 3520 CNG - ok
19:21:31.0174 3520 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
19:21:31.0177 3520 Compbatt - ok
19:21:31.0237 3520 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
19:21:31.0239 3520 CompositeBus - ok
19:21:31.0257 3520 COMSysApp - ok
19:21:31.0303 3520 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
19:21:31.0304 3520 crcdisk - ok
19:21:31.0352 3520 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\windows\system32\cryptsvc.dll
19:21:31.0356 3520 CryptSvc - ok
19:21:31.0413 3520 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
19:21:31.0420 3520 DcomLaunch - ok
19:21:31.0457 3520 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
19:21:31.0462 3520 defragsvc - ok
19:21:31.0519 3520 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:21:31.0522 3520 DfsC - ok
19:21:31.0558 3520 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
19:21:31.0563 3520 Dhcp - ok
19:21:31.0597 3520 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
19:21:31.0598 3520 discache - ok
19:21:31.0627 3520 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
19:21:31.0630 3520 Disk - ok
19:21:31.0668 3520 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:21:31.0671 3520 Dnscache - ok
19:21:31.0718 3520 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
19:21:31.0722 3520 dot3svc - ok
19:21:31.0775 3520 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
19:21:31.0779 3520 DPS - ok
19:21:31.0813 3520 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:21:31.0815 3520 drmkaud - ok
19:21:31.0868 3520 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:21:31.0878 3520 DXGKrnl - ok
19:21:31.0908 3520 EagleNT - ok
19:21:31.0950 3520 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
19:21:31.0954 3520 EapHost - ok
19:21:32.0071 3520 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
19:21:32.0111 3520 ebdrv - ok
19:21:32.0155 3520 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
19:21:32.0158 3520 EFS - ok
19:21:32.0223 3520 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:21:32.0232 3520 ehRecvr - ok
19:21:32.0251 3520 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
19:21:32.0253 3520 ehSched - ok
19:21:32.0314 3520 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
19:21:32.0321 3520 elxstor - ok
19:21:32.0368 3520 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
19:21:32.0370 3520 ErrDev - ok
19:21:32.0417 3520 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
19:21:32.0422 3520 EventSystem - ok
19:21:32.0439 3520 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
19:21:32.0442 3520 exfat - ok
19:21:32.0466 3520 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
19:21:32.0469 3520 fastfat - ok
19:21:32.0546 3520 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
19:21:32.0555 3520 Fax - ok
19:21:32.0578 3520 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
19:21:32.0579 3520 fdc - ok
19:21:32.0591 3520 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
19:21:32.0593 3520 fdPHost - ok
19:21:32.0606 3520 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
19:21:32.0609 3520 FDResPub - ok
19:21:32.0620 3520 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:21:32.0622 3520 FileInfo - ok
19:21:32.0633 3520 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:21:32.0635 3520 Filetrace - ok
19:21:32.0654 3520 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
19:21:32.0656 3520 flpydisk - ok
19:21:32.0681 3520 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:21:32.0686 3520 FltMgr - ok
19:21:32.0756 3520 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\windows\system32\FntCache.dll
19:21:32.0770 3520 FontCache - ok
19:21:32.0823 3520 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:21:32.0826 3520 FontCache3.0.0.0 - ok
19:21:32.0847 3520 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:21:32.0849 3520 FsDepends - ok
19:21:32.0886 3520 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
19:21:32.0889 3520 fssfltr - ok
19:21:33.0025 3520 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:21:33.0045 3520 fsssvc - ok
19:21:33.0093 3520 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:21:33.0095 3520 Fs_Rec - ok
19:21:33.0146 3520 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:21:33.0150 3520 fvevol - ok
19:21:33.0186 3520 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
19:21:33.0189 3520 gagp30kx - ok
19:21:33.0233 3520 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:21:33.0235 3520 GEARAspiWDM - ok
19:21:33.0287 3520 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
19:21:33.0296 3520 gpsvc - ok
19:21:33.0386 3520 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:21:33.0388 3520 gupdate - ok
19:21:33.0403 3520 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:21:33.0405 3520 gupdatem - ok
19:21:33.0469 3520 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
19:21:33.0471 3520 hamachi - ok
19:21:33.0500 3520 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:21:33.0502 3520 hcw85cir - ok
19:21:33.0556 3520 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:21:33.0562 3520 HdAudAddService - ok
19:21:33.0626 3520 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
19:21:33.0629 3520 HDAudBus - ok
19:21:33.0647 3520 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
19:21:33.0649 3520 HidBatt - ok
19:21:33.0672 3520 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:21:33.0674 3520 HidBth - ok
19:21:33.0696 3520 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
19:21:33.0697 3520 HidIr - ok
19:21:33.0741 3520 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
19:21:33.0743 3520 hidserv - ok
19:21:33.0786 3520 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:21:33.0788 3520 HidUsb - ok
19:21:33.0838 3520 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
19:21:33.0842 3520 hkmsvc - ok
19:21:33.0904 3520 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:21:33.0908 3520 HomeGroupListener - ok
19:21:33.0958 3520 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:21:33.0964 3520 HomeGroupProvider - ok
19:21:34.0018 3520 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:21:34.0021 3520 HpSAMD - ok
19:21:34.0081 3520 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:21:34.0090 3520 HTTP - ok
19:21:34.0151 3520 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:21:34.0151 3520 hwpolicy - ok
19:21:34.0211 3520 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
19:21:34.0214 3520 i8042prt - ok
19:21:34.0254 3520 [ EDF5ECC965FAAA533D35E02F47B9132E ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:21:34.0258 3520 iaStor - ok
19:21:34.0318 3520 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:21:34.0324 3520 iaStorV - ok
19:21:34.0389 3520 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:21:34.0402 3520 idsvc - ok
19:21:34.0550 3520 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
19:21:34.0664 3520 igfx - ok
19:21:34.0706 3520 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
19:21:34.0708 3520 iirsp - ok
19:21:34.0772 3520 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
19:21:34.0783 3520 IKEEXT - ok
19:21:34.0836 3520 [ 2DB41BA61D5E44D0667CF126D35DCF34 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
19:21:34.0840 3520 Impcd - ok
19:21:34.0942 3520 [ 0A0E3C041C20C4175E1CC6580138CA38 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
19:21:34.0976 3520 IntcAzAudAddService - ok
19:21:35.0024 3520 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
19:21:35.0026 3520 intelide - ok
19:21:35.0063 3520 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:21:35.0065 3520 intelppm - ok
19:21:35.0095 3520 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:21:35.0099 3520 IPBusEnum - ok
19:21:35.0124 3520 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:21:35.0126 3520 IpFilterDriver - ok
19:21:35.0182 3520 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:21:35.0190 3520 iphlpsvc - ok
19:21:35.0238 3520 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:21:35.0240 3520 IPMIDRV - ok
19:21:35.0262 3520 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:21:35.0264 3520 IPNAT - ok
19:21:35.0341 3520 [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:21:35.0346 3520 iPod Service - ok
19:21:35.0372 3520 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
19:21:35.0374 3520 IRENUM - ok
19:21:35.0422 3520 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:21:35.0425 3520 isapnp - ok
19:21:35.0483 3520 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:21:35.0489 3520 iScsiPrt - ok
19:21:35.0540 3520 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
19:21:35.0542 3520 kbdclass - ok
19:21:35.0603 3520 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
19:21:35.0605 3520 kbdhid - ok
19:21:35.0621 3520 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
19:21:35.0624 3520 KeyIso - ok
19:21:35.0662 3520 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:21:35.0664 3520 KSecDD - ok
19:21:35.0722 3520 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:21:35.0725 3520 KSecPkg - ok
19:21:35.0757 3520 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
19:21:35.0764 3520 KtmRm - ok
19:21:35.0801 3520 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
19:21:35.0807 3520 LanmanServer - ok
19:21:35.0821 3520 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:21:35.0827 3520 LanmanWorkstation - ok
19:21:35.0880 3520 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:21:35.0881 3520 lltdio - ok
19:21:35.0906 3520 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
19:21:35.0911 3520 lltdsvc - ok
19:21:35.0928 3520 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
19:21:35.0931 3520 lmhosts - ok
19:21:35.0963 3520 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
19:21:35.0966 3520 LSI_FC - ok
19:21:35.0986 3520 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
19:21:35.0989 3520 LSI_SAS - ok
19:21:36.0006 3520 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
19:21:36.0008 3520 LSI_SAS2 - ok
19:21:36.0031 3520 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
19:21:36.0034 3520 LSI_SCSI - ok
19:21:36.0052 3520 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
19:21:36.0055 3520 luafv - ok
19:21:36.0113 3520 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:21:36.0117 3520 Mcx2Svc - ok
19:21:36.0210 3520 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:21:36.0215 3520 MDM - ok
19:21:36.0233 3520 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
19:21:36.0235 3520 megasas - ok
19:21:36.0274 3520 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
19:21:36.0279 3520 MegaSR - ok
19:21:36.0306 3520 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
19:21:36.0310 3520 MMCSS - ok
19:21:36.0316 3520 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
19:21:36.0319 3520 Modem - ok
19:21:36.0370 3520 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:21:36.0372 3520 monitor - ok
19:21:36.0433 3520 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
19:21:36.0436 3520 mouclass - ok
19:21:36.0474 3520 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:21:36.0476 3520 mouhid - ok
19:21:36.0516 3520 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:21:36.0518 3520 mountmgr - ok
19:21:36.0618 3520 [ E6DB6C61739E18906DC2C4191F6EDEA2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:21:36.0621 3520 MozillaMaintenance - ok
19:21:36.0651 3520 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
19:21:36.0654 3520 mpio - ok
19:21:36.0673 3520 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:21:36.0676 3520 mpsdrv - ok
19:21:36.0728 3520 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
19:21:36.0737 3520 MpsSvc - ok
19:21:36.0788 3520 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:21:36.0791 3520 MRxDAV - ok
19:21:36.0838 3520 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:21:36.0842 3520 mrxsmb - ok
19:21:36.0886 3520 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:21:36.0891 3520 mrxsmb10 - ok
19:21:36.0911 3520 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:21:36.0913 3520 mrxsmb20 - ok
19:21:36.0961 3520 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
19:21:36.0963 3520 msahci - ok
19:21:37.0006 3520 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:21:37.0009 3520 msdsm - ok
19:21:37.0031 3520 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
19:21:37.0036 3520 MSDTC - ok
19:21:37.0072 3520 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
19:21:37.0074 3520 Msfs - ok
19:21:37.0084 3520 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:21:37.0086 3520 mshidkmdf - ok
19:21:37.0135 3520 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:21:37.0137 3520 msisadrv - ok
19:21:37.0177 3520 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:21:37.0181 3520 MSiSCSI - ok
19:21:37.0188 3520 msiserver - ok
19:21:37.0214 3520 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:21:37.0216 3520 MSKSSRV - ok
19:21:37.0227 3520 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:21:37.0229 3520 MSPCLOCK - ok
19:21:37.0235 3520 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:21:37.0237 3520 MSPQM - ok
19:21:37.0260 3520 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:21:37.0263 3520 MsRPC - ok
19:21:37.0309 3520 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
19:21:37.0311 3520 mssmbios - ok
19:21:37.0325 3520 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:21:37.0327 3520 MSTEE - ok
19:21:37.0347 3520 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
19:21:37.0349 3520 MTConfig - ok
19:21:37.0364 3520 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
19:21:37.0366 3520 Mup - ok
19:21:37.0420 3520 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
19:21:37.0428 3520 napagent - ok
19:21:37.0472 3520 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:21:37.0477 3520 NativeWifiP - ok
19:21:37.0538 3520 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
19:21:37.0549 3520 NDIS - ok
19:21:37.0566 3520 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:21:37.0569 3520 NdisCap - ok
19:21:37.0593 3520 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:21:37.0595 3520 NdisTapi - ok
19:21:37.0641 3520 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:21:37.0644 3520 Ndisuio - ok
19:21:37.0696 3520 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:21:37.0699 3520 NdisWan - ok
19:21:37.0727 3520 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:21:37.0729 3520 NDProxy - ok
19:21:37.0790 3520 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\windows\system32\DRIVERS\netaapl.sys
19:21:37.0792 3520 Netaapl - ok
19:21:37.0824 3520 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:21:37.0826 3520 NetBIOS - ok
19:21:37.0865 3520 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:21:37.0868 3520 NetBT - ok
19:21:37.0887 3520 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
19:21:37.0890 3520 Netlogon - ok
19:21:37.0942 3520 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
19:21:37.0949 3520 Netman - ok
19:21:37.0969 3520 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
19:21:37.0977 3520 netprofm - ok
19:21:38.0020 3520 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:21:38.0023 3520 NetTcpPortSharing - ok
19:21:38.0053 3520 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
19:21:38.0056 3520 nfrd960 - ok
19:21:38.0094 3520 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
19:21:38.0100 3520 NlaSvc - ok
19:21:38.0119 3520 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
19:21:38.0121 3520 Npfs - ok
19:21:38.0148 3520 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
19:21:38.0151 3520 nsi - ok
19:21:38.0161 3520 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:21:38.0162 3520 nsiproxy - ok
19:21:38.0230 3520 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:21:38.0247 3520 Ntfs - ok
19:21:38.0279 3520 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
19:21:38.0281 3520 Null - ok
19:21:38.0327 3520 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\windows\system32\drivers\nvhda32v.sys
19:21:38.0330 3520 NVHDA - ok
19:21:38.0574 3520 [ 104C0FE08DD64965CF788D91CCBB2CC6 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
19:21:38.0785 3520 nvlddmkm - ok
19:21:38.0812 3520 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
19:21:38.0816 3520 nvraid - ok
19:21:38.0857 3520 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
19:21:38.0861 3520 nvstor - ok
19:21:38.0890 3520 [ 63A9CACE87C31A46BDF4AD448D9A033A ] nvsvc C:\windows\system32\nvvsvc.exe
19:21:38.0895 3520 nvsvc - ok
19:21:38.0957 3520 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:21:38.0960 3520 nv_agp - ok
19:21:39.0011 3520 [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
19:21:39.0012 3520 OberonGameConsoleService - ok
19:21:39.0103 3520 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:21:39.0110 3520 odserv - ok
19:21:39.0154 3520 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:21:39.0156 3520 ohci1394 - ok
19:21:39.0203 3520 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:21:39.0206 3520 ose - ok
19:21:39.0244 3520 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:21:39.0251 3520 p2pimsvc - ok
19:21:39.0291 3520 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
19:21:39.0298 3520 p2psvc - ok
19:21:39.0321 3520 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
19:21:39.0324 3520 Parport - ok
19:21:39.0367 3520 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
19:21:39.0369 3520 partmgr - ok
19:21:39.0386 3520 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
19:21:39.0388 3520 Parvdm - ok
19:21:39.0409 3520 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
19:21:39.0414 3520 PcaSvc - ok
19:21:39.0473 3520 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
19:21:39.0477 3520 pci - ok
19:21:39.0527 3520 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
19:21:39.0529 3520 pciide - ok
19:21:39.0548 3520 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
19:21:39.0552 3520 pcmcia - ok
19:21:39.0572 3520 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
19:21:39.0574 3520 pcw - ok
19:21:39.0609 3520 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:21:39.0618 3520 PEAUTH - ok
19:21:39.0713 3520 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
19:21:39.0736 3520 pla - ok
19:21:39.0782 3520 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:21:39.0790 3520 PlugPlay - ok
19:21:39.0816 3520 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:21:39.0821 3520 PNRPAutoReg - ok
19:21:39.0844 3520 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:21:39.0849 3520 PNRPsvc - ok
19:21:39.0868 3520 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:21:39.0876 3520 PolicyAgent - ok
19:21:39.0923 3520 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
19:21:39.0930 3520 Power - ok
19:21:39.0961 3520 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:21:39.0963 3520 PptpMiniport - ok
19:21:39.0989 3520 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
19:21:39.0992 3520 Processor - ok
19:21:40.0043 3520 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
19:21:40.0049 3520 ProfSvc - ok
19:21:40.0065 3520 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
19:21:40.0069 3520 ProtectedStorage - ok
19:21:40.0108 3520 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:21:40.0110 3520 Psched - ok
19:21:40.0152 3520 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
19:21:40.0171 3520 ql2300 - ok
19:21:40.0190 3520 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
