Trojaner-Board - Hijack.StartPage und startsear.ch / wie entfernen??

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Hijack.StartPage und startsear.ch / wie entfernen?? (https://www.trojaner-board.de/116358-hijack-startpage-startsear-ch-entfernen.html)

Hijack.StartPage und startsear.ch / wie entfernen??

Hallo!

Ich habe das Problem, dass die Startseite in Firefox und IE geändert werden.

Nach diversen gelesenen Beiträgen hab ich mir wohl die im Betreff genannte combo eingefangen...

Malwarebytes habe ich bereits angewendet (siehe Anlage).

Könnt Ihr mir bitte helfen?
lg

Hat das einen besonderen Grund, dass du reinen Text in eine PDF gießen musst? :balla: Das ist doch ein völlig unnötiger Arbetsschritt und Zeitverschwendung, poste den reinen Text hier einfach in den Beitrag!

Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Sry, bin neu hier im Forum und dachte mit der .pdf das hätte ich bei den Regeln gelesen...
Danke schon mal für die Antwort!

Code:

 

Malwarebytes Anti-Malware (Test) 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.06.05.06
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Crank :: CRANK-PC [Administrator]
 

Schutz: Aktiviert
 

05.06.2012 23:01:58

mbam-log-2012-06-06 (00-17-22).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 402579

Laufzeit: 50 Minute(n), 55 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 1

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Code:

 ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=a4ad4390c6b5694c8cd09520894f938f

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-06-05 11:43:03

# local_time=2012-06-06 01:43:03 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=1024 16777215 100 0 19350111 19350111 0 0

# compatibility_mode=5893 16776574 100 94 29230471 90564908 0 0

# compatibility_mode=8192 67108863 100 0 108 108 0 0

# scanned=191594

# found=0

# cleaned=0

# scan_time=4725

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Ich habe eigentlich soweit keine Probleme mit Windows... Und hab auch nicht gesichert gestartet. Immer ganz normal.

Der böse Torjaner ändert nur immer die Startseite, wenn ich den IE benutze, oder auch Firefox!

Im Startmenü vermisse ich nichts, schaut soweit alles normal aus. Es kommt nur immer eine Meldung, dass versucht wurde die Startseite zu ändern, rechts unten als Pop-Up. Bevor ich den IE gestartet habe.

lg

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Bekomme eine Fehlermeldung:

"List index out of bounds(21)"

?!

Bitte nochmal probieren, notfall im abgesicherten Modus

Hat auf dem Desktop doch was abgelegt :applaus:

OTL Logfile:

Code:

OTL logfile created on: 07.06.2012 13:51:16 - Run 1

OTL by OldTimer - Version 3.2.46.2     Folder = C:\Users\XXX\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,74 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 49,17% Memory free

7,48 Gb Paging File | 5,25 Gb Available in Paging File | 70,23% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 451,07 Gb Total Space | 339,43 Gb Free Space | 75,25% Space Free | Partition Type: NTFS

 

Computer Name: XXX-PC | User Name: XXX | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.06.07 13:11:17 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Crank\Desktop\OTL.exe

PRC - [2012.06.02 12:43:51 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2012.05.23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

PRC - [2012.02.20 22:28:32 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

PRC - [2012.02.15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe

PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

PRC - [2012.01.23 16:27:24 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

PRC - [2012.01.12 00:10:50 | 000,132,608 | ---- | M] (Marx Softwareentwicklung - www.software4u.de) -- C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe

PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

PRC - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

PRC - [2011.01.13 21:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2010.09.24 11:21:20 | 000,727,664 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

PRC - [2010.08.25 13:24:20 | 000,235,624 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2010.04.27 19:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

PRC - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010.03.03 21:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

PRC - [2010.01.28 15:53:54 | 000,453,120 | R--- | M] () -- C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe

PRC - [2009.12.29 17:35:50 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe

PRC - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.05.26 11:14:16 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll

MOD - [2012.05.26 11:05:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll

MOD - [2012.05.26 11:04:47 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\79b487ba3d893f59ce7e697d06721dd0\System.Windows.Forms.ni.dll

MOD - [2012.05.26 11:04:41 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\1dce8ad4aa93ed395af726c0e510846e\System.Drawing.ni.dll

MOD - [2012.05.26 11:04:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll

MOD - [2012.05.26 11:04:26 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll

MOD - [2012.05.26 11:04:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll

MOD - [2012.05.26 11:04:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll

MOD - [2012.05.26 11:04:14 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll

MOD - [2012.05.23 03:56:50 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll

MOD - [2012.05.23 03:56:49 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll

MOD - [2012.05.23 03:55:35 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\libglesv2.dll

MOD - [2012.05.23 03:55:33 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\libegl.dll

MOD - [2012.05.23 03:55:24 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\avutil-51.dll

MOD - [2012.05.23 03:55:23 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\avformat-54.dll

MOD - [2012.05.23 03:55:21 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll

MOD - [2012.05.23 03:06:23 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

MOD - [2012.02.15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe

MOD - [2012.01.23 16:27:24 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

MOD - [2012.01.12 00:10:50 | 000,308,224 | ---- | M] () -- C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceLib.dll

MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.01.13 21:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

MOD - [2011.01.13 21:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll

MOD - [2011.01.13 21:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll

MOD - [2011.01.13 21:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll

MOD - [2011.01.13 21:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll

MOD - [2011.01.13 21:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

MOD - [2011.01.13 21:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll

MOD - [2011.01.13 21:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll

MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2010.09.24 11:21:20 | 000,727,664 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

MOD - [2010.08.26 02:43:00 | 000,010,856 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010.11.20 15:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)

SRV:64bit: - [2009.07.14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)

SRV - [2012.06.03 15:44:16 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)

SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)

SRV - [2010.11.29 11:42:56 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)

SRV - [2010.10.28 12:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2010.08.25 13:24:20 | 000,235,624 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.03.05 11:26:38 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)

SRV - [2010.03.05 11:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV - [2010.03.05 11:06:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)

SRV - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)

SRV - [2010.01.28 15:53:54 | 000,453,120 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe -- (WMCoreService)

SRV - [2009.12.29 17:35:50 | 000,083,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe -- (NvtlService)

SRV - [2009.11.17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2009.11.02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)

SRV - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.10.07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2011.09.13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2011.08.19 17:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)

DRV:64bit: - [2011.08.08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2011.07.11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2011.07.11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)

DRV:64bit: - [2011.07.11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)

DRV:64bit: - [2011.07.11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 11:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)

DRV:64bit: - [2010.08.26 02:43:00 | 000,024,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:64bit: - [2010.08.24 19:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2010.08.24 19:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2010.08.20 12:05:18 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)

DRV:64bit: - [2010.08.20 12:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)

DRV:64bit: - [2010.07.28 15:10:40 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010.07.02 02:46:58 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)

DRV:64bit: - [2010.06.23 10:10:56 | 000,344,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010.06.22 04:37:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2010.06.21 03:45:54 | 000,287,232 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV:64bit: - [2010.06.18 11:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)

DRV:64bit: - [2010.05.31 13:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)

DRV:64bit: - [2010.04.27 18:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV:64bit: - [2010.04.27 18:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)

DRV:64bit: - [2010.03.26 16:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010.02.26 17:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009.11.02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2009.08.28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)

DRV:64bit: - [2009.07.14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2006.11.01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2011.08.19 17:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/

IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3&q={searchTerms}

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050

 

 

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D EA CF E0 E9 9A CB 01  [binary data]

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{41F9AD21-C90D-43BC-8A23-9FEE4FD5CAA7}: "URL" = hxxp://isearch.avg.com/search?cid={8576F1D3-6958-45D7-B43C-B451BE5E5C56}&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&lang=en&ds=AVG&pr=fr&d=2011-10-26 01:24:32&v=10.0.0.7&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{893E3B0B-F2E3-4AE3-BF77-D2809CE64E95}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=DC196B61-45E2-4F2C-8091-CAD20F1B207A&apn_sauid=43FC34C4-08F2-4455-A247-C4BB683A7AA2