19:21:40.0193 3520 ql40xx - ok
19:21:40.0227 3520 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
19:21:40.0233 3520 QWAVE - ok
19:21:40.0253 3520 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:21:40.0255 3520 QWAVEdrv - ok
19:21:40.0270 3520 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:21:40.0272 3520 RasAcd - ok
19:21:40.0314 3520 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:21:40.0316 3520 RasAgileVpn - ok
19:21:40.0335 3520 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
19:21:40.0339 3520 RasAuto - ok
19:21:40.0353 3520 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:21:40.0355 3520 Rasl2tp - ok
19:21:40.0417 3520 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
19:21:40.0423 3520 RasMan - ok
19:21:40.0444 3520 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:21:40.0447 3520 RasPppoe - ok
19:21:40.0466 3520 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:21:40.0469 3520 RasSstp - ok
19:21:40.0517 3520 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:21:40.0521 3520 rdbss - ok
19:21:40.0549 3520 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
19:21:40.0550 3520 rdpbus - ok
19:21:40.0601 3520 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:21:40.0602 3520 RDPCDD - ok
19:21:40.0632 3520 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:21:40.0633 3520 RDPENCDD - ok
19:21:40.0644 3520 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:21:40.0645 3520 RDPREFMP - ok
19:21:40.0743 3520 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
19:21:40.0745 3520 RdpVideoMiniport - ok
19:21:40.0803 3520 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:21:40.0807 3520 RDPWD - ok
19:21:40.0873 3520 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:21:40.0876 3520 rdyboost - ok
19:21:40.0910 3520 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
19:21:40.0915 3520 RemoteAccess - ok
19:21:40.0946 3520 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:21:40.0952 3520 RemoteRegistry - ok
19:21:40.0982 3520 [ F85AE59A52885F4B09AADAFB23001A3B ] Rezip C:\windows\SYSTEM32\Rezip.exe
19:21:40.0988 3520 Rezip - ok
19:21:41.0027 3520 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
19:21:41.0030 3520 RFCOMM - ok
19:21:41.0108 3520 [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
19:21:41.0111 3520 RichVideo - ok
19:21:41.0138 3520 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:21:41.0143 3520 RpcEptMapper - ok
19:21:41.0179 3520 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
19:21:41.0182 3520 RpcLocator - ok
19:21:41.0201 3520 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\System32\rpcss.dll
19:21:41.0207 3520 RpcSs - ok
19:21:41.0243 3520 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:21:41.0246 3520 rspndr - ok
19:21:41.0275 3520 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
19:21:41.0279 3520 RTL8167 - ok
19:21:41.0325 3520 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\windows\system32\Drivers\SABI.sys
19:21:41.0326 3520 SABI - ok
19:21:41.0343 3520 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
19:21:41.0347 3520 SamSs - ok
19:21:41.0401 3520 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:21:41.0404 3520 sbp2port - ok
19:21:41.0453 3520 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
19:21:41.0459 3520 SCardSvr - ok
19:21:41.0503 3520 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:21:41.0505 3520 scfilter - ok
19:21:41.0555 3520 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
19:21:41.0565 3520 Schedule - ok
19:21:41.0585 3520 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
19:21:41.0587 3520 SCPolicySvc - ok
19:21:41.0630 3520 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:21:41.0636 3520 SDRSVC - ok
19:21:41.0666 3520 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:21:41.0668 3520 secdrv - ok
19:21:41.0682 3520 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
19:21:41.0685 3520 seclogon - ok
19:21:41.0705 3520 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
19:21:41.0710 3520 SENS - ok
19:21:41.0741 3520 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
19:21:41.0746 3520 SensrSvc - ok
19:21:41.0758 3520 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
19:21:41.0760 3520 Serenum - ok
19:21:41.0784 3520 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
19:21:41.0786 3520 Serial - ok
19:21:41.0801 3520 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
19:21:41.0803 3520 sermouse - ok
19:21:41.0865 3520 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
19:21:41.0871 3520 SessionEnv - ok
19:21:41.0921 3520 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:21:41.0923 3520 sffdisk - ok
19:21:41.0939 3520 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:21:41.0942 3520 sffp_mmc - ok
19:21:41.0953 3520 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:21:41.0955 3520 sffp_sd - ok
19:21:41.0986 3520 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
19:21:41.0988 3520 sfloppy - ok
19:21:42.0028 3520 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
19:21:42.0035 3520 SharedAccess - ok
19:21:42.0079 3520 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:21:42.0088 3520 ShellHWDetection - ok
19:21:42.0166 3520 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
19:21:42.0168 3520 sisagp - ok
19:21:42.0202 3520 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
19:21:42.0205 3520 SiSRaid2 - ok
19:21:42.0218 3520 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
19:21:42.0221 3520 SiSRaid4 - ok
19:21:42.0314 3520 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:21:42.0318 3520 SkypeUpdate - ok
19:21:42.0363 3520 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
19:21:42.0366 3520 Smb - ok
19:21:42.0420 3520 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:21:42.0424 3520 SNMPTRAP - ok
19:21:42.0433 3520 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
19:21:42.0435 3520 spldr - ok
19:21:42.0492 3520 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
19:21:42.0500 3520 Spooler - ok
19:21:42.0605 3520 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
19:21:42.0646 3520 sppsvc - ok
19:21:42.0695 3520 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:21:42.0700 3520 sppuinotify - ok
19:21:42.0751 3520 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
19:21:42.0757 3520 srv - ok
19:21:42.0773 3520 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:21:42.0778 3520 srv2 - ok
19:21:42.0790 3520 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:21:42.0792 3520 srvnet - ok
19:21:42.0835 3520 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\windows\system32\DRIVERS\sscdbus.sys
19:21:42.0838 3520 sscdbus - ok
19:21:42.0877 3520 [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl C:\windows\system32\DRIVERS\sscdmdfl.sys
19:21:42.0878 3520 sscdmdfl - ok
19:21:42.0903 3520 [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm C:\windows\system32\DRIVERS\sscdmdm.sys
19:21:42.0906 3520 sscdmdm - ok
19:21:42.0937 3520 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:21:42.0942 3520 SSDPSRV - ok
19:21:42.0998 3520 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
19:21:43.0001 3520 ssmdrv - ok
19:21:43.0033 3520 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
19:21:43.0039 3520 SstpSvc - ok
19:21:43.0072 3520 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
19:21:43.0074 3520 stexstor - ok
19:21:43.0114 3520 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\windows\system32\DRIVERS\serscan.sys
19:21:43.0116 3520 StillCam - ok
19:21:43.0190 3520 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
19:21:43.0200 3520 StiSvc - ok
19:21:43.0250 3520 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
19:21:43.0252 3520 swenum - ok
19:21:43.0283 3520 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
19:21:43.0291 3520 swprv - ok
19:21:43.0337 3520 [ 215A45246C6E2D0A9C263CE1786C8D8A ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:21:43.0342 3520 SynTP - ok
19:21:43.0414 3520 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
19:21:43.0434 3520 SysMain - ok
19:21:43.0494 3520 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
19:21:43.0501 3520 TabletInputService - ok
19:21:43.0560 3520 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
19:21:43.0567 3520 TapiSrv - ok
19:21:43.0611 3520 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
19:21:43.0617 3520 TBS - ok
19:21:43.0692 3520 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:21:43.0710 3520 Tcpip - ok
19:21:43.0742 3520 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:21:43.0754 3520 TCPIP6 - ok
19:21:43.0805 3520 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:21:43.0808 3520 tcpipreg - ok
19:21:43.0857 3520 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:21:43.0859 3520 TDPIPE - ok
19:21:43.0899 3520 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:21:43.0901 3520 TDTCP - ok
19:21:43.0943 3520 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:21:43.0946 3520 tdx - ok
19:21:44.0479 3520 [ 7C8DD5576695B3362202EF09B20C425E ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
19:21:44.0564 3520 TeamViewer8 - ok
19:21:44.0604 3520 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
19:21:44.0614 3520 TermDD - ok
19:21:44.0664 3520 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
19:21:44.0676 3520 TermService - ok
19:21:44.0699 3520 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
19:21:44.0703 3520 Themes - ok
19:21:44.0716 3520 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
19:21:44.0719 3520 THREADORDER - ok
19:21:44.0746 3520 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
19:21:44.0750 3520 TrkWks - ok
19:21:44.0866 3520 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:21:44.0869 3520 TrustedInstaller - ok
19:21:44.0940 3520 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:21:44.0959 3520 tssecsrv - ok
19:21:45.0034 3520 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:21:45.0047 3520 TsUsbFlt - ok
19:21:45.0116 3520 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:21:45.0126 3520 tunnel - ok
19:21:45.0147 3520 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
19:21:45.0149 3520 uagp35 - ok
19:21:45.0187 3520 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:21:45.0191 3520 udfs - ok
19:21:45.0233 3520 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:21:45.0238 3520 UI0Detect - ok
19:21:45.0279 3520 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:21:45.0281 3520 uliagpkx - ok
19:21:45.0327 3520 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
19:21:45.0329 3520 umbus - ok
19:21:45.0346 3520 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
19:21:45.0348 3520 UmPass - ok
19:21:45.0370 3520 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
19:21:45.0377 3520 upnphost - ok
19:21:45.0428 3520 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
19:21:45.0430 3520 USBAAPL - ok
19:21:45.0476 3520 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:21:45.0487 3520 usbccgp - ok
19:21:45.0527 3520 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:21:45.0529 3520 usbcir - ok
19:21:45.0575 3520 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
19:21:45.0583 3520 usbehci - ok
19:21:45.0615 3520 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:21:45.0620 3520 usbhub - ok
19:21:45.0649 3520 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:21:45.0651 3520 usbohci - ok
19:21:45.0707 3520 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:21:45.0717 3520 usbprint - ok
19:21:45.0757 3520 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
19:21:45.0759 3520 usbscan - ok
19:21:45.0809 3520 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:21:45.0812 3520 USBSTOR - ok
19:21:45.0836 3520 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:21:45.0838 3520 usbuhci - ok
19:21:45.0904 3520 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
19:21:45.0907 3520 usbvideo - ok
19:21:45.0946 3520 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
19:21:45.0952 3520 UxSms - ok
19:21:45.0964 3520 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
19:21:45.0968 3520 VaultSvc - ok
19:21:46.0000 3520 [ 94D73B62E458FB56C9CE60AA96D914F9 ] VClone C:\windows\system32\DRIVERS\VClone.sys
19:21:46.0002 3520 VClone - ok
19:21:46.0056 3520 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:21:46.0058 3520 vdrvroot - ok
19:21:46.0108 3520 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
19:21:46.0118 3520 vds - ok
19:21:46.0147 3520 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:21:46.0149 3520 vga - ok
19:21:46.0162 3520 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
19:21:46.0164 3520 VgaSave - ok
19:21:46.0216 3520 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:21:46.0220 3520 vhdmp - ok
19:21:46.0276 3520 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
19:21:46.0278 3520 viaagp - ok
19:21:46.0293 3520 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
19:21:46.0295 3520 ViaC7 - ok
19:21:46.0331 3520 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
19:21:46.0333 3520 viaide - ok
19:21:46.0382 3520 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:21:46.0384 3520 volmgr - ok
19:21:46.0407 3520 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:21:46.0412 3520 volmgrx - ok
19:21:46.0468 3520 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:21:46.0472 3520 volsnap - ok
19:21:46.0512 3520 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
19:21:46.0515 3520 vsmraid - ok
19:21:46.0583 3520 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
19:21:46.0600 3520 VSS - ok
19:21:46.0620 3520 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:21:46.0622 3520 vwifibus - ok
19:21:46.0632 3520 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:21:46.0635 3520 vwififlt - ok
19:21:46.0671 3520 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
19:21:46.0677 3520 W32Time - ok
19:21:46.0705 3520 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
19:21:46.0707 3520 WacomPen - ok
19:21:46.0734 3520 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:21:46.0737 3520 WANARP - ok
19:21:46.0742 3520 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:21:46.0743 3520 Wanarpv6 - ok
19:21:46.0856 3520 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:21:46.0875 3520 WatAdminSvc - ok
19:21:46.0913 3520 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
19:21:46.0933 3520 wbengine - ok
19:21:46.0984 3520 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:21:46.0991 3520 WbioSrvc - ok
19:21:47.0040 3520 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
19:21:47.0047 3520 wcncsvc - ok
19:21:47.0067 3520 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:21:47.0071 3520 WcsPlugInService - ok
19:21:47.0100 3520 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
19:21:47.0102 3520 Wd - ok
19:21:47.0155 3520 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:21:47.0163 3520 Wdf01000 - ok
19:21:47.0180 3520 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
19:21:47.0185 3520 WdiServiceHost - ok
19:21:47.0190 3520 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
19:21:47.0195 3520 WdiSystemHost - ok
19:21:47.0240 3520 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
19:21:47.0248 3520 WebClient - ok
19:21:47.0266 3520 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
19:21:47.0273 3520 Wecsvc - ok
19:21:47.0290 3520 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
19:21:47.0295 3520 wercplsupport - ok
19:21:47.0338 3520 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
19:21:47.0343 3520 WerSvc - ok
19:21:47.0379 3520 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:21:47.0381 3520 WfpLwf - ok
19:21:47.0411 3520 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:21:47.0413 3520 WIMMount - ok
19:21:47.0482 3520 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:21:47.0491 3520 WinDefend - ok
19:21:47.0518 3520 WinHttpAutoProxySvc - ok
19:21:47.0588 3520 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:21:47.0590 3520 Winmgmt - ok
19:21:47.0662 3520 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
19:21:47.0680 3520 WinRM - ok
19:21:47.0774 3520 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
19:21:47.0776 3520 WinUsb - ok
19:21:47.0822 3520 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
19:21:47.0836 3520 Wlansvc - ok
19:21:47.0917 3520 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:21:47.0919 3520 wlcrasvc - ok
19:21:47.0975 3520 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:21:47.0997 3520 wlidsvc - ok
19:21:48.0041 3520 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
19:21:48.0043 3520 WmiAcpi - ok
19:21:48.0072 3520 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:21:48.0076 3520 wmiApSrv - ok
19:21:48.0178 3520 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:21:48.0193 3520 WMPNetworkSvc - ok
19:21:48.0227 3520 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
19:21:48.0232 3520 WPCSvc - ok
19:21:48.0288 3520 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:21:48.0295 3520 WPDBusEnum - ok
19:21:48.0329 3520 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:21:48.0331 3520 ws2ifsl - ok
19:21:48.0343 3520 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
19:21:48.0348 3520 wscsvc - ok
19:21:48.0354 3520 WSearch - ok
19:21:48.0441 3520 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
19:21:48.0470 3520 wuauserv - ok
19:21:48.0513 3520 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:21:48.0515 3520 WudfPf - ok
19:21:48.0535 3520 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:21:48.0539 3520 WUDFRd - ok
19:21:48.0573 3520 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:21:48.0579 3520 wudfsvc - ok
19:21:48.0626 3520 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\windows\System32\wwansvc.dll
19:21:48.0633 3520 WwanSvc - ok
19:21:48.0682 3520 XDva394 - ok
19:21:48.0723 3520 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
19:21:48.0729 3520 yukonw7 - ok
19:21:48.0768 3520 ================ Scan global ===============================
19:21:48.0813 3520 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
19:21:48.0859 3520 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
19:21:48.0872 3520 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
19:21:48.0908 3520 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
19:21:48.0938 3520 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
19:21:48.0945 3520 [Global] - ok
19:21:48.0946 3520 ================ Scan MBR ==================================
19:21:48.0961 3520 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
19:21:49.0311 3520 \Device\Harddisk0\DR0 - ok
19:21:49.0312 3520 ================ Scan VBR ==================================
19:21:49.0316 3520 [ B4188F1BD6A42F15ADC7862F1F4A3241 ] \Device\Harddisk0\DR0\Partition1
19:21:49.0320 3520 \Device\Harddisk0\DR0\Partition1 - ok
19:21:49.0328 3520 [ 6C3BA21A09F747165F6189180793FBBF ] \Device\Harddisk0\DR0\Partition2
19:21:49.0330 3520 \Device\Harddisk0\DR0\Partition2 - ok
19:21:49.0355 3520 [ B81806EB51BFA2AB432F5C84E64E98B2 ] \Device\Harddisk0\DR0\Partition3
19:21:49.0357 3520 \Device\Harddisk0\DR0\Partition3 - ok
19:21:49.0358 3520 ============================================================
19:21:49.0358 3520 Scan finished
19:21:49.0358 3520 ============================================================
19:21:49.0373 4216 Detected object count: 0
19:21:49.0373 4216 Actual detected object count: 0

Alt 07.08.2013, 18:28   #12
markusg
/// Malware-holic
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



1. hatte ich nicht gesagt, beide Logs gleichzeitig?
2. sollte eig erst Combofix nach Anleitung kommen.
3. ist der TDSS Killer nicht nach Anleitung konfiguriert, bitte richtig lesen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.08.2013, 18:59   #13
Julius123
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-08-07.01 - expert 07.08.2013  19:31:46.2.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3566.2417 [GMT 2:00]
ausgeführt von:: c:\users\expert\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\0tbpw.pad
c:\programdata\NVIDIA
c:\programdata\NVIDIA\NvApps.xml
c:\programdata\NVIDIA\NvStarted
c:\users\expert\4.0
c:\users\expert\AppData\Roaming\.#
c:\users\expert\AppData\Roaming\14001.006
c:\users\expert\AppData\Roaming\14001.006\chrome.manifest
c:\users\expert\AppData\Roaming\14001.006\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.006\install.rdf
c:\users\expert\AppData\Roaming\14001.008
c:\users\expert\AppData\Roaming\14001.008\chrome.manifest
c:\users\expert\AppData\Roaming\14001.008\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.008\install.rdf
c:\users\expert\AppData\Roaming\14001.009
c:\users\expert\AppData\Roaming\14001.009\chrome.manifest
c:\users\expert\AppData\Roaming\14001.009\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.009\install.rdf
c:\users\expert\AppData\Roaming\14001.010
c:\users\expert\AppData\Roaming\14001.010\chrome.manifest
c:\users\expert\AppData\Roaming\14001.010\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.010\install.rdf
c:\users\expert\AppData\Roaming\14001.011
c:\users\expert\AppData\Roaming\14001.011\chrome.manifest
c:\users\expert\AppData\Roaming\14001.011\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.011\install.rdf
c:\users\expert\AppData\Roaming\14001.012
c:\users\expert\AppData\Roaming\14001.012\chrome.manifest
c:\users\expert\AppData\Roaming\14001.012\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.012\install.rdf
c:\users\expert\AppData\Roaming\14001.013
c:\users\expert\AppData\Roaming\14001.013\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.014
c:\users\expert\AppData\Roaming\14001.014\chrome.manifest
c:\users\expert\AppData\Roaming\14001.014\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.014\install.rdf
c:\users\expert\AppData\Roaming\14001.018
c:\users\expert\AppData\Roaming\14001.018\chrome.manifest
c:\users\expert\AppData\Roaming\14001.018\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.018\install.rdf
c:\users\expert\AppData\Roaming\14001.019
c:\users\expert\AppData\Roaming\14001.019\chrome.manifest
c:\users\expert\AppData\Roaming\14001.019\components\AcroFF.txt
c:\users\expert\AppData\Roaming\14001.019\install.rdf
c:\users\expert\AppData\Roaming\AcroIEHelpe.txt
c:\users\expert\AppData\Roaming\df8o1tcy.default.tmp
c:\users\expert\AppData\Roaming\srvblck5.tmp
c:\users\expert\AppData\Roaming\Sysutils_Update
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BrowserDefendert
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-07 bis 2013-08-07  ))))))))))))))))))))))))))))))
.
.
2013-08-07 17:48 . 2013-08-07 17:48	--------	d-----w-	c:\programdata\NVIDIA
2013-08-07 17:44 . 2013-08-07 17:44	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-08-07 17:44 . 2013-08-07 17:44	--------	d-----w-	c:\users\Maximilian\AppData\Local\temp
2013-08-07 17:44 . 2013-08-07 17:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-07 17:44 . 2013-08-07 17:44	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2013-08-07 17:16 . 2013-08-07 17:16	--------	d-----w-	c:\programdata\BrowserDefender
2013-08-07 17:16 . 2013-08-07 17:16	--------	d-----w-	c:\users\expert\AppData\Roaming\Delta
2013-08-07 17:16 . 2013-08-07 17:16	--------	d-----w-	c:\program files\Delta
2013-08-07 17:16 . 2013-08-07 17:16	--------	d-----w-	c:\users\expert\AppData\Roaming\BabSolution
2013-08-07 17:16 . 2013-08-07 17:16	--------	d-----w-	c:\users\expert\AppData\Roaming\DigitalSite
2013-08-07 17:16 . 2013-08-07 17:16	--------	d-----w-	c:\program files\OpenIt
2013-08-07 17:16 . 2013-08-07 17:16	--------	d-----w-	c:\program files\LyriXeeker
2013-08-06 22:04 . 2013-08-06 22:10	--------	d-----w-	C:\Netts
2013-08-06 21:39 . 2013-08-06 21:42	--------	d-----w-	c:\windows\system32\MRT
2013-08-06 21:35 . 2013-08-06 21:35	--------	d-----w-	c:\program files\NVIDIA Corporation
2013-08-06 20:59 . 2013-08-06 20:59	74136	----a-w-	c:\program files\Mozilla Firefox\breakpadinjector.dll
2013-08-06 20:59 . 2013-08-06 20:59	262552	----a-w-	c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-08-06 20:59 . 2013-08-06 20:59	26520	----a-w-	c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-08-06 20:59 . 2013-08-06 20:59	92056	----a-w-	c:\program files\Mozilla Firefox\webapprt-stub.exe
2013-08-06 20:59 . 2013-08-06 20:59	170232	----a-w-	c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2013-08-06 20:55 . 2013-08-06 20:55	--------	d-----w-	c:\users\expert\AppData\Roaming\Avira
2013-08-06 20:51 . 2013-08-06 20:51	--------	d-----w-	c:\programdata\AskPartnerNetwork
2013-08-06 20:51 . 2013-08-06 20:51	--------	d-----w-	c:\program files\AskPartnerNetwork
2013-08-06 20:50 . 2013-08-06 20:50	67168	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-08-06 20:50 . 2013-08-06 20:50	--------	d-----w-	c:\programdata\APN
2013-08-06 20:49 . 2013-07-18 06:02	84744	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-08-06 20:49 . 2013-07-18 06:02	135136	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-08-06 20:49 . 2013-03-06 14:13	37352	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-08-06 20:49 . 2013-08-06 20:49	--------	d-----w-	c:\programdata\Avira
2013-08-06 20:49 . 2013-08-06 20:49	--------	d-----w-	c:\program files\Avira
2013-08-06 20:37 . 2013-08-06 20:37	--------	d-----w-	c:\users\expert\AppData\Roaming\dll-files.com
2013-08-06 20:37 . 2013-08-06 20:37	--------	d-----w-	c:\programdata\Logs
2013-08-06 20:37 . 2013-04-11 14:12	17344	----a-w-	c:\windows\system32\roboot.exe
2013-08-06 20:37 . 2013-08-06 20:37	--------	d-----w-	c:\program files\Dll-Files.com Fixer
2013-08-05 18:33 . 2013-08-05 18:34	--------	d-----w-	c:\users\Florensia
2013-07-13 13:47 . 2013-07-13 13:47	--------	d-----w-	c:\program files\iPod
2013-07-13 13:47 . 2013-07-13 13:48	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2013-07-13 13:41 . 2013-07-13 13:41	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-07-13 13:41 . 2013-07-13 13:41	--------	d-----w-	c:\program files\QuickTime
2013-07-10 16:31 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\system32\DWrite.dll
2013-07-10 16:31 . 2013-06-05 03:05	2347520	----a-w-	c:\windows\system32\win32k.sys
2013-07-10 16:31 . 2013-06-04 04:53	509440	----a-w-	c:\windows\system32\qedit.dll
2013-07-10 16:31 . 2013-05-06 04:56	1620480	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-10 16:31 . 2013-04-10 05:03	936448	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 16:31 . 2013-04-10 05:04	1221632	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 16:31 . 2013-04-10 05:03	988672	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 16:31 . 2013-04-10 05:03	969216	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 16:31 . 2013-05-27 04:57	680960	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2013-07-10 16:31 . 2013-05-27 04:57	392704	----a-w-	c:\program files\Windows Defender\MpClient.dll
2013-07-10 16:31 . 2013-05-27 04:57	224768	----a-w-	c:\program files\Windows Defender\MpCommu.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-07 14:49 . 2013-08-07 14:49	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{679DA7BD-3BA0-46B5-8761-9A368BAD4AF5}\offreg.dll
2013-07-15 01:34 . 2013-08-06 21:15	7143960	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{679DA7BD-3BA0-46B5-8761-9A368BAD4AF5}\mpengine.dll
2013-07-13 13:57 . 2012-10-09 19:09	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-07-13 13:57 . 2011-06-15 10:20	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 18:28 . 2013-05-15 17:13	9089416	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
2013-05-13 04:45 . 2013-06-12 11:21	140288	----a-w-	c:\windows\system32\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 11:21	1160192	----a-w-	c:\windows\system32\crypt32.dll
2013-05-13 04:45 . 2013-06-12 11:21	103936	----a-w-	c:\windows\system32\cryptnet.dll
2013-05-13 03:08 . 2013-06-12 11:21	903168	----a-w-	c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 11:21	43008	----a-w-	c:\windows\system32\certenc.dll
2013-05-12 19:00 . 2010-06-24 09:33	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-11 18:33 . 2013-05-11 18:33	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-05-11 18:33 . 2013-05-11 18:34	866720	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-05-11 18:33 . 2011-01-23 19:13	788896	----a-w-	c:\windows\system32\deployJava1.dll
2013-05-10 03:20 . 2013-06-12 11:21	24576	----a-w-	c:\windows\system32\cryptdlg.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-07-26 20:30	12240	----a-w-	c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{5c819b39-cbc9-4faf-8bd2-9d0699eb330a}]
2013-08-06 20:42	137728	----a-w-	c:\program files\LyriXeeker\126.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-07-26 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-09-18 3077528]
"Akamai NetSession Interface"="c:\users\expert\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Spotify Web Helper"="c:\users\expert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-06 1104384]
"NTRedirect"="c:\users\expert\AppData\Roaming\BabSolution\Shared\NTRedirect.dll" [2013-08-04 127472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-29 7862816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-10 1578280]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-04 13830760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-07-18 345144]
"ApnTBMon"="c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-07-26 1558480]
.
c:\users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ctfmon.lnk - c:\programdata\lsass.exe c:\users\expert\AppData\Local\Temp\wpbt0.dll,GOF1 [2012-10-30 44544]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BROWSE~1\261519~1.190\{C16C1~1\BrowserDefender.dll
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 135664]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 135664]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-08-02 18432]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-09 1343400]
R3 XDva394;XDva394;c:\windows\system32\XDva394.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-06 37352]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2013-07-18 84024]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-07-18 589368]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-07-26 168400]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]
S2 Rezip;Rezip;c:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-30 20:15	1173456	----a-w-	c:\program files\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 13:57]
.
2013-08-06 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2013-08-06 14:12]
.
2013-08-06 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2013-08-06 14:12]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb6f8415f86c62.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 11:37]
.
2013-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 11:37]
.
2013-08-07 c:\windows\Tasks\LyricXeeker Update.job
- c:\program files\LyriXeeker\LyriXupdate.exe [2013-08-06 20:42]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5A77C417FECF25FC&affID=119357&tsp=4967
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3242337&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - ExtSQL: 2013-07-26 22:31; toolbar_AVIRA-V7@apn.ask.com; c:\users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF - ExtSQL: 2013-08-07 19:16; lyrix@lyrixeeker.co; c:\program files\LyriXeeker\126.xpi
FF - ExtSQL: 2013-08-07 19:16; ffxtlbr@delta.com; c:\users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\extensions\ffxtlbr@delta.com
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 5a77c441000000000000c417fecf25fc
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15924
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.019:16
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4967
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Ebyhli - c:\users\expert\AppData\Roaming\Pairs\faano.exe
HKLM-Run-RaidCall - c:\program files\raidcall\raidcall.exe
AddRemove-Free YouTube to MP3 Converter_is1 - c:\program files\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-GhostMouse 2.0 - c:\gmouse20\DeIsL1.isu
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files\Samsung\Samsung Update Plus\SUPBackground.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-07  19:54:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-08-07 17:54
.
Vor Suchlauf: 13 Verzeichnis(se), 117.073.965.056 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 118.629.470.208 Bytes frei
.
- - End Of File - - E15FAA0A1316560CB6E258A3850ECA7A
         