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3&q={searchTerms}

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "hxxp://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3"

FF - prefs.js..browser.search.order.1: "Web Search"

FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7Be9e096c3-a1ef-4651-906e-16dd0e7b503e%7D&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&ds=AVG&v=10.0.0.7&lang=en&pr=fr&d=2011-10-26%2001%3A24%3A32&sap=ku&q="

FF - prefs.js..browser.search.defaultenginename: "Web Search"

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.01.31 22:20:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012.01.23 16:27:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.02 12:44:17 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.02 12:43:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.03 14:08:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.02 12:43:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\ [2011.12.24 09:37:53 | 000,000,000 | ---D | M]

 

[2011.02.07 23:26:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crank\AppData\Roaming\mozilla\Extensions

[2011.02.07 23:26:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crank\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2012.06.03 14:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions

[2012.06.03 14:32:53 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2011.01.05 00:38:27 | 000,000,000 | ---D | M] (New Tab Homepage) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}

[2012.01.09 20:49:03 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2012.01.23 17:20:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2011.01.05 00:38:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.04.09 13:02:29 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com

[2011.07.29 23:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\askcom.xml

[2012.03.24 19:46:35 | 000,000,792 | ---- | M] () -- C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\startsear.xml

[2012.03.24 19:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012.03.24 19:46:45 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{5e8788a9-beec-1623-5854-c8887c6bff97}

[2011.03.09 21:03:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2012.01.31 22:20:52 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4

[2012.01.23 16:27:30 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\10.0.0.7

[2012.06.02 12:44:17 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2012.06.03 14:03:52 | 000,084,697 | ---- | M] () (No name found) -- C:\USERS\CRANK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZUXG5VAH.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI

[2012.01.09 20:49:03 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\CRANK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZUXG5VAH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2012.02.06 22:04:02 | 000,044,883 | ---- | M] () (No name found) -- C:\USERS\CRANK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZUXG5VAH.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI

[2011.08.29 20:32:26 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\CRANK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZUXG5VAH.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI

[2012.02.06 22:04:01 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012.06.02 12:44:02 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

[2012.02.06 22:03:58 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.01.23 16:27:24 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

[2012.02.06 22:03:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.02.06 22:03:58 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.02.06 22:03:58 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.02.06 22:03:58 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.02.06 22:03:58 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: StartSearch Video plug-in (Enabled) = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\chvsharetvplg.dll

CHR - plugin: StartSearch Video plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll

CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6907_0\npSkypeChromePlugin.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: AVG Safe Search = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\

CHR - Extension: Skype Extension = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6907_0\

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()

O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()

O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3:64bit: - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()

O3 - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()

O3 - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()

O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()

O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)

O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)

O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()

O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-48129393-636560758-4197299864-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)

O4 - HKU\S-1-5-21-48129393-636560758-4197299864-1000..\Run: [iDevice Manager Launcher] C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe (Marx Softwareentwicklung - www.software4u.de)

O4 - HKU\S-1-5-21-48129393-636560758-4197299864-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)

O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Crank\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Crank\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Key error.)

O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{700177AE-DB7B-45B0-94A6-AFCF97A716B0}: DhcpNameServer = 192.168.2.1 192.168.2.1

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()

O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\Shell - "" = AutoRun

O33 - MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\Shell - "" = AutoRun

O33 - MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe

O33 - MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\Shell - "" = AutoRun

O33 - MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

 

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.06.07 13:11:15 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Crank\Desktop\OTL.exe

[2012.06.06 00:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.06.03 15:32:58 | 000,000,000 | ---D | C] -- C:\Users\Crank\AppData\Roaming\Malwarebytes

[2012.06.03 15:32:50 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.06.03 15:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.06.03 15:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.06.03 15:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.06.03 14:10:27 | 009,491,560 | ---- | C] (McAfee Inc.) -- C:\Users\Crank\Desktop\stinger(1).exe

[2012.06.02 20:15:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared

[2012.06.02 14:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec

[2012.06.02 14:42:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan

[2012.06.02 14:42:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64

[2012.06.02 14:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan

[2012.06.02 14:42:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0305030.001

[2012.06.02 14:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2012.06.02 14:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2012.06.02 14:42:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

[2012.06.02 12:44:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared

[2012.06.02 12:43:56 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2012.06.02 12:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

[2012.06.02 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\Crank\AppData\Local\Real

[2012.05.10 23:05:27 | 000,000,000 | ---D | C] -- C:\Users\Crank\AppData\Local\{EA7F49F7-7857-4ADB-8562-A6E5C1766F91}

[2012.05.10 23:05:15 | 000,000,000 | ---D | C] -- C:\Users\Crank\AppData\Local\{52CF112B-B45D-435F-BE51-E88101DA3FB8}

[2012.05.10 22:46:59 | 000,000,000 | ---D | C] -- C:\Windows\de

[2012.05.10 22:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

[2012.05.10 22:44:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

[12 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.06.07 13:44:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.06.07 13:23:06 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job

[2012.06.07 13:11:17 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Crank\Desktop\OTL.exe

[2012.06.07 13:09:16 | 000,020,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.06.07 13:09:16 | 000,020,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.06.07 13:07:45 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.06.07 13:06:02 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.06.07 13:06:02 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.06.07 13:06:02 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.06.07 13:06:02 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.06.07 13:06:02 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.06.07 13:05:23 | 099,938,241 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm

[2012.06.07 13:01:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.06.07 13:01:07 | 3010,695,168 | -HS- | M] () -- C:\hiberfil.sys

[2012.06.06 00:56:07 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.06.04 23:32:14 | 000,000,039 | RH-- | M] () -- C:\Users\Crank\Desktop\stinger(1).opt

[2012.06.04 20:08:42 | 000,016,200 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys

[2012.06.03 18:33:24 | 000,000,448 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Crank.job

[2012.06.03 16:05:06 | 000,014,772 | ---- | M] () -- C:\Users\Crank\Documents\mbam-log-2012-06-03 (15-33-25).pdf

[2012.06.03 16:04:45 | 000,014,300 | ---- | M] () -- C:\Users\Crank\Documents\mbam-log-2012-06-03 (15-42-04).pdf

[2012.06.03 15:32:50 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.03 14:10:28 | 009,491,560 | ---- | M] (McAfee Inc.) -- C:\Users\Crank\Desktop\stinger(1).exe

[2012.06.03 14:10:16 | 000,000,039 | RH-- | M] () -- C:\Users\Crank\Desktop\stinger.opt

[2012.06.03 14:03:02 | 000,001,245 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf

[2012.06.02 14:42:14 | 000,001,295 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk

[2012.06.02 12:44:26 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2012.06.02 12:43:56 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2012.05.28 19:53:59 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

[2012.05.26 11:03:28 | 000,289,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.05.10 22:54:03 | 000,015,537 | ---- | M] () -- C:\Users\Crank\Documents\Barmenia - Zusatz - Zahn - Kostenerstattung 05_2012.odt

[2012.05.10 22:48:48 | 000,015,027 | ---- | M] () -- C:\Users\Crank\Documents\BRIEFVORLAGE.odt

[12 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.06.04 23:32:14 | 000,000,039 | RH-- | C] () -- C:\Users\Crank\Desktop\stinger(1).opt

[2012.06.03 16:05:09 | 000,014,772 | ---- | C] () -- C:\Users\Crank\Documents\mbam-log-2012-06-03 (15-33-25).pdf

[2012.06.03 16:04:49 | 000,014,300 | ---- | C] () -- C:\Users\Crank\Documents\mbam-log-2012-06-03 (15-42-04).pdf

[2012.06.03 15:32:50 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.03 15:21:41 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.06.02 14:42:15 | 000,000,448 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Crank.job

[2012.06.02 14:42:14 | 000,001,295 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk

[2012.06.02 14:42:12 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0305030.001\isolate.ini