--- --- ---
2E5DEBB2116B3417023E0D6562D7ED07

19:56:22.0481 6108 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:56:22.0871 6108 ============================================================
19:56:22.0871 6108 Current date / time: 2013/08/07 19:56:22.0871
19:56:22.0871 6108 SystemInfo:
19:56:22.0871 6108
19:56:22.0871 6108 OS Version: 6.1.7601 ServicePack: 1.0
19:56:22.0871 6108 Product type: Workstation
19:56:22.0871 6108 ComputerName: EXPERT-PC
19:56:22.0871 6108 UserName: expert
19:56:22.0871 6108 Windows directory: C:\windows
19:56:22.0871 6108 System windows directory: C:\windows
19:56:22.0871 6108 Processor architecture: Intel x86
19:56:22.0871 6108 Number of processors: 4
19:56:22.0871 6108 Page size: 0x1000
19:56:22.0871 6108 Boot type: Normal boot
19:56:22.0871 6108 ============================================================
19:56:23.0461 6108 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:56:23.0481 6108 ============================================================
19:56:23.0481 6108 \Device\Harddisk0\DR0:
19:56:23.0481 6108 MBR partitions:
19:56:23.0481 6108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:56:23.0481 6108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x1C2A9000
19:56:23.0481 6108 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E0DB800, BlocksNum 0x1C2AA000
19:56:23.0481 6108 ============================================================
19:56:23.0591 6108 C: <-> \Device\Harddisk0\DR0\Partition2
19:56:23.0651 6108 D: <-> \Device\Harddisk0\DR0\Partition3
19:56:23.0651 6108 ============================================================
19:56:23.0651 6108 Initialize success
19:56:23.0661 6108 ============================================================
19:57:08.0268 5072 ============================================================
19:57:08.0268 5072 Scan started
19:57:08.0269 5072 Mode: Manual; SigCheck; TDLFS;
19:57:08.0269 5072 ============================================================
19:57:08.0592 5072 ================ Scan system memory ========================
19:57:08.0592 5072 System memory - ok
19:57:08.0593 5072 ================ Scan services =============================
19:57:09.0311 5072 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:57:09.0435 5072 1394ohci - ok
19:57:09.0504 5072 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:57:09.0536 5072 ACPI - ok
19:57:09.0589 5072 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:57:09.0709 5072 AcpiPmi - ok
19:57:09.0825 5072 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:57:09.0848 5072 AdobeFlashPlayerUpdateSvc - ok
19:57:09.0945 5072 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
19:57:10.0032 5072 adp94xx - ok
19:57:10.0118 5072 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
19:57:10.0179 5072 adpahci - ok
19:57:10.0207 5072 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
19:57:10.0233 5072 adpu320 - ok
19:57:10.0270 5072 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:57:10.0321 5072 AeLookupSvc - ok
19:57:10.0382 5072 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
19:57:10.0419 5072 AFD - ok
19:57:10.0469 5072 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
19:57:10.0480 5072 agp440 - ok
19:57:10.0527 5072 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
19:57:10.0544 5072 aic78xx - ok
19:57:10.0589 5072 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
19:57:10.0611 5072 ALG - ok
19:57:10.0652 5072 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
19:57:10.0702 5072 aliide - ok
19:57:10.0731 5072 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
19:57:10.0780 5072 amdagp - ok
19:57:10.0840 5072 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
19:57:10.0866 5072 amdide - ok
19:57:10.0916 5072 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
19:57:10.0976 5072 AmdK8 - ok
19:57:10.0997 5072 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
19:57:11.0038 5072 AmdPPM - ok
19:57:11.0115 5072 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
19:57:11.0172 5072 amdsata - ok
19:57:11.0203 5072 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
19:57:11.0227 5072 amdsbs - ok
19:57:11.0281 5072 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:57:11.0309 5072 amdxata - ok
19:57:11.0986 5072 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:57:12.0003 5072 AntiVirSchedulerService - ok
19:57:12.0075 5072 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:57:12.0091 5072 AntiVirService - ok
19:57:12.0170 5072 [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:57:12.0192 5072 AntiVirWebService - ok
19:57:12.0300 5072 [ D41231AECFEE88973D56AEC2EE5B962D ] APNMCP C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
19:57:12.0315 5072 APNMCP - ok
19:57:12.0409 5072 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
19:57:12.0496 5072 AppID - ok
19:57:12.0540 5072 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:57:12.0617 5072 AppIDSvc - ok
19:57:12.0703 5072 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\windows\System32\appinfo.dll
19:57:12.0731 5072 Appinfo - ok
19:57:12.0942 5072 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:57:12.0965 5072 Apple Mobile Device - ok
19:57:13.0173 5072 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
19:57:13.0230 5072 arc - ok
19:57:13.0251 5072 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
19:57:13.0296 5072 arcsas - ok
19:57:13.0344 5072 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:57:13.0371 5072 AsyncMac - ok
19:57:13.0495 5072 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
19:57:13.0507 5072 atapi - ok
19:57:13.0937 5072 [ 49F17A2E79469BE6581D491706720671 ] athr C:\windows\system32\DRIVERS\athr.sys
19:57:14.0103 5072 athr - ok
19:57:14.0306 5072 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:57:14.0372 5072 AudioEndpointBuilder - ok
19:57:14.0401 5072 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
19:57:14.0436 5072 Audiosrv - ok
19:57:14.0570 5072 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
19:57:14.0598 5072 avgntflt - ok
19:57:14.0640 5072 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
19:57:14.0665 5072 avipbb - ok
19:57:14.0782 5072 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
19:57:14.0887 5072 avkmgr - ok
19:57:14.0981 5072 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
19:57:15.0047 5072 AxInstSV - ok
19:57:15.0087 5072 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
19:57:15.0177 5072 b06bdrv - ok
19:57:15.0211 5072 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
19:57:15.0261 5072 b57nd60x - ok
19:57:15.0320 5072 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
19:57:15.0369 5072 BDESVC - ok
19:57:15.0384 5072 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
19:57:15.0415 5072 Beep - ok
19:57:15.0529 5072 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
19:57:15.0579 5072 BFE - ok
19:57:15.0711 5072 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
19:57:15.0756 5072 BITS - ok
19:57:15.0769 5072 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:57:15.0817 5072 blbdrive - ok
19:57:15.0889 5072 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:57:15.0914 5072 Bonjour Service - ok
19:57:15.0973 5072 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:57:16.0035 5072 bowser - ok
19:57:16.0067 5072 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
19:57:16.0152 5072 BrFiltLo - ok
19:57:16.0162 5072 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
19:57:16.0197 5072 BrFiltUp - ok
19:57:16.0277 5072 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
19:57:16.0419 5072 BridgeMP - ok
19:57:16.0485 5072 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
19:57:16.0511 5072 Browser - ok
19:57:16.0596 5072 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:57:16.0675 5072 Brserid - ok
19:57:16.0698 5072 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:57:16.0801 5072 BrSerWdm - ok
19:57:16.0876 5072 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:57:16.0958 5072 BrUsbMdm - ok
19:57:16.0971 5072 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:57:17.0024 5072 BrUsbSer - ok
19:57:17.0129 5072 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
19:57:17.0244 5072 BthEnum - ok
19:57:17.0290 5072 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
19:57:17.0361 5072 BTHMODEM - ok
19:57:17.0423 5072 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
19:57:17.0511 5072 BthPan - ok
19:57:17.0724 5072 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
19:57:17.0866 5072 BTHPORT - ok
19:57:17.0942 5072 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
19:57:18.0026 5072 bthserv - ok
19:57:18.0096 5072 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
19:57:18.0177 5072 BTHUSB - ok
19:57:18.0456 5072 catchme - ok
19:57:18.0502 5072 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:57:18.0576 5072 cdfs - ok
19:57:18.0684 5072 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
19:57:18.0777 5072 cdrom - ok
19:57:18.0889 5072 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
19:57:18.0998 5072 CertPropSvc - ok
19:57:19.0049 5072 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
19:57:19.0125 5072 circlass - ok
19:57:19.0165 5072 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
19:57:19.0196 5072 CLFS - ok
19:57:19.0551 5072 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:57:19.0615 5072 clr_optimization_v2.0.50727_32 - ok
19:57:19.0949 5072 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:57:19.0971 5072 clr_optimization_v4.0.30319_32 - ok
19:57:20.0000 5072 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:57:20.0034 5072 CmBatt - ok
19:57:20.0074 5072 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
19:57:20.0107 5072 cmdide - ok
19:57:20.0158 5072 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
19:57:20.0204 5072 CNG - ok
19:57:20.0244 5072 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
19:57:20.0258 5072 Compbatt - ok
19:57:20.0306 5072 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
19:57:20.0340 5072 CompositeBus - ok
19:57:20.0360 5072 COMSysApp - ok
19:57:20.0383 5072 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
19:57:20.0402 5072 crcdisk - ok
19:57:20.0488 5072 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\windows\system32\cryptsvc.dll
19:57:20.0513 5072 CryptSvc - ok
19:57:20.0694 5072 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
19:57:20.0744 5072 DcomLaunch - ok
19:57:20.0837 5072 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
19:57:20.0928 5072 defragsvc - ok
19:57:20.0989 5072 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:57:21.0041 5072 DfsC - ok
19:57:21.0095 5072 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
19:57:21.0157 5072 Dhcp - ok
19:57:21.0178 5072 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
19:57:21.0244 5072 discache - ok
19:57:21.0285 5072 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
19:57:21.0303 5072 Disk - ok
19:57:21.0357 5072 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:57:21.0431 5072 Dnscache - ok
19:57:21.0521 5072 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
19:57:21.0612 5072 dot3svc - ok
19:57:21.0722 5072 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
19:57:21.0821 5072 DPS - ok
19:57:21.0860 5072 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:57:21.0895 5072 drmkaud - ok
19:57:22.0193 5072 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:57:22.0277 5072 DXGKrnl - ok
19:57:22.0319 5072 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
19:57:22.0347 5072 EapHost - ok
19:57:22.0598 5072 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
19:57:22.0748 5072 ebdrv - ok
19:57:22.0835 5072 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
19:57:22.0860 5072 EFS - ok
19:57:23.0248 5072 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:57:23.0358 5072 ehRecvr - ok
19:57:23.0386 5072 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
19:57:23.0453 5072 ehSched - ok
19:57:23.0516 5072 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
19:57:23.0573 5072 elxstor - ok
19:57:23.0648 5072 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
19:57:23.0737 5072 ErrDev - ok
19:57:23.0869 5072 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
19:57:23.0921 5072 EventSystem - ok
19:57:23.0952 5072 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
19:57:24.0071 5072 exfat - ok
19:57:24.0180 5072 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
19:57:24.0248 5072 fastfat - ok
19:57:24.0469 5072 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
19:57:24.0520 5072 Fax - ok
19:57:24.0535 5072 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
19:57:24.0567 5072 fdc - ok
19:57:24.0593 5072 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
19:57:24.0628 5072 fdPHost - ok
19:57:24.0652 5072 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
19:57:24.0694 5072 FDResPub - ok
19:57:24.0711 5072 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:57:24.0728 5072 FileInfo - ok
19:57:24.0746 5072 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:57:24.0799 5072 Filetrace - ok
19:57:24.0812 5072 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
19:57:24.0842 5072 flpydisk - ok
19:57:24.0872 5072 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:57:24.0897 5072 FltMgr - ok
19:57:24.0960 5072 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\windows\system32\FntCache.dll
19:57:25.0025 5072 FontCache - ok
19:57:25.0081 5072 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:57:25.0116 5072 FontCache3.0.0.0 - ok
19:57:25.0149 5072 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:57:25.0176 5072 FsDepends - ok
19:57:25.0222 5072 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
19:57:25.0240 5072 fssfltr - ok
19:57:25.0549 5072 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:57:25.0606 5072 fsssvc - ok
19:57:25.0662 5072 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:57:25.0688 5072 Fs_Rec - ok
19:57:25.0804 5072 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:57:25.0835 5072 fvevol - ok
19:57:25.0888 5072 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
19:57:25.0909 5072 gagp30kx - ok
19:57:25.0946 5072 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:57:25.0959 5072 GEARAspiWDM - ok
19:57:26.0134 5072 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
19:57:26.0197 5072 gpsvc - ok
19:57:26.0366 5072 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:57:26.0385 5072 gupdate - ok
19:57:26.0406 5072 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:57:26.0416 5072 gupdatem - ok
19:57:26.0471 5072 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
19:57:26.0496 5072 hamachi - ok
19:57:26.0535 5072 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:57:26.0599 5072 hcw85cir - ok
19:57:26.0681 5072 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:57:26.0734 5072 HdAudAddService - ok
19:57:26.0806 5072 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
19:57:26.0853 5072 HDAudBus - ok
19:57:26.0882 5072 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
19:57:26.0922 5072 HidBatt - ok
19:57:26.0940 5072 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:57:26.0991 5072 HidBth - ok
19:57:27.0009 5072 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
19:57:27.0042 5072 HidIr - ok
19:57:27.0076 5072 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
19:57:27.0122 5072 hidserv - ok
19:57:27.0199 5072 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:57:27.0227 5072 HidUsb - ok
19:57:27.0285 5072 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
19:57:27.0334 5072 hkmsvc - ok
19:57:27.0383 5072 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:57:27.0438 5072 HomeGroupListener - ok
19:57:27.0482 5072 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:57:27.0523 5072 HomeGroupProvider - ok
19:57:27.0598 5072 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:57:27.0633 5072 HpSAMD - ok
19:57:27.0682 5072 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:57:27.0718 5072 HTTP - ok
19:57:27.0774 5072 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:57:27.0792 5072 hwpolicy - ok
19:57:27.0858 5072 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
19:57:27.0887 5072 i8042prt - ok
19:57:27.0968 5072 [ EDF5ECC965FAAA533D35E02F47B9132E ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:57:27.0996 5072 iaStor - ok
19:57:28.0064 5072 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:57:28.0121 5072 iaStorV - ok
19:57:28.0292 5072 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:57:28.0349 5072 idsvc - ok
19:57:29.0071 5072 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
19:57:29.0298 5072 igfx - ok
19:57:29.0351 5072 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
19:57:29.0382 5072 iirsp - ok
19:57:29.0638 5072 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
19:57:29.0689 5072 IKEEXT - ok
19:57:29.0760 5072 [ 2DB41BA61D5E44D0667CF126D35DCF34 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
19:57:29.0811 5072 Impcd - ok
19:57:30.0114 5072 [ 0A0E3C041C20C4175E1CC6580138CA38 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
19:57:30.0178 5072 IntcAzAudAddService - ok
19:57:30.0270 5072 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
19:57:30.0321 5072 intelide - ok
19:57:30.0365 5072 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:57:30.0389 5072 intelppm - ok
19:57:30.0419 5072 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:57:30.0461 5072 IPBusEnum - ok
19:57:30.0547 5072 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:57:30.0580 5072 IpFilterDriver - ok
19:57:30.0639 5072 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:57:30.0690 5072 iphlpsvc - ok
19:57:30.0739 5072 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:57:30.0767 5072 IPMIDRV - ok
19:57:30.0796 5072 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:57:30.0842 5072 IPNAT - ok
19:57:30.0933 5072 [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:57:30.0965 5072 iPod Service - ok
19:57:31.0018 5072 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
19:57:31.0156 5072 IRENUM - ok
19:57:31.0213 5072 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:57:31.0252 5072 isapnp - ok
19:57:31.0318 5072 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:57:31.0363 5072 iScsiPrt - ok
19:57:31.0408 5072 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
19:57:31.0420 5072 kbdclass - ok
19:57:31.0471 5072 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
19:57:31.0524 5072 kbdhid - ok
19:57:31.0544 5072 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
19:57:31.0566 5072 KeyIso - ok
19:57:31.0663 5072 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:57:31.0696 5072 KSecDD - ok
19:57:31.0756 5072 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:57:31.0795 5072 KSecPkg - ok
19:57:31.0824 5072 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
19:57:31.0878 5072 KtmRm - ok
19:57:31.0924 5072 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
19:57:31.0965 5072 LanmanServer - ok
19:57:31.0977 5072 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:57:32.0020 5072 LanmanWorkstation - ok
19:57:32.0070 5072 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:57:32.0136 5072 lltdio - ok
19:57:32.0208 5072 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
19:57:32.0289 5072 lltdsvc - ok
19:57:32.0329 5072 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
19:57:32.0408 5072 lmhosts - ok
19:57:32.0441 5072 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
19:57:32.0464 5072 LSI_FC - ok
19:57:32.0498 5072 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
19:57:32.0529 5072 LSI_SAS - ok
19:57:32.0540 5072 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
19:57:32.0559 5072 LSI_SAS2 - ok
19:57:32.0577 5072 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
19:57:32.0604 5072 LSI_SCSI - ok
19:57:32.0620 5072 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
19:57:32.0680 5072 luafv - ok
19:57:32.0737 5072 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:57:32.0769 5072 Mcx2Svc - ok
19:57:32.0912 5072 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:57:32.0939 5072 MDM - ok
19:57:32.0979 5072 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
19:57:33.0033 5072 megasas - ok
19:57:33.0064 5072 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
19:57:33.0095 5072 MegaSR - ok
19:57:33.0118 5072 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
19:57:33.0148 5072 MMCSS - ok
19:57:33.0192 5072 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
19:57:33.0251 5072 Modem - ok
19:57:33.0305 5072 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:57:33.0336 5072 monitor - ok
19:57:33.0390 5072 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
19:57:33.0420 5072 mouclass - ok
19:57:33.0475 5072 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:57:33.0503 5072 mouhid - ok
19:57:33.0539 5072 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:57:33.0552 5072 mountmgr - ok
19:57:33.0686 5072 [ E6DB6C61739E18906DC2C4191F6EDEA2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:57:33.0733 5072 MozillaMaintenance - ok
19:57:33.0785 5072 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
19:57:33.0830 5072 mpio - ok
19:57:33.0853 5072 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:57:33.0912 5072 mpsdrv - ok
19:57:34.0062 5072 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
19:57:34.0152 5072 MpsSvc - ok
19:57:34.0201 5072 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:57:34.0234 5072 MRxDAV - ok
19:57:34.0284 5072 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:57:34.0350 5072 mrxsmb - ok
19:57:34.0422 5072 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:57:34.0510 5072 mrxsmb10 - ok
19:57:34.0534 5072 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:57:34.0600 5072 mrxsmb20 - ok
19:57:34.0652 5072 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
19:57:34.0679 5072 msahci - ok
19:57:34.0753 5072 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:57:34.0817 5072 msdsm - ok
19:57:34.0845 5072 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
19:57:34.0879 5072 MSDTC - ok
19:57:34.0929 5072 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
19:57:34.0973 5072 Msfs - ok
19:57:34.0986 5072 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:57:35.0052 5072 mshidkmdf - ok
19:57:35.0092 5072 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:57:35.0107 5072 msisadrv - ok
19:57:35.0190 5072 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:57:35.0254 5072 MSiSCSI - ok
19:57:35.0257 5072 msiserver - ok
19:57:35.0293 5072 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:57:35.0323 5072 MSKSSRV - ok
19:57:35.0374 5072 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:57:35.0468 5072 MSPCLOCK - ok
19:57:35.0472 5072 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:57:35.0504 5072 MSPQM - ok
19:57:35.0606 5072 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:57:35.0663 5072 MsRPC - ok
19:57:35.0722 5072 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
19:57:35.0743 5072 mssmbios - ok
19:57:35.0793 5072 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:57:35.0836 5072 MSTEE - ok
19:57:35.0893 5072 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
19:57:35.0970 5072 MTConfig - ok
19:57:35.0988 5072 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
19:57:36.0004 5072 Mup - ok
19:57:36.0122 5072 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
19:57:36.0214 5072 napagent - ok
19:57:36.0262 5072 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:57:36.0296 5072 NativeWifiP - ok
19:57:36.0386 5072 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
19:57:36.0428 5072 NDIS - ok
19:57:36.0457 5072 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:57:36.0502 5072 NdisCap - ok
19:57:36.0528 5072 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:57:36.0571 5072 NdisTapi - ok
19:57:36.0610 5072 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:57:36.0663 5072 Ndisuio - ok
19:57:36.0731 5072 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:57:36.0813 5072 NdisWan - ok
19:57:36.0867 5072 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:57:36.0917 5072 NDProxy - ok
19:57:36.0969 5072 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\windows\system32\DRIVERS\netaapl.sys
19:57:37.0005 5072 Netaapl - ok
19:57:37.0081 5072 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:57:37.0131 5072 NetBIOS - ok
19:57:37.0211 5072 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:57:37.0294 5072 NetBT - ok
19:57:37.0311 5072 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
19:57:37.0326 5072 Netlogon - ok
19:57:37.0376 5072 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
19:57:37.0417 5072 Netman - ok
19:57:37.0504 5072 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
19:57:37.0559 5072 netprofm - ok
19:57:37.0599 5072 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:57:37.0631 5072 NetTcpPortSharing - ok
19:57:37.0666 5072 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
19:57:37.0683 5072 nfrd960 - ok
19:57:37.0718 5072 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
19:57:37.0753 5072 NlaSvc - ok
19:57:37.0765 5072 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
19:57:37.0811 5072 Npfs - ok
19:57:37.0871 5072 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
19:57:37.0942 5072 nsi - ok
19:57:37.0962 5072 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:57:38.0019 5072 nsiproxy - ok
19:57:38.0251 5072 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:57:38.0282 5072 Ntfs - ok
19:57:38.0347 5072 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
19:57:38.0388 5072 Null - ok
19:57:38.0517 5072 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\windows\system32\drivers\nvhda32v.sys
19:57:38.0555 5072 NVHDA - ok
19:57:38.0879 5072 [ 104C0FE08DD64965CF788D91CCBB2CC6 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
19:57:39.0063 5072 nvlddmkm - ok
19:57:39.0090 5072 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
19:57:39.0121 5072 nvraid - ok
19:57:39.0180 5072 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
19:57:39.0225 5072 nvstor - ok
19:57:39.0256 5072 [ 63A9CACE87C31A46BDF4AD448D9A033A ] nvsvc C:\windows\system32\nvvsvc.exe
19:57:39.0270 5072 nvsvc - ok
19:57:39.0324 5072 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:57:39.0361 5072 nv_agp - ok
19:57:39.0423 5072 [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
19:57:39.0439 5072 OberonGameConsoleService - ok
19:57:39.0536 5072 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:57:39.0581 5072 odserv - ok
19:57:39.0621 5072 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:57:39.0665 5072 ohci1394 - ok
19:57:39.0703 5072 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:57:39.0727 5072 ose - ok
19:57:39.0778 5072 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:57:39.0819 5072 p2pimsvc - ok
19:57:39.0846 5072 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
19:57:39.0878 5072 p2psvc - ok
19:57:39.0898 5072 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
19:57:39.0924 5072 Parport - ok
19:57:39.0967 5072 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
19:57:39.0996 5072 partmgr - ok
19:57:40.0008 5072 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
19:57:40.0036 5072 Parvdm - ok
19:57:40.0054 5072 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
19:57:40.0084 5072 PcaSvc - ok
19:57:40.0140 5072 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
19:57:40.0175 5072 pci - ok
19:57:40.0216 5072 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
19:57:40.0230 5072 pciide - ok
19:57:40.0248 5072 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
19:57:40.0271 5072 pcmcia - ok
19:57:40.0283 5072 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
19:57:40.0299 5072 pcw - ok
19:57:40.0420 5072 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:57:40.0503 5072 PEAUTH - ok
19:57:40.0599 5072 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
19:57:40.0692 5072 pla - ok
19:57:40.0737 5072 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:57:40.0754 5072 PlugPlay - ok
19:57:40.0783 5072 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:57:40.0804 5072 PNRPAutoReg - ok
19:57:40.0831 5072 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:57:40.0846 5072 PNRPsvc - ok
19:57:40.0868 5072 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:57:40.0898 5072 PolicyAgent - ok
19:57:40.0946 5072 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
19:57:40.0987 5072 Power - ok
19:57:41.0028 5072 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:57:41.0082 5072 PptpMiniport - ok
19:57:41.0100 5072 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
19:57:41.0142 5072 Processor - ok
19:57:41.0198 5072 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
19:57:41.0237 5072 ProfSvc - ok
19:57:41.0254 5072 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
19:57:41.0266 5072 ProtectedStorage - ok
19:57:41.0308 5072 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:57:41.0353 5072 Psched - ok
19:57:41.0394 5072 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
19:57:41.0450 5072 ql2300 - ok
19:57:41.0478 5072 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
19:57:41.0508 5072 ql40xx - ok
19:57:41.0571 5072 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
19:57:41.0637 5072 QWAVE - ok
19:57:41.0653 5072 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:57:41.0693 5072 QWAVEdrv - ok
19:57:41.0714 5072 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:57:41.0762 5072 RasAcd - ok
19:57:41.0814 5072 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:57:41.0844 5072 RasAgileVpn - ok
19:57:41.0879 5072 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
19:57:41.0932 5072 RasAuto - ok
19:57:41.0963 5072 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:57:42.0001 5072 Rasl2tp - ok
19:57:42.0062 5072 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
19:57:42.0107 5072 RasMan - ok
19:57:42.0122 5072 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:57:42.0164 5072 RasPppoe - ok
19:57:42.0177 5072 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:57:42.0220 5072 RasSstp - ok
19:57:42.0261 5072 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:57:42.0304 5072 rdbss - ok
19:57:42.0315 5072 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
19:57:42.0333 5072 rdpbus - ok
19:57:42.0379 5072 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:57:42.0454 5072 RDPCDD - ok
19:57:42.0487 5072 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:57:42.0520 5072 RDPENCDD - ok
19:57:42.0533 5072 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:57:42.0558 5072 RDPREFMP - ok
19:57:42.0677 5072 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
19:57:42.0731 5072 RdpVideoMiniport - ok
19:57:42.0781 5072 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:57:42.0839 5072 RDPWD - ok
19:57:42.0918 5072 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:57:42.0957 5072 rdyboost - ok
19:57:42.0988 5072 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
19:57:43.0080 5072 RemoteAccess - ok
19:57:43.0112 5072 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:57:43.0147 5072 RemoteRegistry - ok
19:57:43.0192 5072 [ F85AE59A52885F4B09AADAFB23001A3B ] Rezip C:\windows\SYSTEM32\Rezip.exe
19:57:43.0217 5072 Rezip ( UnsignedFile.Multi.Generic ) - warning
19:57:43.0217 5072 Rezip - detected UnsignedFile.Multi.Generic (1)
19:57:43.0260 5072 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
19:57:43.0298 5072 RFCOMM - ok
19:57:43.0431 5072 [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
19:57:43.0453 5072 RichVideo - ok
19:57:43.0494 5072 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:57:43.0567 5072 RpcEptMapper - ok
19:57:43.0601 5072 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
19:57:43.0627 5072 RpcLocator - ok
19:57:43.0644 5072 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\System32\rpcss.dll
19:57:43.0675 5072 RpcSs - ok
19:57:43.0710 5072 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:57:43.0759 5072 rspndr - ok
19:57:43.0808 5072 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
19:57:43.0848 5072 RTL8167 - ok
19:57:43.0891 5072 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\windows\system32\Drivers\SABI.sys
19:57:43.0943 5072 SABI - ok
19:57:43.0954 5072 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
19:57:43.0970 5072 SamSs - ok
19:57:44.0023 5072 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:57:44.0071 5072 sbp2port - ok
19:57:44.0098 5072 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
19:57:44.0146 5072 SCardSvr - ok
19:57:44.0192 5072 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:57:44.0235 5072 scfilter - ok
19:57:44.0379 5072 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
19:57:44.0425 5072 Schedule - ok
19:57:44.0440 5072 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
19:57:44.0467 5072 SCPolicySvc - ok
19:57:44.0507 5072 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:57:44.0561 5072 SDRSVC - ok
19:57:44.0599 5072 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:57:44.0654 5072 secdrv - ok
19:57:44.0704 5072 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
19:57:44.0746 5072 seclogon - ok
19:57:44.0782 5072 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
19:57:44.0830 5072 SENS - ok
19:57:44.0863 5072 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
19:57:44.0904 5072 SensrSvc - ok
19:57:44.0924 5072 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
19:57:44.0943 5072 Serenum - ok
19:57:44.0972 5072 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
19:57:44.0993 5072 Serial - ok
19:57:45.0012 5072 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
19:57:45.0040 5072 sermouse - ok
19:57:45.0087 5072 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
19:57:45.0136 5072 SessionEnv - ok
19:57:45.0176 5072 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:57:45.0217 5072 sffdisk - ok
19:57:45.0228 5072 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:57:45.0253 5072 sffp_mmc - ok
19:57:45.0264 5072 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:57:45.0286 5072 sffp_sd - ok
19:57:45.0319 5072 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
19:57:45.0343 5072 sfloppy - ok
19:57:45.0395 5072 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
19:57:45.0466 5072 SharedAccess - ok
19:57:45.0568 5072 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:57:45.0610 5072 ShellHWDetection - ok
19:57:45.0664 5072 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
19:57:45.0682 5072 sisagp - ok
19:57:45.0713 5072 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
19:57:45.0730 5072 SiSRaid2 - ok
19:57:45.0751 5072 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
19:57:45.0770 5072 SiSRaid4 - ok
19:57:45.0870 5072 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:57:45.0941 5072 SkypeUpdate - ok
19:57:45.0985 5072 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
19:57:46.0020 5072 Smb - ok
19:57:46.0075 5072 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:57:46.0090 5072 SNMPTRAP - ok
19:57:46.0099 5072 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
19:57:46.0114 5072 spldr - ok
19:57:46.0193 5072 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
19:57:46.0224 5072 Spooler - ok
19:57:46.0454 5072 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
19:57:46.0536 5072 sppsvc - ok
19:57:46.0584 5072 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:57:46.0631 5072 sppuinotify - ok
19:57:46.0729 5072 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
19:57:46.0789 5072 srv - ok
19:57:46.0805 5072 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:57:46.0838 5072 srv2 - ok
19:57:46.0855 5072 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:57:46.0893 5072 srvnet - ok
19:57:46.0957 5072 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\windows\system32\DRIVERS\sscdbus.sys
19:57:47.0006 5072 sscdbus - ok
19:57:47.0054 5072 [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl C:\windows\system32\DRIVERS\sscdmdfl.sys
19:57:47.0075 5072 sscdmdfl - ok
19:57:47.0091 5072 [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm C:\windows\system32\DRIVERS\sscdmdm.sys
19:57:47.0125 5072 sscdmdm - ok
19:57:47.0159 5072 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:57:47.0204 5072 SSDPSRV - ok
19:57:47.0264 5072 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
19:57:47.0277 5072 ssmdrv - ok
19:57:47.0310 5072 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
19:57:47.0352 5072 SstpSvc - ok
19:57:47.0382 5072 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
19:57:47.0399 5072 stexstor - ok
19:57:47.0424 5072 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\windows\system32\DRIVERS\serscan.sys
19:57:47.0452 5072 StillCam - ok
19:57:47.0512 5072 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
19:57:47.0553 5072 StiSvc - ok
19:57:47.0594 5072 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
19:57:47.0609 5072 swenum - ok
19:57:47.0637 5072 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
19:57:47.0699 5072 swprv - ok
19:57:47.0748 5072 [ 215A45246C6E2D0A9C263CE1786C8D8A ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:57:47.0782 5072 SynTP - ok
19:57:47.0848 5072 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
19:57:47.0906 5072 SysMain - ok
19:57:47.0949 5072 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
19:57:48.0002 5072 TabletInputService - ok
19:57:48.0071 5072 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
19:57:48.0109 5072 TapiSrv - ok
19:57:48.0132 5072 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
19:57:48.0171 5072 TBS - ok
19:57:48.0243 5072 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:57:48.0274 5072 Tcpip - ok
19:57:48.0311 5072 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:57:48.0342 5072 TCPIP6 - ok
19:57:48.0394 5072 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:57:48.0423 5072 tcpipreg - ok
19:57:48.0467 5072 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:57:48.0497 5072 TDPIPE - ok
19:57:48.0542 5072 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:57:48.0579 5072 TDTCP - ok
19:57:48.0620 5072 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:57:48.0668 5072 tdx - ok
19:57:49.0112 5072 [ 7C8DD5576695B3362202EF09B20C425E ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
19:57:49.0206 5072 TeamViewer8 - ok
19:57:49.0248 5072 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
19:57:49.0265 5072 TermDD - ok
19:57:49.0318 5072 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
19:57:49.0360 5072 TermService - ok
19:57:49.0387 5072 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
19:57:49.0410 5072 Themes - ok
19:57:49.0426 5072 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
19:57:49.0455 5072 THREADORDER - ok
19:57:49.0490 5072 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
19:57:49.0519 5072 TrkWks - ok
19:57:49.0610 5072 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:57:49.0658 5072 TrustedInstaller - ok
19:57:49.0695 5072 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:57:49.0745 5072 tssecsrv - ok
19:57:49.0811 5072 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:57:49.0861 5072 TsUsbFlt - ok
19:57:49.0904 5072 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:57:49.0944 5072 tunnel - ok
19:57:49.0968 5072 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
19:57:50.0113 5072 uagp35 - ok
19:57:50.0198 5072 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:57:50.0291 5072 udfs - ok
19:57:50.0343 5072 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:57:50.0385 5072 UI0Detect - ok
19:57:50.0433 5072 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:57:50.0452 5072 uliagpkx - ok
19:57:50.0505 5072 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
19:57:50.0561 5072 umbus - ok
19:57:50.0601 5072 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
19:57:50.0640 5072 UmPass - ok
19:57:50.0670 5072 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
19:57:50.0717 5072 upnphost - ok
19:57:50.0760 5072 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
19:57:50.0793 5072 USBAAPL - ok
19:57:50.0842 5072 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:57:50.0906 5072 usbccgp - ok
19:57:50.0948 5072 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:57:51.0001 5072 usbcir - ok
19:57:51.0040 5072 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
19:57:51.0067 5072 usbehci - ok
19:57:51.0103 5072 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:57:51.0133 5072 usbhub - ok
19:57:51.0148 5072 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:57:51.0164 5072 usbohci - ok
19:57:51.0217 5072 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:57:51.0247 5072 usbprint - ok
19:57:51.0267 5072 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
19:57:51.0301 5072 usbscan - ok
19:57:51.0342 5072 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:57:51.0471 5072 USBSTOR - ok
19:57:51.0491 5072 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:57:51.0521 5072 usbuhci - ok
19:57:51.0592 5072 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
19:57:51.0630 5072 usbvideo - ok
19:57:51.0658 5072 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
19:57:51.0688 5072 UxSms - ok
19:57:51.0698 5072 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
19:57:51.0711 5072 VaultSvc - ok
19:57:51.0755 5072 [ 94D73B62E458FB56C9CE60AA96D914F9 ] VClone C:\windows\system32\DRIVERS\VClone.sys
19:57:51.0791 5072 VClone - ok
19:57:51.0834 5072 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:57:51.0854 5072 vdrvroot - ok
19:57:51.0908 5072 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
19:57:51.0978 5072 vds - ok
19:57:52.0025 5072 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:57:52.0056 5072 vga - ok
19:57:52.0073 5072 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
19:57:52.0114 5072 VgaSave - ok
19:57:52.0160 5072 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:57:52.0186 5072 vhdmp - ok
19:57:52.0220 5072 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
19:57:52.0242 5072 viaagp - ok
19:57:52.0259 5072 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
19:57:52.0295 5072 ViaC7 - ok
19:57:52.0331 5072 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
19:57:52.0351 5072 viaide - ok
19:57:52.0393 5072 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:57:52.0420 5072 volmgr - ok
19:57:52.0451 5072 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:57:52.0471 5072 volmgrx - ok
19:57:52.0512 5072 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:57:52.0542 5072 volsnap - ok
19:57:52.0578 5072 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
19:57:52.0602 5072 vsmraid - ok
19:57:52.0695 5072 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
19:57:52.0765 5072 VSS - ok
19:57:52.0776 5072 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:57:52.0805 5072 vwifibus - ok
19:57:52.0821 5072 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:57:52.0848 5072 vwififlt - ok
19:57:52.0881 5072 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
19:57:52.0914 5072 W32Time - ok
19:57:52.0939 5072 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
19:57:52.0956 5072 WacomPen - ok
19:57:52.0979 5072 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:57:53.0036 5072 WANARP - ok
19:57:53.0039 5072 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:57:53.0066 5072 Wanarpv6 - ok
19:57:53.0158 5072 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:57:53.0237 5072 WatAdminSvc - ok
19:57:53.0276 5072 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
19:57:53.0361 5072 wbengine - ok
19:57:53.0406 5072 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:57:53.0436 5072 WbioSrvc - ok
19:57:53.0484 5072 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
19:57:53.0522 5072 wcncsvc - ok
19:57:53.0534 5072 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:57:53.0590 5072 WcsPlugInService - ok
19:57:53.0622 5072 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
19:57:53.0646 5072 Wd - ok
19:57:53.0699 5072 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:57:53.0745 5072 Wdf01000 - ok
19:57:53.0757 5072 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
19:57:53.0786 5072 WdiServiceHost - ok
19:57:53.0789 5072 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
19:57:53.0805 5072 WdiSystemHost - ok
19:57:53.0851 5072 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
19:57:53.0909 5072 WebClient - ok
19:57:53.0933 5072 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
19:57:53.0971 5072 Wecsvc - ok
19:57:53.0990 5072 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
19:57:54.0036 5072 wercplsupport - ok
19:57:54.0071 5072 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
19:57:54.0105 5072 WerSvc - ok
19:57:54.0145 5072 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:57:54.0183 5072 WfpLwf - ok
19:57:54.0211 5072 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:57:54.0231 5072 WIMMount - ok
19:57:54.0294 5072 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:57:54.0365 5072 WinDefend - ok
19:57:54.0385 5072 WinHttpAutoProxySvc - ok
19:57:54.0499 5072 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:57:54.0579 5072 Winmgmt - ok
19:57:54.0640 5072 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
19:57:54.0731 5072 WinRM - ok
19:57:54.0785 5072 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
19:57:54.0818 5072 WinUsb - ok
19:57:54.0854 5072 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
19:57:54.0886 5072 Wlansvc - ok
19:57:54.0973 5072 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:57:54.0998 5072 wlcrasvc - ok
19:57:55.0084 5072 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:57:55.0142 5072 wlidsvc - ok
19:57:55.0174 5072 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
19:57:55.0206 5072 WmiAcpi - ok
19:57:55.0238 5072 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:57:55.0271 5072 wmiApSrv - ok
19:57:55.0368 5072 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:57:55.0417 5072 WMPNetworkSvc - ok
19:57:55.0460 5072 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
19:57:55.0491 5072 WPCSvc - ok
19:57:55.0532 5072 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:57:55.0560 5072 WPDBusEnum - ok
19:57:55.0596 5072 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:57:55.0649 5072 ws2ifsl - ok
19:57:55.0676 5072 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
19:57:55.0699 5072 wscsvc - ok
19:57:55.0702 5072 WSearch - ok
19:57:55.0788 5072 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
19:57:55.0857 5072 wuauserv - ok
19:57:55.0890 5072 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:57:55.0925 5072 WudfPf - ok
19:57:55.0945 5072 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:57:55.0978 5072 WUDFRd - ok
19:57:56.0017 5072 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:57:56.0052 5072 wudfsvc - ok
19:57:56.0093 5072 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\windows\System32\wwansvc.dll
19:57:56.0154 5072 WwanSvc - ok
19:57:56.0200 5072 XDva394 - ok
19:57:56.0246 5072 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
19:57:56.0315 5072 yukonw7 - ok
19:57:56.0345 5072 ================ Scan global ===============================
19:57:56.0390 5072 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
19:57:56.0437 5072 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
19:57:56.0463 5072 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
19:57:56.0508 5072 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
19:57:56.0572 5072 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
19:57:56.0578 5072 [Global] - ok
19:57:56.0578 5072 ================ Scan MBR ==================================
19:57:56.0594 5072 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
19:57:57.0048 5072 \Device\Harddisk0\DR0 - ok
19:57:57.0049 5072 ================ Scan VBR ==================================
19:57:57.0068 5072 [ B4188F1BD6A42F15ADC7862F1F4A3241 ] \Device\Harddisk0\DR0\Partition1
19:57:57.0070 5072 \Device\Harddisk0\DR0\Partition1 - ok
19:57:57.0083 5072 [ 6C3BA21A09F747165F6189180793FBBF ] \Device\Harddisk0\DR0\Partition2
19:57:57.0086 5072 \Device\Harddisk0\DR0\Partition2 - ok
19:57:57.0110 5072 [ B81806EB51BFA2AB432F5C84E64E98B2 ] \Device\Harddisk0\DR0\Partition3
19:57:57.0113 5072 \Device\Harddisk0\DR0\Partition3 - ok
19:57:57.0113 5072 ============================================================
19:57:57.0113 5072 Scan finished
19:57:57.0113 5072 ============================================================
19:57:57.0135 5736 Detected object count: 1
19:57:57.0135 5736 Actual detected object count: 1
19:58:02.0468 5736 Rezip ( UnsignedFile.Multi.Generic ) - skipped by user
19:58:02.0468 5736 Rezip ( UnsignedFile.Multi.Generic ) - User select action: Skip