[2012.06.02 12:44:26 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2012.05.10 22:49:27 | 000,015,537 | ---- | C] () -- C:\Users\Crank\Documents\Barmenia - Zusatz - Zahn - Kostenerstattung 05_2012.odt

[2012.05.10 22:45:55 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk

[2012.05.10 22:45:40 | 000,001,334 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk

[2012.05.10 22:45:26 | 000,001,450 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk

[2012.05.10 22:45:13 | 000,002,446 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2012.03.24 19:46:47 | 000,075,045 | ---- | C] () -- C:\Windows\SysWow64\a142f42c.exe

[2011.08.29 20:47:37 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib

[2011.02.07 23:26:45 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011.01.25 23:40:41 | 000,007,736 | ---- | C] () -- C:\Windows\cdplayer.ini

[2011.01.10 22:07:03 | 000,017,408 | ---- | C] () -- C:\Users\Crank\AppData\Local\WebpageIcons.db

[2011.01.10 22:04:42 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll

[2011.01.10 22:04:42 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll

[2011.01.10 22:04:42 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll

[2011.01.04 23:43:23 | 000,099,548 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2010.12.14 21:26:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2010.08.25 20:34:30 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin

[2010.08.25 20:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin

[2010.08.25 20:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin

[2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll

[2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

 
 ========== LOP Check ==========

 

[2011.10.30 21:23:07 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Amazon

[2011.10.26 01:23:42 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\AVG2012

[2011.09.01 22:15:16 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Canneverbe Limited

[2011.01.14 19:35:01 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Canon

[2011.01.10 22:17:50 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\concept design

[2012.02.13 18:12:15 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\digital publishing

[2011.05.10 09:28:44 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DiskAid

[2012.03.24 20:50:56 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DVDVideoSoft

[2011.01.05 00:38:05 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.03.19 16:21:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\elsterformular

[2011.03.21 14:02:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\IrfanView

[2011.12.21 20:16:25 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Jens Lorek

[2010.12.27 20:31:28 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Leadertech

[2012.01.23 18:14:00 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\My Games

[2010.12.15 21:08:41 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\OpenOffice.org

[2010.12.15 21:29:40 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\PCDr

[2012.01.24 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\PhotoScape

[2012.01.24 18:58:28 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\redsn0w

[2012.05.28 09:56:26 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Software4u

[2011.02.07 23:26:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Thunderbird

[2010.12.16 14:14:37 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Windows Live Writer

[2012.05.28 19:53:59 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

[2012.01.02 22:47:20 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2012.06.07 13:23:06 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2010.12.18 15:33:46 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Adobe

[2011.10.30 21:23:07 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Amazon

[2011.12.04 00:10:07 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Apple Computer

[2011.10.26 01:23:42 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\AVG2012

[2011.09.01 22:15:16 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Canneverbe Limited

[2011.01.14 19:35:01 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Canon

[2011.01.10 22:17:50 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\concept design

[2011.05.26 23:47:46 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Dell

[2012.02.13 18:12:15 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\digital publishing

[2011.05.10 09:28:44 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DiskAid

[2012.03.24 20:50:56 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DVDVideoSoft

[2011.01.05 00:38:05 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.03.19 16:21:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\elsterformular

[2010.12.13 18:43:52 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Identities

[2010.12.13 18:58:10 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\InstallShield

[2010.12.14 07:42:38 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Intel

[2010.12.13 18:59:46 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Intel Corporation

[2011.03.21 14:02:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\IrfanView

[2011.12.21 20:16:25 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Jens Lorek

[2010.12.27 20:31:28 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Leadertech

[2010.12.27 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Logishrd

[2010.12.27 20:31:32 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Logitech

[2010.12.14 08:31:21 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Macromedia

[2012.06.03 15:32:58 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Malwarebytes

[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Media Center Programs

[2011.02.07 23:07:29 | 000,000,000 | --SD | M] -- C:\Users\Crank\AppData\Roaming\Microsoft

[2010.12.13 19:31:41 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Mozilla

[2012.01.23 18:14:00 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\My Games

[2010.12.15 21:08:41 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\OpenOffice.org

[2010.12.15 21:29:40 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\PCDr

[2012.01.24 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\PhotoScape

[2012.06.02 12:44:40 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Real

[2012.01.24 18:58:28 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\redsn0w

[2010.12.13 20:14:18 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Roxio Log Files

[2012.02.15 14:47:07 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Skype

[2012.02.15 13:08:08 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\skypePM

[2012.05.28 09:56:26 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Software4u

[2011.02.07 23:26:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Thunderbird

[2011.01.10 19:57:44 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\vlc

[2010.12.16 14:14:37 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Windows Live Writer

 
 < %APPDATA%\*.exe /s >

[2011.02.26 12:59:09 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Crank\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

[2012.05.26 09:17:38 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Crank\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe

[2012.05.26 12:18:08 | 028,087,744 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Crank\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\stub_data\RealPlayer_de.exe

[2012.05.26 12:17:45 | 000,693,504 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Crank\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\stub_exe\RealPlayer_de.exe

 
 < %SYSTEMDRIVE%\*.exe >

[2007.11.07 09:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTOR.SYS  >

[2010.03.03 20:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\dell\drivers\R263958\f6flpy-x86\iaStor.sys

[2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\dell\drivers\R263958\f6flpy-x64\iaStor.sys

[2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys

[2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys

[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys

[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys

[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys

[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 

< End of report >

--- --- ---

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3&q={searchTerms}

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D EA CF E0 E9 9A CB 01  [binary data]

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{41F9AD21-C90D-43BC-8A23-9FEE4FD5CAA7}: "URL" = http://isearch.avg.com/search?cid={8576F1D3-6958-45D7-B43C-B451BE5E5C56}&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&lang=en&ds=AVG&pr=fr&d=2011-10-26 01:24:32&v=10.0.0.7&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{893E3B0B-F2E3-4AE3-BF77-D2809CE64E95}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=DC196B61-45E2-4F2C-8091-CAD20F1B207A&apn_sauid=43FC34C4-08F2-4455-A247-C4BB683A7AA2

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3&q={searchTerms}

IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050

FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3"

FF - prefs.js..browser.search.order.1: "Web Search"

FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7Be9e096c3-a1ef-4651-906e-16dd0e7b503e%7D&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&ds=AVG&v=10.0.0.7&lang=en&pr=fr&d=2011-10-26%2001%3A24%3A32&sap=ku&q="

FF - prefs.js..browser.search.defaultenginename: "Web Search"

FF - user.js - File not found

[2012.01.09 20:49:03 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2011.04.09 13:02:29 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com

[2011.07.29 23:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\askcom.xml

[2012.03.24 19:46:35 | 000,000,792 | ---- | M] () -- C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\startsear.xml

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\Shell - "" = AutoRun

O33 - MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\Shell - "" = AutoRun

O33 - MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe

O33 - MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\Shell - "" = AutoRun

O33 - MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe

:Files

C:\Windows\SysWow64\a142f42c.exe

:Commands

[purity]

[emptytemp]

[emptyflash]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

hm.... offensichtlich hat alles gefunzt. Allerdings ging nach dem Neustart wieder dieses Pop-Up rechts unten auf, dass versucht wurde, die Startseite zu ändern... Habe seit Eröffnung dieses Themas den IE nicht wieder gestartet... Arbeite momentan nur mit Chrome.

Code:

All processes killed

========== OTL ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.

C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll moved successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!

HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!

HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!

Registry value HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.

File C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll not found.

HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{41F9AD21-C90D-43BC-8A23-9FEE4FD5CAA7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41F9AD21-C90D-43BC-8A23-9FEE4FD5CAA7}\ not found.

Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{893E3B0B-F2E3-4AE3-BF77-D2809CE64E95}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{893E3B0B-F2E3-4AE3-BF77-D2809CE64E95}\ not found.

Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.

Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Prefs.js: "hxxp://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3" removed from browser.startup.homepage

Prefs.js: "Web Search" removed from browser.search.order.1

Prefs.js: "hxxp://isearch.avg.com/search?cid=%7Be9e096c3-a1ef-4651-906e-16dd0e7b503e%7D&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&ds=AVG&v=10.0.0.7&lang=en&pr=fr&d=2011-10-26%2001%3A24%3A32&sap=ku&q=" removed from keyword.URL

Prefs.js: "Web Search" removed from browser.search.defaultenginename

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\searchplugin folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\META-INF folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\lib folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\DualPackage folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\defaults folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\components folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\chrome folder moved successfully.

C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com folder moved successfully.

C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\askcom.xml moved successfully.

C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\startsear.xml moved successfully.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.

Registry value HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c323500-5926-11e0-99c5-f04da25ee1b3}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c323500-5926-11e0-99c5-f04da25ee1b3}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\ not found.

File D:\autoRcd.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\ not found.

File E:\AutoRun.exe not found.

========== FILES ==========

C:\Windows\SysWow64\a142f42c.exe moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: AppData

 

User: Crank

->Temp folder emptied: 187695 bytes

->Temporary Internet Files folder emptied: 12168318 bytes

->Java cache emptied: 4466439 bytes

->FireFox cache emptied: 44974267 bytes

->Google Chrome cache emptied: 404567034 bytes

->Flash cache emptied: 3111 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 7822944 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 1010 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes

RecycleBin emptied: 23582 bytes

 

Total Files Cleaned = 452,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: AppData

 

User: Crank

->Flash cache emptied: 0 bytes

 

User: Default

 

User: Default User

 

User: Public

 

User: UpdatusUser

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.46.2 log created on 06072012_221852
 

Files\Folders moved on Reboot...

C:\Users\Crank\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
 

Registry entries deleted on Reboot...

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

So, weiter gehts:

Code:

 16:43:18.0404 3824        TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16

16:43:18.0638 3824        ============================================================

16:43:18.0638 3824        Current date / time: 2012/06/10 16:43:18.0638

16:43:18.0638 3824        SystemInfo:

16:43:18.0638 3824        

16:43:18.0638 3824        OS Version: 6.1.7601 ServicePack: 1.0

16:43:18.0638 3824        Product type: Workstation

16:43:18.0638 3824        ComputerName: XXX-PC

16:43:18.0638 3824        UserName: XXX

16:43:18.0638 3824        Windows directory: C:\Windows

16:43:18.0638 3824        System windows directory: C:\Windows

16:43:18.0638 3824        Running under WOW64

16:43:18.0638 3824        Processor architecture: Intel x64

16:43:18.0638 3824        Number of processors: 4

16:43:18.0638 3824        Page size: 0x1000

16:43:18.0638 3824        Boot type: Normal boot

16:43:18.0638 3824        ============================================================

16:43:19.0059 3824        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:43:19.0059 3824        ============================================================

16:43:19.0059 3824        \Device\Harddisk0\DR0:

16:43:19.0059 3824        MBR partitions:

16:43:19.0059 3824        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000

16:43:19.0059 3824        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625800

16:43:19.0059 3824        ============================================================

16:43:19.0074 3824        C: <-> \Device\Harddisk0\DR0\Partition1

16:43:19.0074 3824        ============================================================

16:43:19.0074 3824        Initialize success

16:43:19.0074 3824        ============================================================

16:43:52.0232 4888        ============================================================

16:43:52.0232 4888        Scan started

16:43:52.0232 4888        Mode: Manual; SigCheck; TDLFS; 

16:43:52.0232 4888        ============================================================

16:43:52.0529 4888        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

16:43:52.0700 4888        1394ohci - ok

16:43:52.0747 4888        Acceler         (7a505465bbb1eb8b5ad4d76e8749383b) C:\Windows\system32\DRIVERS\Accelern.sys

16:43:52.0794 4888        Acceler - ok

16:43:52.0841 4888        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

16:43:52.0872 4888        ACPI - ok

16:43:52.0888 4888        AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

16:43:52.0981 4888        AcpiPmi - ok

16:43:53.0137 4888        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:43:53.0137 4888        AdobeARMservice - ok

16:43:53.0246 4888        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:43:53.0262 4888        AdobeFlashPlayerUpdateSvc - ok

16:43:53.0324 4888        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:43:53.0356 4888        adp94xx - ok

16:43:53.0387 4888        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:43:53.0418 4888        adpahci - ok

16:43:53.0434 4888        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:43:53.0449 4888        adpu320 - ok

16:43:53.0480 4888        AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

16:43:53.0605 4888        AeLookupSvc - ok

16:43:53.0668 4888        AERTFilters     (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

16:43:53.0668 4888        AERTFilters - ok

16:43:53.0730 4888        AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

16:43:53.0808 4888        AFD - ok

16:43:53.0855 4888        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

16:43:53.0870 4888        agp440 - ok

16:43:53.0902 4888        ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

16:43:53.0980 4888        ALG - ok

16:43:54.0011 4888        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

16:43:54.0026 4888        aliide - ok

16:43:54.0073 4888        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

16:43:54.0089 4888        amdide - ok

16:43:54.0136 4888        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:43:54.0198 4888        AmdK8 - ok

16:43:54.0229 4888        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:43:54.0245 4888        AmdPPM - ok

16:43:54.0292 4888        amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

16:43:54.0323 4888        amdsata - ok

16:43:54.0370 4888        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:43:54.0401 4888        amdsbs - ok

16:43:54.0432 4888        amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

16:43:54.0448 4888        amdxata - ok

16:43:54.0526 4888        AnyDVD          (2c4a05fcef72ef614dcd11d0872498c9) C:\Windows\system32\Drivers\AnyDVD.sys

16:43:54.0541 4888        AnyDVD - ok

16:43:54.0588 4888        AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

16:43:54.0775 4888        AppID - ok

16:43:54.0806 4888        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

16:43:54.0900 4888        AppIDSvc - ok

16:43:54.0931 4888        Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

16:43:54.0994 4888        Appinfo - ok

16:43:55.0134 4888        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:43:55.0150 4888        Apple Mobile Device - ok

16:43:55.0196 4888        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:43:55.0196 4888        arc - ok

16:43:55.0212 4888        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:43:55.0228 4888        arcsas - ok

16:43:55.0259 4888        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:43:55.0337 4888        AsyncMac - ok

16:43:55.0384 4888        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

16:43:55.0399 4888        atapi - ok

16:43:55.0477 4888        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

16:43:55.0602 4888        AudioEndpointBuilder - ok

16:43:55.0602 4888        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

16:43:55.0649 4888        AudioSrv - ok

16:43:55.0976 4888        AVGIDSAgent     (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

16:43:56.0039 4888        AVGIDSAgent - ok

16:43:56.0164 4888        AVGIDSDriver    (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

16:43:56.0179 4888        AVGIDSDriver - ok

16:43:56.0210 4888        AVGIDSEH        (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

16:43:56.0226 4888        AVGIDSEH - ok

16:43:56.0242 4888        AVGIDSFilter    (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

16:43:56.0257 4888        AVGIDSFilter - ok

16:43:56.0288 4888        Avgldx64        (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

16:43:56.0320 4888        Avgldx64 - ok

16:43:56.0351 4888        Avgmfx64        (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

16:43:56.0366 4888        Avgmfx64 - ok

16:43:56.0398 4888        Avgrkx64        (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

16:43:56.0413 4888        Avgrkx64 - ok

16:43:56.0460 4888        Avgtdia         (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

16:43:56.0491 4888        Avgtdia - ok

16:43:56.0585 4888        avgwd           (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

16:43:56.0616 4888        avgwd - ok

16:43:56.0678 4888        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

16:43:56.0803 4888        AxInstSV - ok

16:43:56.0850 4888        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:43:56.0912 4888        b06bdrv - ok

16:43:56.0959 4888        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:43:57.0022 4888        b57nd60a - ok

16:43:57.0131 4888        BBSvc           (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