So, jetzt

Tut mir leid, aber Combo Fix hat bei mir ewig gedauert

Alt 07.08.2013, 18:59   #14
markusg
/// Malware-holic
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)



hi, neustarten und FRST nach vorheriger Anleitung ausführen, anweisung für additions.txt nicht vergessen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.08.2013, 19:11   #15
Julius123
 
Bitte kurz meine Logs auswerten :) - Standard

Bitte kurz meine Logs auswerten :)




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-08-2013 03
Ran by expert (administrator) on 07-08-2013 20:08:37
Running from C:\Users\expert\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
() C:\windows\SYSTEM32\Rezip.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Akamai Technologies, Inc.) C:\Users\expert\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\expert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Akamai Technologies, Inc.) C:\Users\expert\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Avira Operations GmbH & Co. KG) C:\program files\avira\antivir desktop\avcenter.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7862816 2009-10-29] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [13830760 2009-11-05] (NVIDIA Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-26] (APN)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3077528 2011-09-18] ()
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\expert\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\expert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-06] (Spotify Ltd)
HKCU\...\Run: [NTRedirect] - C:\Users\expert\AppData\Roaming\BabSolution\Shared\NTRedirect.dll [127472 2013-08-04] () <===== ATTENTION
Startup: C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
ShortcutTarget: ctfmon.lnk -> C:\ProgramData\lsass.exe (Microsoft Corporation)
Startup: C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5A77C417FECF25FC&affID=119357&tsp=4967
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5A77C417FECF25FC&affID=119357&tsp=4967
SearchScopes: HKLM - {54E1DB9C-535D-482B-9339-C5EEBB28489D} URL = hxxp://downloads.phpnuke.org/de/index.php?rvs=google
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5A77C417FECF25FC&affID=119357&tsp=4967
SearchScopes: HKCU - {54E1DB9C-535D-482B-9339-C5EEBB28489D} URL = hxxp://downloads.phpnuke.org/de/index.php?rvs=google
SearchScopes: HKCU - {6237F852-A53D-4F49-9A56-C275B64E0EF0} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=E52C6A3E-D5E8-4F8D-ADF4-A60141387D5E&apn_sauid=98652394-53F2-414C-AD23-9F65CEF6EFF8
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: LyricXeeker - {5c819b39-cbc9-4faf-8bd2-9d0699eb330a} - C:\Program Files\LyriXeeker\126.dll (LyricXeeker)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  No File
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 46 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default
FF user.js: detected! => C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF Extension: No Name - C:\Users\expert\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Conduit Engine  - C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\Extensions\engine@conduit.com
FF Extension: Delta Toolbar - C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\Extensions\ffxtlbr@delta.com
FF Extension: Game Master 1.1 Community Toolbar - C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\Extensions\{7846ae31-bea2-438a-8f5e-2d899361656c}
FF Extension: uTorrentBar_DE Community Toolbar - C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\Extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
FF Extension: ffxtlbr - C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\Extensions\ffxtlbr@Facemoods.com.xpi
FF Extension: toolbar - C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\Extensions\toolbar@web.de.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: No Name - C:\Users\expert\AppData\Roaming\Mozilla\Firefox\Profiles\df8o1tcy.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF Extension: QuickStores-Toolbar - C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] C:\Users\expert\AppData\Roaming\14001.019
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\126.xpi
FF Extension: No Name - C:\Program Files\LyriXeeker\126.xpi

Chrome: 
=======
CHR HomePage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5A77C417FECF25FC&affID=119357&tsp=4967
CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5A77C417FECF25FC&affID=119357&tsp=4967"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\expert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\20.53263_0
CHR Extension: (YouTube) - C:\Users\expert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\expert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (uTorrentBar_DE) - C:\Users\expert\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\expert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\expert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\expert\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM\...\Chrome\Extension: [epojlgbehpaeekopencdagbdamnkppci] - C:\Program Files\LyriXeeker\126.crx
CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoods.crx
CHR HKLM\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\expert\AppData\Local\Temp\crxA575.tmp
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (SAMSUNG ELECTRONICS)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 catchme; \??\C:\Users\expert\AppData\Local\Temp\catchme.sys [x]
S3 XDva394; \??\C:\windows\system32\XDva394.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-07 20:05 - 2013-08-07 20:05 - 01229794 _____ (Farbar) C:\Users\expert\Desktop\FRST.exe
2013-08-07 19:54 - 2013-08-07 19:54 - 00023538 _____ C:\ComboFix.txt
2013-08-07 19:48 - 2013-08-07 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-07 19:29 - 2013-08-07 19:54 - 00000000 ____D C:\ComboFix
2013-08-07 19:27 - 2013-08-07 19:28 - 05100713 ____R (Swearware) C:\Users\expert\Desktop\ComboFix.exe
2013-08-07 19:25 - 2013-08-07 19:25 - 00655200 _____ C:\Users\expert\Downloads\setup.exe
2013-08-07 19:21 - 2013-08-07 19:21 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\expert\Downloads\tdsskiller.exe
2013-08-07 19:18 - 2013-08-07 19:18 - 05100713 _____ (Swearware) C:\Users\expert\Downloads\ComboFix(1).exe
2013-08-07 19:16 - 2013-08-07 20:03 - 00000366 _____ C:\windows\Tasks\LyricXeeker Update.job
2013-08-07 19:16 - 2013-08-07 19:16 - 00002353 _____ C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Users\expert\AppData\Roaming\DigitalSite
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Users\expert\AppData\Roaming\Delta
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Users\expert\AppData\Roaming\BabSolution
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Program Files\OpenIt
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Program Files\LyriXeeker
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Program Files\Delta
2013-08-07 19:15 - 2013-08-07 19:54 - 00000000 ____D C:\Qoobox
2013-08-07 19:15 - 2013-08-07 19:15 - 00717160 _____ C:\Users\expert\Downloads\ZipOpenerSetup(2).exe
2013-08-07 18:24 - 2013-08-07 18:24 - 00717160 _____ C:\Users\expert\Downloads\ZipOpenerSetup(1).exe
2013-08-07 18:19 - 2013-08-07 18:19 - 00000000 ____D C:\Users\expert\AppData\Local\{50533FF0-1232-4DB5-B593-EECAF818F10A}
2013-08-07 18:14 - 2013-08-07 18:14 - 00717160 _____ C:\Users\expert\Downloads\ZipOpenerSetup.exe
2013-08-07 00:25 - 2013-08-07 00:25 - 05392880 _____ C:\Users\expert\Downloads\Datatable_error(3).rar
2013-08-07 00:19 - 2013-08-07 00:19 - 04699117 _____ C:\Users\expert\Downloads\DataTable.rar
2013-08-07 00:10 - 2013-08-07 00:10 - 00000825 _____ C:\Users\Gast\Desktop\Florensia.lnk
2013-08-07 00:10 - 2013-08-07 00:10 - 00000825 _____ C:\Users\Florensia\Desktop\Florensia.lnk
2013-08-07 00:10 - 2013-08-07 00:10 - 00000825 _____ C:\Users\expert\Desktop\Florensia.lnk
2013-08-07 00:10 - 2013-08-07 00:10 - 00000000 ____D C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Florensia
2013-08-07 00:04 - 2013-08-07 00:10 - 00000000 ____D C:\Netts
2013-08-06 23:50 - 2013-08-07 00:02 - 1087207267 _____ C:\Users\expert\Downloads\flo_Setup_en_rs_110730(1).exe
2013-08-06 23:39 - 2013-08-06 23:42 - 00000000 ____D C:\windows\system32\MRT
2013-08-06 23:35 - 2013-08-06 23:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-06 22:55 - 2013-08-06 22:55 - 00000000 ____D C:\Users\expert\AppData\Roaming\Avira
2013-08-06 22:51 - 2013-08-06 22:51 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-08-06 22:51 - 2013-08-06 22:51 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-08-06 22:50 - 2013-08-06 22:50 - 00067168 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-08-06 22:50 - 2013-08-06 22:50 - 00000000 ____D C:\ProgramData\APN
2013-08-06 22:49 - 2013-08-06 22:49 - 00001940 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-06 22:49 - 2013-08-06 22:49 - 00000000 ____D C:\ProgramData\Avira
2013-08-06 22:49 - 2013-08-06 22:49 - 00000000 ____D C:\Program Files\Avira
2013-08-06 22:49 - 2013-07-18 08:02 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-08-06 22:49 - 2013-07-18 08:02 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-08-06 22:49 - 2013-03-06 16:13 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2013-08-06 22:49 - 2012-08-27 15:50 - 00028520 _____ (Avira GmbH) C:\windows\system32\Drivers\ssmdrv.sys
2013-08-06 22:43 - 2013-08-06 22:44 - 110344048 _____ C:\Users\expert\Downloads\avira_free_antivirus_de(3).exe
2013-08-06 22:41 - 2013-08-06 23:03 - 00000000 ____D C:\Users\expert\Desktop\Beheben!
2013-08-06 22:37 - 2013-08-06 22:47 - 00000282 _____ C:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
2013-08-06 22:37 - 2013-08-06 22:47 - 00000266 _____ C:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2013-08-06 22:37 - 2013-08-06 22:37 - 00000000 ____D C:\Users\expert\AppData\Roaming\dll-files.com
2013-08-06 22:37 - 2013-08-06 22:37 - 00000000 ____D C:\Program Files\Dll-Files.com Fixer
2013-08-06 22:37 - 2013-04-11 16:12 - 00017344 _____ (Dll-Files.com) C:\windows\system32\roboot.exe
2013-08-06 22:36 - 2013-08-06 22:37 - 04241280 _____ (Dll-Files.com                                               ) C:\Users\expert\Downloads\dffsetup-mfc100u.exe
2013-08-06 18:21 - 2013-08-06 18:21 - 05392880 _____ C:\Users\expert\Downloads\Datatable_error(2).rar
2013-08-06 18:21 - 2013-08-06 18:21 - 05392880 _____ C:\Users\expert\Downloads\Datatable_error(1).rar
2013-08-06 18:01 - 2013-08-06 18:01 - 00001214 _____ C:\Users\Gast\Desktop\FlorensiaEN.lnk
2013-08-05 21:57 - 2013-08-05 21:57 - 01717624 _____ (Netviewer AG) C:\Users\expert\Downloads\hilfe.exe
2013-08-05 21:57 - 2013-08-05 21:57 - 01717624 _____ (Netviewer AG) C:\Users\expert\Downloads\hilfe(1).exe
2013-08-05 21:37 - 2013-08-05 21:37 - 00116360 _____ C:\Users\Florensia\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-05 20:39 - 2013-08-05 20:39 - 00000000 ____D C:\Users\Florensia\AppData\Roaming\vlc
2013-08-05 20:34 - 2013-08-05 21:46 - 00000000 ____D C:\Users\Florensia\AppData\Local\LogMeIn Hamachi
2013-08-05 20:34 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia\AppData\Roaming\Apple Computer
2013-08-05 20:34 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia\AppData\Roaming\Adobe
2013-08-05 20:34 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia\AppData\Local\Power2Go
2013-08-05 20:33 - 2013-08-05 20:34 - 00001130 _____ C:\Users\Florensia\Desktop\CyberLink DVD Suite.lnk
2013-08-05 20:33 - 2013-08-05 20:34 - 00001079 _____ C:\Users\Florensia\Desktop\CyberLink YouCam.lnk
2013-08-05 20:33 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia\AppData\Local\VirtualStore
2013-08-05 20:33 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia
2013-08-05 20:33 - 2013-08-05 20:33 - 00000020 ___SH C:\Users\Florensia\ntuser.ini
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Startmenü
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Netzwerkumgebung
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Druckumgebung
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Documents\Eigene Musik
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Documents\Eigene Bilder
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\AppData\Local\Verlauf
2013-08-05 20:33 - 2010-11-01 10:20 - 00000000 ____D C:\Users\Florensia\AppData\Roaming\Macromedia
2013-08-05 20:33 - 2010-10-19 21:52 - 00000000 ____D C:\Users\Florensia\AppData\Local\Microsoft Help
2013-08-05 18:57 - 2013-08-05 18:57 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2013-07-28 16:43 - 2013-07-28 16:44 - 00000000 ____D C:\Users\expert\Desktop\Screens Mosirus
2013-07-20 19:07 - 2013-07-20 19:07 - 00001351 _____ C:\Users\expert\Documents\AutoHotkey.ahk
2013-07-20 19:05 - 2013-07-20 19:05 - 02637267 _____ C:\Users\expert\Downloads\AutoHotkey_L_Install.exe
2013-07-13 15:48 - 2013-07-13 15:48 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-07-13 15:47 - 2013-07-13 15:48 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-07-13 15:47 - 2013-07-13 15:47 - 00000000 ____D C:\Program Files\iPod
2013-07-13 15:41 - 2013-07-13 15:41 - 00000000 ____D C:\Program Files\QuickTime
2013-07-12 17:56 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-12 17:56 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-12 17:56 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-12 17:56 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-12 17:56 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-12 17:56 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-12 17:56 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-12 17:56 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-12 17:56 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-12 17:56 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-12 17:56 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-12 17:56 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-12 17:56 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-12 17:56 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-12 17:56 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-12 17:56 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-10 18:31 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 18:31 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 18:31 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 18:31 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
175

==================== One Month Modified Files and Folders =======

2013-08-07 20:08 - 2011-05-15 12:08 - 00000000 ____D C:\Users\expert\AppData\Local\PMB Files
2013-08-07 20:06 - 2013-08-07 20:06 - 00000000 ____D C:\FRST
2013-08-07 20:05 - 2013-08-07 20:05 - 01229794 _____ (Farbar) C:\Users\expert\Desktop\FRST.exe
2013-08-07 20:03 - 2013-08-07 19:16 - 00000366 _____ C:\windows\Tasks\LyricXeeker Update.job
2013-08-07 20:03 - 2010-10-19 13:52 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1cb6f8415f86c62.job
2013-08-07 20:03 - 2010-03-29 21:45 - 00000000 ____D C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2013-08-07 20:02 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-07 20:02 - 2009-07-14 06:39 - 00150055 _____ C:\windows\setupact.log
2013-08-07 20:01 - 2009-12-05 06:33 - 02075243 _____ C:\windows\WindowsUpdate.log
2013-08-07 19:56 - 2009-07-14 06:34 - 00014736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-07 19:56 - 2009-07-14 06:34 - 00014736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-07 19:54 - 2013-08-07 19:54 - 00023538 _____ C:\ComboFix.txt
2013-08-07 19:54 - 2013-08-07 19:29 - 00000000 ____D C:\ComboFix
2013-08-07 19:54 - 2013-08-07 19:15 - 00000000 ____D C:\Qoobox
2013-08-07 19:48 - 2013-08-07 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-07 19:47 - 2009-07-14 04:04 - 00000215 _____ C:\windows\system.ini
2013-08-07 19:46 - 2009-12-05 08:09 - 02512852 _____ C:\windows\PFRO.log
2013-08-07 19:45 - 2010-09-14 19:22 - 00000000 ____D C:\windows\ERDNT
2013-08-07 19:45 - 2009-07-14 04:03 - 57409536 _____ C:\windows\system32\config\SOFTWARE.bak
2013-08-07 19:45 - 2009-07-14 04:03 - 25427968 _____ C:\windows\system32\config\SYSTEM.bak
2013-08-07 19:45 - 2009-07-14 04:03 - 00524288 _____ C:\windows\system32\config\DEFAULT.bak
2013-08-07 19:45 - 2009-07-14 04:03 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2013-08-07 19:45 - 2009-07-14 04:03 - 00262144 _____ C:\windows\system32\config\SAM.bak
2013-08-07 19:44 - 2010-03-29 21:45 - 00000000 ____D C:\Users\expert
2013-08-07 19:28 - 2013-08-07 19:27 - 05100713 ____R (Swearware) C:\Users\expert\Desktop\ComboFix.exe
2013-08-07 19:28 - 2012-10-09 21:09 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-08-07 19:25 - 2013-08-07 19:25 - 00655200 _____ C:\Users\expert\Downloads\setup.exe
2013-08-07 19:21 - 2013-08-07 19:21 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\expert\Downloads\tdsskiller.exe
2013-08-07 19:19 - 2010-09-14 19:21 - 05100713 _____ (Swearware) C:\Users\expert\Downloads\ComboFix.exe
2013-08-07 19:18 - 2013-08-07 19:18 - 05100713 _____ (Swearware) C:\Users\expert\Downloads\ComboFix(1).exe
2013-08-07 19:16 - 2013-08-07 19:16 - 00002353 _____ C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Users\expert\AppData\Roaming\DigitalSite
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Users\expert\AppData\Roaming\Delta
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Users\expert\AppData\Roaming\BabSolution
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Program Files\OpenIt
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Program Files\LyriXeeker
2013-08-07 19:16 - 2013-08-07 19:16 - 00000000 ____D C:\Program Files\Delta
2013-08-07 19:15 - 2013-08-07 19:15 - 00717160 _____ C:\Users\expert\Downloads\ZipOpenerSetup(2).exe
2013-08-07 19:15 - 2010-04-15 13:37 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-07 18:24 - 2013-08-07 18:24 - 00717160 _____ C:\Users\expert\Downloads\ZipOpenerSetup(1).exe
2013-08-07 18:19 - 2013-08-07 18:19 - 00000000 ____D C:\Users\expert\AppData\Local\{50533FF0-1232-4DB5-B593-EECAF818F10A}
2013-08-07 18:14 - 2013-08-07 18:14 - 00717160 _____ C:\Users\expert\Downloads\ZipOpenerSetup.exe
2013-08-07 17:21 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2013-08-07 00:25 - 2013-08-07 00:25 - 05392880 _____ C:\Users\expert\Downloads\Datatable_error(3).rar
2013-08-07 00:19 - 2013-08-07 00:19 - 04699117 _____ C:\Users\expert\Downloads\DataTable.rar
2013-08-07 00:10 - 2013-08-07 00:10 - 00000825 _____ C:\Users\Gast\Desktop\Florensia.lnk
2013-08-07 00:10 - 2013-08-07 00:10 - 00000825 _____ C:\Users\Florensia\Desktop\Florensia.lnk
2013-08-07 00:10 - 2013-08-07 00:10 - 00000825 _____ C:\Users\expert\Desktop\Florensia.lnk
2013-08-07 00:10 - 2013-08-07 00:10 - 00000000 ____D C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Florensia
2013-08-07 00:10 - 2013-08-07 00:04 - 00000000 ____D C:\Netts
2013-08-07 00:02 - 2013-08-06 23:50 - 1087207267 _____ C:\Users\expert\Downloads\flo_Setup_en_rs_110730(1).exe
2013-08-06 23:53 - 2010-12-07 15:56 - 00007605 _____ C:\Users\expert\AppData\Local\Resmon.ResmonCfg
2013-08-06 23:42 - 2013-08-06 23:39 - 00000000 ____D C:\windows\system32\MRT
2013-08-06 23:38 - 2009-07-26 22:06 - 01520006 _____ C:\windows\system32\PerfStringBackup.INI
2013-08-06 23:35 - 2013-08-06 23:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-06 23:28 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\LogFiles
2013-08-06 23:08 - 2012-05-08 19:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-06 23:03 - 2013-08-06 22:41 - 00000000 ____D C:\Users\expert\Desktop\Beheben!
2013-08-06 22:59 - 2010-04-15 13:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-06 22:55 - 2013-08-06 22:55 - 00000000 ____D C:\Users\expert\AppData\Roaming\Avira
2013-08-06 22:51 - 2013-08-06 22:51 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-08-06 22:51 - 2013-08-06 22:51 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-08-06 22:50 - 2013-08-06 22:50 - 00067168 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-08-06 22:50 - 2013-08-06 22:50 - 00000000 ____D C:\ProgramData\APN
2013-08-06 22:49 - 2013-08-06 22:49 - 00001940 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-06 22:49 - 2013-08-06 22:49 - 00000000 ____D C:\ProgramData\Avira
2013-08-06 22:49 - 2013-08-06 22:49 - 00000000 ____D C:\Program Files\Avira
2013-08-06 22:47 - 2013-08-06 22:37 - 00000282 _____ C:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
2013-08-06 22:47 - 2013-08-06 22:37 - 00000266 _____ C:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2013-08-06 22:45 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-06 22:44 - 2013-08-06 22:43 - 110344048 _____ C:\Users\expert\Downloads\avira_free_antivirus_de(3).exe
2013-08-06 22:37 - 2013-08-06 22:37 - 00000000 ____D C:\Users\expert\AppData\Roaming\dll-files.com
2013-08-06 22:37 - 2013-08-06 22:37 - 00000000 ____D C:\Program Files\Dll-Files.com Fixer
2013-08-06 22:37 - 2013-08-06 22:36 - 04241280 _____ (Dll-Files.com                                               ) C:\Users\expert\Downloads\dffsetup-mfc100u.exe
2013-08-06 22:29 - 2010-07-19 13:56 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment
2013-08-06 22:29 - 2010-04-30 13:48 - 00000000 ____D C:\Program Files\EPSON
2013-08-06 22:24 - 2012-02-23 23:13 - 00000000 ____D C:\Users\expert\Desktop\Florensia Screenshots und PW's
2013-08-06 22:13 - 2010-09-28 17:48 - 00000000 ____D C:\Users\expert\Desktop\Marion
2013-08-06 22:08 - 2010-10-26 14:58 - 00000000 ____D C:\Program Files\Project64 1.6
2013-08-06 22:07 - 2012-09-09 20:34 - 00000000 ____D C:\Program Files\SweetIM
2013-08-06 22:02 - 2011-11-19 12:49 - 00000000 ____D C:\Users\expert\AppData\Local\Conduit
2013-08-06 22:00 - 2010-12-12 11:44 - 00000000 ____D C:\Program Files\Pixum
2013-08-06 21:55 - 2009-12-05 06:30 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-06 21:53 - 2011-01-26 18:56 - 00000000 ____D C:\Users\expert\AppData\Roaming\Ubisoft
2013-08-06 21:53 - 2011-01-26 18:47 - 00000000 ____D C:\Program Files\Ubisoft
2013-08-06 18:43 - 2011-11-19 14:12 - 00000000 ____D C:\Users\expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-06 18:31 - 2012-04-20 19:43 - 00000000 ____D C:\Program Files\Audition Online
2013-08-06 18:31 - 2009-07-14 06:52 - 00000000 ____D C:\windows\twain_32
2013-08-06 18:29 - 2011-11-20 19:23 - 00000000 ____D C:\Program Files\raidcall
2013-08-06 18:26 - 2012-12-18 18:41 - 00000000 ____D C:\Program Files\CEWE COLOR
2013-08-06 18:26 - 2009-12-06 00:06 - 00000000 ____D C:\windows\ShellNew
2013-08-06 18:21 - 2013-08-06 18:21 - 05392880 _____ C:\Users\expert\Downloads\Datatable_error(2).rar
2013-08-06 18:21 - 2013-08-06 18:21 - 05392880 _____ C:\Users\expert\Downloads\Datatable_error(1).rar
2013-08-06 18:01 - 2013-08-06 18:01 - 00001214 _____ C:\Users\Gast\Desktop\FlorensiaEN.lnk
2013-08-05 21:57 - 2013-08-05 21:57 - 01717624 _____ (Netviewer AG) C:\Users\expert\Downloads\hilfe.exe
2013-08-05 21:57 - 2013-08-05 21:57 - 01717624 _____ (Netviewer AG) C:\Users\expert\Downloads\hilfe(1).exe
2013-08-05 21:46 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia\AppData\Local\LogMeIn Hamachi
2013-08-05 21:37 - 2013-08-05 21:37 - 00116360 _____ C:\Users\Florensia\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-05 20:39 - 2013-08-05 20:39 - 00000000 ____D C:\Users\Florensia\AppData\Roaming\vlc
2013-08-05 20:34 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia\AppData\Roaming\Apple Computer
2013-08-05 20:34 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia\AppData\Roaming\Adobe
2013-08-05 20:34 - 2013-08-05 20:34 - 00000000 ____D C:\Users\Florensia\AppData\Local\Power2Go
2013-08-05 20:34 - 2013-08-05 20:33 - 00001130 _____ C:\Users\Florensia\Desktop\CyberLink DVD Suite.lnk
2013-08-05 20:34 - 2013-08-05 20:33 - 00001079 _____ C:\Users\Florensia\Desktop\CyberLink YouCam.lnk
2013-08-05 20:34 - 2013-08-05 20:33 - 00000000 ____D C:\Users\Florensia\AppData\Local\VirtualStore
2013-08-05 20:34 - 2013-08-05 20:33 - 00000000 ____D C:\Users\Florensia
2013-08-05 20:33 - 2013-08-05 20:33 - 00000020 ___SH C:\Users\Florensia\ntuser.ini
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Startmenü
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Netzwerkumgebung
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Druckumgebung
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Documents\Eigene Musik
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\Documents\Eigene Bilder
2013-08-05 20:33 - 2013-08-05 20:33 - 00000000 _SHDL C:\Users\Florensia\AppData\Local\Verlauf
2013-08-05 18:57 - 2013-08-05 18:57 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2013-07-29 00:11 - 2010-04-15 14:03 - 00000000 ____D C:\Users\expert\AppData\Roaming\Skype
2013-07-28 16:44 - 2013-07-28 16:43 - 00000000 ____D C:\Users\expert\Desktop\Screens Mosirus
2013-07-20 19:07 - 2013-07-20 19:07 - 00001351 _____ C:\Users\expert\Documents\AutoHotkey.ahk
2013-07-20 19:05 - 2013-07-20 19:05 - 02637267 _____ C:\Users\expert\Downloads\AutoHotkey_L_Install.exe
2013-07-18 08:02 - 2013-08-06 22:49 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-07-18 08:02 - 2013-08-06 22:49 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-07-13 15:57 - 2012-10-09 21:09 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2013-07-13 15:57 - 2011-06-15 12:20 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-13 15:57 - 2010-03-29 21:46 - 00000000 ____D C:\Users\expert\AppData\Local\Adobe
2013-07-13 15:56 - 2013-03-23 18:02 - 00000000 ____D C:\Users\expert\AppData\Roaming\Spotify
2013-07-13 15:48 - 2013-07-13 15:48 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-07-13 15:48 - 2013-07-13 15:47 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-07-13 15:48 - 2011-01-21 14:38 - 00000000 ____D C:\Program Files\iTunes
2013-07-13 15:47 - 2013-07-13 15:47 - 00000000 ____D C:\Program Files\iPod
2013-07-13 15:47 - 2010-05-07 14:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-13 15:41 - 2013-07-13 15:41 - 00000000 ____D C:\Program Files\QuickTime
2013-07-12 18:19 - 2009-07-14 06:33 - 00430536 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-12 18:17 - 2010-03-29 22:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 18:16 - 2009-12-06 00:06 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 18:16 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 17:58 - 2009-07-14 04:04 - 00000531 _____ C:\windows\win.ini
2013-07-12 17:50 - 2010-03-29 21:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-08 20:32 - 2013-03-23 18:02 - 00000000 ____D C:\Users\expert\AppData\Local\Spotify