16:43:57.0162 4888        BBSvc - ok

16:43:57.0209 4888        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

16:43:57.0271 4888        BDESVC - ok

16:43:57.0302 4888        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:43:57.0380 4888        Beep - ok

16:43:57.0474 4888        BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

16:43:57.0552 4888        BFE - ok

16:43:57.0614 4888        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

16:43:57.0724 4888        BITS - ok

16:43:57.0786 4888        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:43:57.0817 4888        blbdrive - ok

16:43:57.0926 4888        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

16:43:57.0958 4888        Bonjour Service - ok

16:43:58.0020 4888        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

16:43:58.0051 4888        bowser - ok

16:43:58.0082 4888        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:43:58.0145 4888        BrFiltLo - ok

16:43:58.0160 4888        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:43:58.0176 4888        BrFiltUp - ok

16:43:58.0223 4888        Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

16:43:58.0316 4888        Browser - ok

16:43:58.0332 4888        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:43:58.0394 4888        Brserid - ok

16:43:58.0410 4888        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:43:58.0441 4888        BrSerWdm - ok

16:43:58.0457 4888        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:43:58.0472 4888        BrUsbMdm - ok

16:43:58.0488 4888        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:43:58.0504 4888        BrUsbSer - ok

16:43:58.0582 4888        BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

16:43:58.0644 4888        BthEnum - ok

16:43:58.0644 4888        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:43:58.0691 4888        BTHMODEM - ok

16:43:58.0753 4888        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

16:43:58.0800 4888        BthPan - ok

16:43:58.0894 4888        BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

16:43:58.0956 4888        BTHPORT - ok

16:43:58.0987 4888        bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

16:43:59.0050 4888        bthserv - ok

16:43:59.0081 4888        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

16:43:59.0112 4888        BTHUSB - ok

16:43:59.0159 4888        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:43:59.0221 4888        cdfs - ok

16:43:59.0284 4888        cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

16:43:59.0315 4888        cdrom - ok

16:43:59.0377 4888        CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

16:43:59.0440 4888        CertPropSvc - ok

16:43:59.0486 4888        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:43:59.0502 4888        circlass - ok

16:43:59.0533 4888        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:43:59.0580 4888        CLFS - ok

16:43:59.0627 4888        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:43:59.0658 4888        clr_optimization_v2.0.50727_32 - ok

16:43:59.0720 4888        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:43:59.0736 4888        clr_optimization_v2.0.50727_64 - ok

16:43:59.0783 4888        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:43:59.0798 4888        clr_optimization_v4.0.30319_32 - ok

16:43:59.0830 4888        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:43:59.0861 4888        clr_optimization_v4.0.30319_64 - ok

16:43:59.0876 4888        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:43:59.0923 4888        CmBatt - ok

16:43:59.0970 4888        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

16:43:59.0986 4888        cmdide - ok

16:44:00.0032 4888        CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

16:44:00.0064 4888        CNG - ok

16:44:00.0095 4888        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:44:00.0110 4888        Compbatt - ok

16:44:00.0142 4888        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

16:44:00.0173 4888        CompositeBus - ok

16:44:00.0188 4888        COMSysApp - ok

16:44:00.0188 4888        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:44:00.0204 4888        crcdisk - ok

16:44:00.0266 4888        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

16:44:00.0344 4888        CryptSvc - ok

16:44:00.0407 4888        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

16:44:00.0469 4888        DcomLaunch - ok

16:44:00.0516 4888        defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

16:44:00.0594 4888        defragsvc - ok

16:44:00.0625 4888        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

16:44:00.0703 4888        DfsC - ok

16:44:00.0750 4888        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

16:44:00.0812 4888        Dhcp - ok

16:44:00.0844 4888        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:44:00.0875 4888        discache - ok

16:44:00.0906 4888        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:44:00.0922 4888        Disk - ok

16:44:00.0968 4888        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

16:44:01.0031 4888        Dnscache - ok

16:44:01.0078 4888        dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

16:44:01.0187 4888        dot3svc - ok

16:44:01.0234 4888        DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

16:44:01.0312 4888        DPS - ok

16:44:01.0343 4888        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:44:01.0390 4888        drmkaud - ok

16:44:01.0468 4888        DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

16:44:01.0514 4888        DXGKrnl - ok

16:44:01.0561 4888        EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

16:44:01.0639 4888        EapHost - ok

16:44:01.0858 4888        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:44:01.0951 4888        ebdrv - ok

16:44:02.0045 4888        EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

16:44:02.0107 4888        EFS - ok

16:44:02.0201 4888        ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

16:44:02.0294 4888        ehRecvr - ok

16:44:02.0326 4888        ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

16:44:02.0388 4888        ehSched - ok

16:44:02.0450 4888        ElbyCDIO        (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys

16:44:02.0466 4888        ElbyCDIO - ok

16:44:02.0528 4888        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:44:02.0575 4888        elxstor - ok

16:44:02.0606 4888        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

16:44:02.0638 4888        ErrDev - ok

16:44:02.0700 4888        EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

16:44:02.0762 4888        EventSystem - ok

16:44:02.0903 4888        EvtEng          (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

16:44:02.0981 4888        EvtEng - ok

16:44:03.0059 4888        ewusbnet - ok

16:44:03.0106 4888        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:44:03.0184 4888        exfat - ok

16:44:03.0215 4888        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:44:03.0277 4888        fastfat - ok

16:44:03.0355 4888        Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

16:44:03.0418 4888        Fax - ok

16:44:03.0433 4888        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:44:03.0464 4888        fdc - ok

16:44:03.0480 4888        fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

16:44:03.0542 4888        fdPHost - ok

16:44:03.0589 4888        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

16:44:03.0652 4888        FDResPub - ok

16:44:03.0698 4888        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:44:03.0730 4888        FileInfo - ok

16:44:03.0730 4888        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:44:03.0792 4888        Filetrace - ok

16:44:03.0823 4888        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:44:03.0870 4888        flpydisk - ok

16:44:03.0917 4888        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

16:44:03.0948 4888        FltMgr - ok

16:44:04.0026 4888        FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

16:44:04.0120 4888        FontCache - ok

16:44:04.0182 4888        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:44:04.0198 4888        FontCache3.0.0.0 - ok

16:44:04.0244 4888        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:44:04.0260 4888        FsDepends - ok

16:44:04.0322 4888        fssfltr         (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys

16:44:04.0338 4888        fssfltr - ok

16:44:04.0494 4888        fsssvc          (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

16:44:04.0556 4888        fsssvc - ok

16:44:04.0666 4888        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

16:44:04.0681 4888        Fs_Rec - ok

16:44:04.0728 4888        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:44:04.0775 4888        fvevol - ok

16:44:04.0790 4888        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:44:04.0806 4888        gagp30kx - ok

16:44:04.0837 4888        GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:44:04.0853 4888        GEARAspiWDM - ok

16:44:04.0915 4888        gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

16:44:05.0024 4888        gpsvc - ok

16:44:05.0165 4888        gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:44:05.0180 4888        gupdate - ok

16:44:05.0212 4888        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:44:05.0212 4888        gupdatem - ok

16:44:05.0258 4888        gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

16:44:05.0274 4888        gusvc - ok

16:44:05.0321 4888        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:44:05.0383 4888        hcw85cir - ok

16:44:05.0430 4888        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

16:44:05.0477 4888        HdAudAddService - ok

16:44:05.0539 4888        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

16:44:05.0602 4888        HDAudBus - ok

16:44:05.0602 4888        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:44:05.0633 4888        HidBatt - ok

16:44:05.0664 4888        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:44:05.0726 4888        HidBth - ok

16:44:05.0742 4888        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:44:05.0773 4888        HidIr - ok