Files to move or delete:
====================
C:\Users\expert\AppData\Roaming\BabSolution\Shared\NTRedirect.dll
C:\ProgramData\lsass.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-06 17:36

==================== End Of Log ============================
         
--- --- ---




Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-08-2013 03
Ran by expert at 2013-08-07 20:09:09
Running from C:\Users\expert\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader 9.1 - Deutsch (Version: 9.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Akamai NetSession Interface
Alice Greenfingers
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.3885)
Avira SearchFree Toolbar plus Web Protection (Version: 12.2.2.663)
BatteryLifeExtender (Version: 1.0.1)
Bonjour (Version: 3.0.0.10)
BrowserDefender
ChargeableUSB (Version: 1.0.0.0)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
CyberLink DVD Suite (Version: 6.0.2806)
CyberLink LabelPrint (Version: 2.5.1916)
CyberLink Power2Go (Version: 6.0.3108a)
CyberLink PowerDirector (Version: 7.0.3213)
CyberLink PowerDVD 8 (Version: 8.0.2815b)
CyberLink PowerProducer (Version: 5.0.1.1812)
CyberLink YouCam (Version: 2.0.3304)
D3DX10 (Version: 15.4.2368.0902)
Dairy Dash
Delta Chrome Toolbar
Delta toolbar   (Version: 1.8.22.0)
DivX-Setup (Version: 2.6.1.5)
Dll-Files Fixer (Version: 1.0)
Easy Display Manager (Version: 3.0)
Easy Network Manager (Version: 4.2.4)
Easy SpeedUp Manager (Version: 3.0.0.5)
EasyBatteryManager (Version: 4.0.0.3)
EPSON-Drucker-Software
Farm Frenzy 2
Florensia 2.00.01 (Version: 2.00.01)
Game Pack (Version: 5.3.0.10)
Go-Go Gourmet
Google Chrome (Version: 28.0.1500.95)
Google Update Helper (Version: 1.3.21.153)
HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0)
Intel(R) Rapid Storage Technology (Version: 9.5.4.1001)
Intel(R) Turbo Boost Technology Driver (Version: 01.00.01.1002)
iTunes (Version: 11.0.4.4)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
League of Legends (Version: 1.02.0000)
LyricXeeker
Marvell Miniport Driver (Version: 11.22.3.3)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Web Components (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 23.0 (x86 de) (Version: 23.0)
Mozilla Maintenance Service (Version: 23.0)
MSVCRT (Version: 15.4.2862.0708)
NVIDIA Drivers (Version: 1.4)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
Open It! (Version: 1.1.1)
Pando Media Booster (Version: 2.3.6.0)
Qtrax Player
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.5969)
REALTEK Wireless LAN Software (Version: 1.01.0088)
Samsung Recovery Solution 4 (Version: 4.0.0.41)
Samsung R-Series (Version: 1.0)
Samsung Support Center (Version: 1.0.21)
Samsung Update Plus (Version: 2.0)
Skype Click to Call (Version: 5.6.8442)
Skype™ 6.3 (Version: 6.3.107)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Synaptics Pointing Device Driver (Version: 14.0.10.0)
TeamSpeak 3 Client (HKCU Version: 3.0.10)
TeamViewer 8 (Version: 8.0.18051)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Zip Opener
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
User Guide (Version: 1.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.2 (Version: 2.0.2)
VoiceOver Kit (Version: 1.42.128.0)
Warhammer Online: Age of Reckoning (Version: )
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR
 

==================== Restore Points  =========================

06-08-2013 16:48:59 Removed Atheros Client Installation Program
06-08-2013 16:49:49 Removed Ubisoft Game Launcher
06-08-2013 19:52:55 Entfernt Assassin's Creed
06-08-2013 19:53:44 Removed Ubisoft Game Launcher
06-08-2013 19:54:21 Entfernt Assassin's Creed II
06-08-2013 19:55:06 Removed GTA2
06-08-2013 19:56:16 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 wurde entfernt.
06-08-2013 19:56:39 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
06-08-2013 19:57:30 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
06-08-2013 19:57:55 Microsoft Visual C++ 2005 Redistributable wird entfernt
06-08-2013 19:58:26 Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
06-08-2013 19:58:51 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
06-08-2013 19:59:29 Removed Update Manager for SweetPacks 1.1
06-08-2013 20:01:08 Removed myphotobook.de
06-08-2013 20:04:11 Removed VoiceOver Kit
06-08-2013 20:06:25 Removed Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
06-08-2013 20:06:53 Removed SweetIM for Messenger 3.7
06-08-2013 20:07:24 Removed Internet Explorer Toolbar 4.6 by SweetPacks
06-08-2013 20:08:39 Removed Project64 1.6
06-08-2013 20:08:58 Removed Steam
06-08-2013 20:40:24 DLL-Files Fixer Di, Aug 06, 13  22:40
06-08-2013 21:06:30 Windows Update
06-08-2013 21:33:31 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2013-08-07 19:45 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {01E7958A-6AE6-4E01-87E6-A5CD2F3DBE3F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {15162357-463E-4E5E-A9E8-D72878F91667} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {1BEDF175-E58E-4241-AD55-11D98859AEE1} - System32\Tasks\{25B252D3-E2B2-4CD3-BA50-D2C904D4AE37} => c:\program files\mozilla firefox\firefox.exe [2013-08-06] (Mozilla Corporation)
Task: {1E5280B7-052A-47BB-944C-C0F95E3C5D00} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {2162B994-741E-4163-A301-A4C843713546} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {24EDD002-A695-4EF8-ADD2-AE9589EBA126} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {28E382DB-A12A-4235-ACC0-12E54C9A6E75} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-13] (Adobe Systems Incorporated)
Task: {3B8EFFCB-62AF-4129-B1DE-48A4D62AE2B1} - System32\Tasks\{C6342F9D-2E25-4F99-903C-B1DC7742DD07} => c:\program files\mozilla firefox\firefox.exe [2013-08-06] (Mozilla Corporation)
Task: {3CD9CEBD-DECF-4EBB-8277-196AF70C57BA} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {415A1038-85D4-4A56-A431-74E2CFC6A761} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {49410AB2-3835-4587-94CE-4D3012D8C90A} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-10-26] (SAMSUNG Electronics)
Task: {4F470DB0-472E-4246-9C02-6827D318B6DF} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {57D7BA2D-9245-4D0B-AE4B-5AC22C5E2626} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {65520AE3-596C-4E84-89CA-37153D9187D9} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files\Dll-Files.com No File
Task: {68F682CB-2678-48B9-ADC0-7D8C0E21B4E1} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {6C603B46-BBEC-4A7A-A3D9-38F192FFBB16} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7300088E-E466-4125-B0DA-83EFF8C764BF} - System32\Tasks\GoogleUpdateTaskMachineCore1cb6f8415f86c62 => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-15] (Google Inc.)
Task: {789E0676-A926-4929-9219-FD1E5114B2C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-15] (Google Inc.)
Task: {8756A4F3-C28D-4886-93B5-519F7BA9AD57} - System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => C:\Users\expert\AppData\Local\Temp\Ofy.exe No File
Task: {8C45B53A-30AB-4772-9145-1A295D4B553E} - System32\Tasks\{0642BC50-7476-47DE-924F-7801D6339757} => c:\program files\mozilla firefox\firefox.exe [2013-08-06] (Mozilla Corporation)
Task: {9E037AB9-0949-42E8-8D16-1918123D0DAB} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2009-10-07] (SEC)
Task: {A2EC3BC1-AF7B-457D-951B-5AA69D5F00B0} - System32\Tasks\{5F6B34F2-85B3-4579-A503-31943BC227F8} => C:\Program Files\Skype\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {AE470C8F-ACB0-4133-B89E-E118C8DD0C45} - System32\Tasks\{EA4C8754-C59A-4AE6-8187-7EEAD3180AE9} => c:\program files\mozilla firefox\firefox.exe [2013-08-06] (Mozilla Corporation)
Task: {B7C89DB9-C8D1-410A-9C4E-D63481B0D146} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {BAAAFC9D-AFEB-46BB-A99E-54D0D9F5881D} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-19] (Samsung Electronics. Co. Ltd.)
Task: {CA73044D-6A75-4497-9CD5-C09313A6B6A2} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {D206C614-6849-4F5B-AAA9-C52361A78ECC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-15] (Google Inc.)
Task: {D6CE64A6-A091-4581-B453-87AB2E85DE54} - System32\Tasks\Update => C:\Users\expert\AppData\Local\Temp\er9changemeverythingVisAaboutW.EXE No File
Task: {E49FBFAD-ABFE-4A91-AE98-1B5E888F4685} - System32\Tasks\EPUpdater => C:\Users\expert\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-08-04] ()
Task: {E53BAC16-CA63-4C24-B03C-30FCDDF99DA0} - System32\Tasks\LyricXeeker Update => C:\Program Files\LyriXeeker\LyriXupdate.exe [2013-08-06] ()
Task: {ED60CBC6-CDFE-4A84-867D-381502499B93} - System32\Tasks\{BC1FEC9C-15C1-4155-BB0F-D793B567B550} => c:\program files\mozilla firefox\firefox.exe [2013-08-06] (Mozilla Corporation)
Task: {F2D63F84-98ED-4690-BE30-3DC2E4500855} - System32\Tasks\hpUrlLauncher.exe_{0D493E2C-7EF6-451B-AAB4-F6F2D1EFA81E} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe [2011-05-25] (Hewlett-Packard Co.)
Task: {FFB02BA1-FE67-486C-8EAC-FAEA517B59E7} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files\Dll-Files.com No File
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cb6f8415f86c62.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\LyricXeeker Update.job => C:\Program Files\LyriXeeker\LyriXupdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2013 08:07:58 PM) (Source: Application Hang) (User: )
Description: Programm FRST.exe, Version 3.3.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1320

Startzeit: 01ce9398c9312ea8

Endzeit: 10

Anwendungspfad: C:\Users\expert\Downloads\FRST.exe

Berichts-ID: 3e6a420f-ff8c-11e2-b369-0024545fdd99

Error: (08/06/2013 10:40:23 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {710bada2-e795-4f12-8004-103b6e174f45}

Error: (08/06/2013 09:52:55 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {0ccabd88-4394-4f26-8e38-bf00b3a107e4}

Error: (08/06/2013 06:50:45 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706ba, Der RPC-Server ist nicht verfügbar.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.

Error: (08/06/2013 06:50:45 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706ba, Der RPC-Server ist nicht verfügbar.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   PrepareForSnapshot-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Generatorname: COM+ REGDB Writer
   Generatorinstanz-ID: {8031277d-0da7-47b5-b6c6-9c8b9eaa32bb}

Error: (08/06/2013 06:50:45 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706ba, Der RPC-Server ist nicht verfügbar.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.

Error: (08/06/2013 06:50:45 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706ba, Der RPC-Server ist nicht verfügbar.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.

Error: (08/06/2013 06:50:45 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706ba, Der RPC-Server ist nicht verfügbar.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   PrepareForSnapshot-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {16800594-52c7-4bc8-b452-847b0b015709}

Error: (08/06/2013 06:50:45 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706ba, Der RPC-Server ist nicht verfügbar.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   PrepareForSnapshot-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Generatorname: Registry Writer
   Generatorinstanz-ID: {e7dd3608-e1aa-41f0-87f3-dcae5edd6bd7}

Error: (08/06/2013 05:38:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (08/07/2013 08:03:04 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (08/07/2013 07:50:10 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (08/07/2013 07:47:25 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (08/07/2013 07:46:26 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎07.‎08.‎2013 um 19:44:44 unerwartet heruntergefahren.

Error: (08/07/2013 07:39:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (08/07/2013 07:31:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (08/07/2013 07:29:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde unerwartet beendet. Dies ist bereits 3 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/07/2013 07:29:03 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "BrowserDefendert" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (08/07/2013 07:28:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/07/2013 07:19:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (01/15/2013 04:19:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/14/2012 09:23:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/15/2011 10:09:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/25/2011 03:29:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/13/2011 10:19:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 13, Application Name: Microsoft Office OneNote, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/13/2011 05:20:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 67 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/08/2010 05:19:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 54 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/07/2010 07:38:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 82 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/04/2010 02:46:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 13, Application Name: Microsoft Office OneNote, Application Version: 12.0.6415.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 3565.63 MB
Available physical RAM: 2218.7 MB
Total Pagefile: 7129.54 MB
Available Pagefile: 5661.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:225.33 GB) (Free:110.44 GB) NTFS
Drive d: () (Fixed) (Total:225.33 GB) (Free:216.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 3095CD7A)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=225 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=225 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Antwort

Themen zu Bitte kurz meine Logs auswerten :)
anfänger, auswerten, community, einfach, fachbegriffe, format, insbesondere, liebe, log, meinung, poste, report, schonmal, software, verwenden, würde, überhaupt



Ähnliche Themen: Bitte kurz meine Logs auswerten :)


  1. Bitte meine Hijackthis-log Datei auswerten
    Mülltonne - 28.12.2008 (0)
  2. Kann sich jemand mal meine Logs anschauen, bitte.
    Mülltonne - 09.12.2008 (0)
  3. TR/Crypt.XPACK.Gen-Trojan: Bitte checkt meine logs
    Log-Analyse und Auswertung - 08.09.2008 (6)
  4. Bitte meine hijack log auswerten!!!!
    Mülltonne - 01.09.2008 (0)
  5. Bitte um Hilfe beim auswerten des HJT Logs!!
    Mülltonne - 06.08.2008 (0)
  6. HiJackThis Logs auswerten brauche bitte Hilfe
    Log-Analyse und Auswertung - 17.06.2008 (7)
  7. Könnte bitte jemand meine Logs prüfen? irgendetwas stimmt nicht
    Log-Analyse und Auswertung - 10.11.2007 (2)
  8. Könnte bitte jemand meine Logs prüfen? kein download mehr möglich
    Log-Analyse und Auswertung - 04.11.2007 (3)
  9. bitte prüfen meine logs
    Log-Analyse und Auswertung - 05.03.2006 (1)
  10. Hi, könnt ihr bitte meine logfile auch auswerten???
    Log-Analyse und Auswertung - 18.01.2006 (5)
  11. Bitte meine Logs überprüfen...
    Log-Analyse und Auswertung - 15.11.2005 (1)
  12. kann bitte jemand mal meine logs prüfen
    Log-Analyse und Auswertung - 09.05.2005 (6)
  13. Meine Log-bitte auswerten
    Log-Analyse und Auswertung - 08.04.2005 (5)
  14. Bitte,kann jemand kurz meine log überprüfen?
    Log-Analyse und Auswertung - 24.02.2005 (1)
  15. Bitte um Hilfe bei Auswerten des Logs
    Log-Analyse und Auswertung - 30.01.2005 (4)
  16. kann einer bitte meine logs anschauen?
    Log-Analyse und Auswertung - 24.01.2005 (27)
  17. ...schaut mal bitte in meine Logs
    Log-Analyse und Auswertung - 27.08.2004 (8)

Zum Thema Bitte kurz meine Logs auswerten :) - Hallo liebe Community ich würde gerne eure Meinung über diesen Log, bzw. Report hören. Ich weiß leider nicht, ob das das richtige Format ist und ihr das überhaupt auswerten könnt, - Bitte kurz meine Logs auswerten :)...
Archiv
Du betrachtest: Bitte kurz meine Logs auswerten :) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.