16:44:05.0804 4888        hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

16:44:05.0867 4888        hidserv - ok

16:44:05.0882 4888        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

16:44:05.0898 4888        HidUsb - ok

16:44:05.0929 4888        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

16:44:06.0038 4888        hkmsvc - ok

16:44:06.0085 4888        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

16:44:06.0116 4888        HomeGroupListener - ok

16:44:06.0163 4888        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

16:44:06.0226 4888        HomeGroupProvider - ok

16:44:06.0288 4888        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

16:44:06.0304 4888        HpSAMD - ok

16:44:06.0413 4888        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

16:44:06.0522 4888        HTTP - ok

16:44:06.0569 4888        hwdatacard - ok

16:44:06.0584 4888        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

16:44:06.0600 4888        hwpolicy - ok

16:44:06.0616 4888        hwusbdev - ok

16:44:06.0647 4888        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

16:44:06.0662 4888        i8042prt - ok

16:44:06.0772 4888        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

16:44:06.0787 4888        iaStor - ok

16:44:06.0881 4888        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

16:44:06.0881 4888        IAStorDataMgrSvc - ok

16:44:06.0943 4888        iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

16:44:06.0990 4888        iaStorV - ok

16:44:07.0115 4888        idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:44:07.0162 4888        idsvc - ok

16:44:07.0739 4888        igfx            (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys

16:44:08.0020 4888        igfx - ok

16:44:08.0129 4888        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:44:08.0144 4888        iirsp - ok

16:44:08.0254 4888        IJPLMSVC        (51516252dbbfed36f70b341dba263167) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

16:44:08.0285 4888        IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning

16:44:08.0285 4888        IJPLMSVC - detected UnsignedFile.Multi.Generic (1)

16:44:08.0363 4888        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

16:44:08.0472 4888        IKEEXT - ok

16:44:08.0519 4888        Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

16:44:08.0581 4888        Impcd - ok

16:44:08.0753 4888        IntcAzAudAddService (f61d360072b67f5667765a2534b672d6) C:\Windows\system32\drivers\RTKVHD64.sys

16:44:08.0800 4888        IntcAzAudAddService - ok

16:44:08.0924 4888        IntcDAud        (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys

16:44:08.0987 4888        IntcDAud - ok

16:44:09.0018 4888        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

16:44:09.0049 4888        intelide - ok

16:44:09.0080 4888        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:44:09.0127 4888        intelppm - ok

16:44:09.0158 4888        IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

16:44:09.0221 4888        IPBusEnum - ok

16:44:09.0268 4888        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:44:09.0330 4888        IpFilterDriver - ok

16:44:09.0408 4888        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

16:44:09.0470 4888        iphlpsvc - ok

16:44:09.0502 4888        IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

16:44:09.0533 4888        IPMIDRV - ok

16:44:09.0564 4888        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:44:09.0626 4888        IPNAT - ok

16:44:09.0767 4888        iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

16:44:09.0782 4888        iPod Service - ok

16:44:09.0798 4888        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:44:09.0907 4888        IRENUM - ok

16:44:09.0938 4888        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

16:44:09.0954 4888        isapnp - ok

16:44:10.0001 4888        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

16:44:10.0032 4888        iScsiPrt - ok

16:44:10.0094 4888        JMCR            (3926c8c55a2cd2c94888be39b4beb629) C:\Windows\system32\DRIVERS\jmcr.sys

16:44:10.0110 4888        JMCR - ok

16:44:10.0141 4888        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:44:10.0157 4888        kbdclass - ok

16:44:10.0172 4888        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

16:44:10.0204 4888        kbdhid - ok

16:44:10.0235 4888        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:44:10.0250 4888        KeyIso - ok

16:44:10.0250 4888        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

16:44:10.0266 4888        KSecDD - ok

16:44:10.0297 4888        KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

16:44:10.0313 4888        KSecPkg - ok

16:44:10.0344 4888        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:44:10.0406 4888        ksthunk - ok

16:44:10.0453 4888        KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

16:44:10.0547 4888        KtmRm - ok

16:44:10.0609 4888        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

16:44:10.0687 4888        LanmanServer - ok

16:44:10.0734 4888        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

16:44:10.0781 4888        LanmanWorkstation - ok

16:44:10.0890 4888        LBTServ         (4adc135f525d38a498f83b089228cc2d) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

16:44:10.0921 4888        LBTServ - ok

16:44:10.0968 4888        LHidFilt        (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys

16:44:10.0984 4888        LHidFilt - ok

16:44:11.0015 4888        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:44:11.0062 4888        lltdio - ok

16:44:11.0093 4888        lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

16:44:11.0186 4888        lltdsvc - ok

16:44:11.0218 4888        lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

16:44:11.0264 4888        lmhosts - ok

16:44:11.0280 4888        LMouFilt        (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys

16:44:11.0296 4888        LMouFilt - ok

16:44:11.0327 4888        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:44:11.0342 4888        LSI_FC - ok

16:44:11.0374 4888        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:44:11.0389 4888        LSI_SAS - ok

16:44:11.0389 4888        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:44:11.0405 4888        LSI_SAS2 - ok

16:44:11.0420 4888        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:44:11.0436 4888        LSI_SCSI - ok

16:44:11.0467 4888        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:44:11.0514 4888        luafv - ok

16:44:11.0561 4888        MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

16:44:11.0576 4888        MBAMProtector - ok

16:44:11.0701 4888        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

16:44:11.0732 4888        MBAMService - ok

16:44:11.0779 4888        Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

16:44:11.0826 4888        Mcx2Svc - ok

16:44:11.0842 4888        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:44:11.0857 4888        megasas - ok

16:44:11.0904 4888        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:44:11.0951 4888        MegaSR - ok

16:44:11.0966 4888        MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:44:12.0013 4888        MMCSS - ok

16:44:12.0029 4888        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:44:12.0060 4888        Modem - ok

16:44:12.0076 4888        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:44:12.0107 4888        monitor - ok

16:44:12.0154 4888        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:44:12.0185 4888        mouclass - ok

16:44:12.0216 4888        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:44:12.0232 4888        mouhid - ok

16:44:12.0263 4888        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

16:44:12.0278 4888        mountmgr - ok

16:44:12.0310 4888        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

16:44:12.0341 4888        mpio - ok

16:44:12.0356 4888        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:44:12.0403 4888        mpsdrv - ok

16:44:12.0481 4888        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

16:44:12.0575 4888        MpsSvc - ok

16:44:12.0622 4888        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

16:44:12.0668 4888        MRxDAV - ok

16:44:12.0700 4888        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:44:12.0762 4888        mrxsmb - ok

16:44:12.0793 4888        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:44:12.0840 4888        mrxsmb10 - ok

16:44:12.0887 4888        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:44:12.0902 4888        mrxsmb20 - ok

16:44:12.0934 4888        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

16:44:12.0934 4888        msahci - ok

16:44:12.0965 4888        msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

16:44:12.0996 4888        msdsm - ok

16:44:13.0012 4888        MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

16:44:13.0074 4888        MSDTC - ok

16:44:13.0105 4888        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:44:13.0152 4888        Msfs - ok

16:44:13.0168 4888        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:44:13.0214 4888        mshidkmdf - ok

16:44:13.0246 4888        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

16:44:13.0246 4888        msisadrv - ok

16:44:13.0292 4888        MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

16:44:13.0386 4888        MSiSCSI - ok

16:44:13.0386 4888        msiserver - ok

16:44:13.0417 4888        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:44:13.0480 4888        MSKSSRV - ok

16:44:13.0511 4888        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:44:13.0558 4888        MSPCLOCK - ok

16:44:13.0558 4888        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:44:13.0620 4888        MSPQM - ok

16:44:13.0667 4888        MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

16:44:13.0714 4888        MsRPC - ok

16:44:13.0729 4888        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

16:44:13.0745 4888        mssmbios - ok

16:44:13.0760 4888        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:44:13.0823 4888        MSTEE - ok

16:44:13.0854 4888        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:44:13.0854 4888        MTConfig - ok

16:44:13.0885 4888        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:44:13.0901 4888        Mup - ok

16:44:13.0994 4888        MyWiFiDHCPDNS   (a9bc2302fbdf52c8af4e2fc966288d21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

16:44:14.0026 4888        MyWiFiDHCPDNS - ok

16:44:14.0057 4888        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

16:44:14.0135 4888        napagent - ok

16:44:14.0197 4888        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:44:14.0260 4888        NativeWifiP - ok

16:44:14.0416 4888        NAUpdate        (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe

16:44:14.0447 4888        NAUpdate - ok

16:44:14.0540 4888        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

16:44:14.0587 4888        NDIS - ok

16:44:14.0603 4888        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:44:14.0634 4888        NdisCap - ok

16:44:14.0665 4888        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:44:14.0712 4888        NdisTapi - ok

16:44:14.0759 4888        Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

16:44:14.0837 4888        Ndisuio - ok

16:44:14.0884 4888        NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

16:44:14.0962 4888        NdisWan - ok

16:44:15.0008 4888        NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

16:44:15.0086 4888        NDProxy - ok

16:44:15.0118 4888        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:44:15.0196 4888        NetBIOS - ok

16:44:15.0242 4888        NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

16:44:15.0320 4888        NetBT - ok

16:44:15.0352 4888        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:44:15.0367 4888        Netlogon - ok

16:44:15.0430 4888        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

16:44:15.0523 4888        Netman - ok

16:44:15.0570 4888        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

16:44:15.0679 4888        netprofm - ok

16:44:15.0757 4888        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:44:15.0773 4888        NetTcpPortSharing - ok

16:44:16.0194 4888        NETw5s64        (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys

16:44:16.0412 4888        NETw5s64 - ok

16:44:16.0522 4888        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:44:16.0553 4888        nfrd960 - ok

16:44:16.0600 4888        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

16:44:16.0693 4888        NlaSvc - ok

16:44:16.0787 4888        nosGetPlusHelper (431ada51e9d032f533548688ce5a2a24) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll

16:44:16.0802 4888        nosGetPlusHelper - ok

16:44:16.0818 4888        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:44:16.0865 4888        Npfs - ok

16:44:16.0896 4888        nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

16:44:16.0943 4888        nsi - ok

16:44:16.0974 4888        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:44:17.0021 4888        nsiproxy - ok

16:44:17.0146 4888        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

16:44:17.0224 4888        Ntfs - ok

16:44:17.0302 4888        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:44:17.0364 4888        Null - ok

16:44:17.0395 4888        nusb3hub        (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys

16:44:17.0411 4888        nusb3hub - ok

16:44:17.0426 4888        nusb3xhc        (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys

16:44:17.0426 4888        nusb3xhc - ok

16:44:17.0473 4888        NVHDA           (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys

16:44:17.0504 4888        NVHDA - ok

16:44:18.0144 4888        nvlddmkm        (536d174cb5cd021906e6035f40993493) C:\Windows\system32\DRIVERS\nvlddmkm.sys

16:44:18.0440 4888        nvlddmkm - ok

16:44:18.0550 4888        nvpciflt        (1ca55b50dbf7559ecc4f0f036edc29ec) C:\Windows\system32\DRIVERS\nvpciflt.sys

16:44:18.0565 4888        nvpciflt - ok

16:44:18.0596 4888        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

16:44:18.0628 4888        nvraid - ok

16:44:18.0659 4888        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

16:44:18.0674 4888        nvstor - ok

16:44:18.0706 4888        nvsvc           (2c800281a92d5ab221b54df2d8b1a27d) C:\Windows\system32\nvvsvc.exe

16:44:18.0737 4888        nvsvc - ok

16:44:18.0784 4888        NvtlService     (2664f84dbb5904fef141b8d914a17c39) C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe

16:44:18.0815 4888        NvtlService ( UnsignedFile.Multi.Generic ) - warning

16:44:18.0815 4888        NvtlService - detected UnsignedFile.Multi.Generic (1)

16:44:18.0877 4888        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

16:44:18.0908 4888        nv_agp - ok

16:44:18.0940 4888        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

16:44:18.0971 4888        ohci1394 - ok

16:44:19.0002 4888        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:44:19.0080 4888        p2pimsvc - ok

16:44:19.0127 4888        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

16:44:19.0158 4888        p2psvc - ok

16:44:19.0189 4888        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:44:19.0205 4888        Parport - ok

16:44:19.0236 4888        partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

16:44:19.0252 4888        partmgr - ok

16:44:19.0267 4888        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

16:44:19.0330 4888        PcaSvc - ok

16:44:19.0361 4888        pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

16:44:19.0392 4888        pci - ok

16:44:19.0408 4888        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

16:44:19.0423 4888        pciide - ok

16:44:19.0439 4888        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:44:19.0470 4888        pcmcia - ok

16:44:19.0486 4888        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:44:19.0501 4888        pcw - ok

16:44:19.0548 4888        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:44:19.0657 4888        PEAUTH - ok

16:44:19.0751 4888        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

16:44:19.0798 4888        PerfHost - ok

16:44:19.0907 4888        pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

16:44:20.0000 4888        pla - ok

16:44:20.0047 4888        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

16:44:20.0094 4888        PlugPlay - ok

16:44:20.0125 4888        PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

16:44:20.0156 4888        PNRPAutoReg - ok

16:44:20.0188 4888        PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:44:20.0203 4888        PNRPsvc - ok

16:44:20.0250 4888        PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

16:44:20.0344 4888        PolicyAgent - ok

16:44:20.0375 4888        Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

16:44:20.0437 4888        Power - ok

16:44:20.0515 4888        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

16:44:20.0593 4888        PptpMiniport - ok

16:44:20.0624 4888        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:44:20.0671 4888        Processor - ok

16:44:20.0718 4888        ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

16:44:20.0796 4888        ProfSvc - ok

16:44:20.0827 4888        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:44:20.0843 4888        ProtectedStorage - ok

16:44:20.0890 4888        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

16:44:20.0952 4888        Psched - ok

16:44:20.0983 4888        qicflt          (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys

16:44:20.0983 4888        qicflt - ok

16:44:21.0077 4888        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:44:21.0139 4888        ql2300 - ok

16:44:21.0233 4888        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:44:21.0248 4888        ql40xx - ok

16:44:21.0295 4888        QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

16:44:21.0358 4888        QWAVE - ok

16:44:21.0389 4888        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:44:21.0420 4888        QWAVEdrv - ok

16:44:21.0436 4888        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:44:21.0498 4888        RasAcd - ok

16:44:21.0529 4888        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:44:21.0560 4888        RasAgileVpn - ok

16:44:21.0592 4888        RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

16:44:21.0654 4888        RasAuto - ok

16:44:21.0685 4888        Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:44:21.0763 4888        Rasl2tp - ok

16:44:21.0826 4888        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

16:44:21.0904 4888        RasMan - ok

16:44:21.0919 4888        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:44:21.0950 4888        RasPppoe - ok

16:44:21.0982 4888        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:44:22.0044 4888        RasSstp - ok

16:44:22.0075 4888        rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

16:44:22.0153 4888        rdbss - ok

16:44:22.0184 4888        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:44:22.0200 4888        rdpbus - ok

16:44:22.0216 4888        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:44:22.0294 4888        RDPCDD - ok

16:44:22.0325 4888        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:44:22.0403 4888        RDPENCDD - ok

16:44:22.0418 4888        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:44:22.0450 4888        RDPREFMP - ok

16:44:22.0481 4888        RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

16:44:22.0528 4888        RDPWD - ok

16:44:22.0559 4888        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

16:44:22.0590 4888        rdyboost - ok

16:44:22.0730 4888        RegSrvc         (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

16:44:22.0777 4888        RegSrvc - ok

16:44:22.0808 4888        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

16:44:22.0886 4888        RemoteAccess - ok

16:44:22.0902 4888        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

16:44:22.0980 4888        RemoteRegistry - ok

16:44:23.0042 4888        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

16:44:23.0105 4888        RFCOMM - ok

16:44:23.0120 4888        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

16:44:23.0183 4888        RpcEptMapper - ok

16:44:23.0183 4888        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

16:44:23.0198 4888        RpcLocator - ok

16:44:23.0261 4888        RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

16:44:23.0308 4888        RpcSs - ok

16:44:23.0339 4888        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:44:23.0401 4888        rspndr - ok

16:44:23.0448 4888        RTL8167         (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys

16:44:23.0479 4888        RTL8167 - ok

16:44:23.0510 4888        SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:44:23.0510 4888        SamSs - ok

16:44:23.0542 4888        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

16:44:23.0557 4888        sbp2port - ok

16:44:23.0588 4888        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

16:44:23.0651 4888        SCardSvr - ok

16:44:23.0682 4888        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

16:44:23.0744 4888        scfilter - ok

16:44:23.0838 4888        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

16:44:23.0916 4888        Schedule - ok

16:44:23.0947 4888        SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

16:44:23.0978 4888        SCPolicySvc - ok

16:44:24.0025 4888        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

16:44:24.0088 4888        SDRSVC - ok

16:44:24.0212 4888        SeaPort         (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

16:44:24.0244 4888        SeaPort - ok

16:44:24.0290 4888        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:44:24.0368 4888        secdrv - ok

16:44:24.0384 4888        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

16:44:24.0431 4888        seclogon - ok

16:44:24.0446 4888        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

16:44:24.0493 4888        SENS - ok

16:44:24.0509 4888        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

16:44:24.0540 4888        SensrSvc - ok

16:44:24.0556 4888        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:44:24.0571 4888        Serenum - ok

16:44:24.0587 4888        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:44:24.0618 4888        Serial - ok

16:44:24.0634 4888        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:44:24.0649 4888        sermouse - ok

16:44:24.0696 4888        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

16:44:24.0774 4888        SessionEnv - ok

16:44:24.0805 4888        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

16:44:24.0868 4888        sffdisk - ok

16:44:24.0883 4888        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

16:44:24.0914 4888        sffp_mmc - ok

16:44:24.0946 4888        sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

16:44:24.0992 4888        sffp_sd - ok

16:44:25.0008 4888        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:44:25.0024 4888        sfloppy - ok

16:44:25.0070 4888        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

16:44:25.0148 4888        SharedAccess - ok

16:44:25.0211 4888        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

16:44:25.0304 4888        ShellHWDetection - ok

16:44:25.0336 4888        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:44:25.0336 4888        SiSRaid2 - ok

16:44:25.0351 4888        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:44:25.0367 4888        SiSRaid4 - ok

16:44:25.0398 4888        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:44:25.0445 4888        Smb - ok

16:44:25.0476 4888        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

16:44:25.0507 4888        SNMPTRAP - ok

16:44:25.0523 4888        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:44:25.0538 4888        spldr - ok

16:44:25.0585 4888        Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

16:44:25.0648 4888        Spooler - ok

16:44:25.0850 4888        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

16:44:25.0976 4888        sppsvc - ok

16:44:26.0054 4888        sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

16:44:26.0132 4888        sppuinotify - ok

16:44:26.0210 4888        srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

16:44:26.0273 4888        srv - ok

16:44:26.0351 4888        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

16:44:26.0397 4888        srv2 - ok

16:44:26.0429 4888        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

16:44:26.0460 4888        srvnet - ok

16:44:26.0507 4888        SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

16:44:26.0600 4888        SSDPSRV - ok

16:44:26.0616 4888        SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

16:44:26.0663 4888        SstpSvc - ok

16:44:26.0678 4888        stdcfltn        (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys

16:44:26.0694 4888        stdcfltn - ok

16:44:26.0787 4888        Stereo Service  (66f60d8a26b665ec9d8d2f07addef22d) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

16:44:26.0819 4888        Stereo Service - ok

16:44:26.0850 4888        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:44:26.0850 4888        stexstor - ok

16:44:26.0897 4888        StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys

16:44:26.0928 4888        StillCam - ok

16:44:26.0990 4888        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

16:44:27.0053 4888        stisvc - ok

16:44:27.0068 4888        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

16:44:27.0084 4888        swenum - ok

16:44:27.0115 4888        swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

16:44:27.0209 4888        swprv - ok

16:44:27.0271 4888        SynTP           (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys

16:44:27.0287 4888        SynTP - ok

16:44:27.0411 4888        SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

16:44:27.0505 4888        SysMain - ok

16:44:27.0630 4888        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

16:44:27.0661 4888        TabletInputService - ok

16:44:27.0708 4888        TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

16:44:27.0801 4888        TapiSrv - ok

16:44:27.0833 4888        TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

16:44:27.0911 4888        TBS - ok

16:44:28.0067 4888        Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

16:44:28.0145 4888        Tcpip - ok

16:44:28.0347 4888        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

16:44:28.0379 4888        TCPIP6 - ok

16:44:28.0503 4888        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

16:44:28.0550 4888        tcpipreg - ok

16:44:28.0566 4888        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:44:28.0581 4888        TDPIPE - ok

16:44:28.0613 4888        TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

16:44:28.0659 4888        TDTCP - ok

16:44:28.0706 4888        tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

16:44:28.0784 4888        tdx - ok

16:44:28.0831 4888        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

16:44:28.0847 4888        TermDD - ok

16:44:28.0893 4888        TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

16:44:28.0971 4888        TermService - ok

16:44:28.0987 4888        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

16:44:29.0003 4888        Themes - ok

16:44:29.0018 4888        THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:44:29.0049 4888        THREADORDER - ok

16:44:29.0081 4888        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

16:44:29.0112 4888        TrkWks - ok

16:44:29.0159 4888        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

16:44:29.0237 4888        TrustedInstaller - ok

16:44:29.0268 4888        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:44:29.0299 4888        tssecsrv - ok

16:44:29.0346 4888        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

16:44:29.0377 4888        TsUsbFlt - ok

16:44:29.0439 4888        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

16:44:29.0517 4888        tunnel - ok

16:44:29.0564 4888        TurboB          (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

16:44:29.0580 4888        TurboB - ok

16:44:29.0627 4888        TurboBoost      (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

16:44:29.0642 4888        TurboBoost - ok

16:44:29.0658 4888        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:44:29.0673 4888        uagp35 - ok

16:44:29.0720 4888        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

16:44:29.0814 4888        udfs - ok

16:44:29.0845 4888        UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

16:44:29.0861 4888        UI0Detect - ok

16:44:29.0892 4888        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

16:44:29.0907 4888        uliagpkx - ok

16:44:29.0939 4888        umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

16:44:29.0954 4888        umbus - ok

16:44:29.0970 4888        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:44:30.0001 4888        UmPass - ok

16:44:30.0032 4888        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

16:44:30.0126 4888        upnphost - ok

16:44:30.0173 4888        USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

16:44:30.0235 4888        USBAAPL64 - ok

16:44:30.0266 4888        usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

16:44:30.0329 4888        usbccgp - ok

16:44:30.0375 4888        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

16:44:30.0407 4888        usbcir - ok

16:44:30.0438 4888        usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

16:44:30.0469 4888        usbehci - ok

16:44:30.0531 4888        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

16:44:30.0563 4888        usbhub - ok

16:44:30.0594 4888        usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

16:44:30.0625 4888        usbohci - ok

16:44:30.0672 4888        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:44:30.0703 4888        usbprint - ok

16:44:30.0750 4888        usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

16:44:30.0765 4888        usbscan - ok

16:44:30.0797 4888        USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:44:30.0859 4888        USBSTOR - ok

16:44:30.0890 4888        usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

16:44:30.0937 4888        usbuhci - ok

16:44:30.0984 4888        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

16:44:31.0031 4888        usbvideo - ok

16:44:31.0046 4888        UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

16:44:31.0109 4888        UxSms - ok

16:44:31.0140 4888        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:44:31.0171 4888        VaultSvc - ok

16:44:31.0202 4888        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

16:44:31.0218 4888        vdrvroot - ok

16:44:31.0280 4888        vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

16:44:31.0374 4888        vds - ok

16:44:31.0405 4888        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:44:31.0421 4888        vga - ok

16:44:31.0436 4888        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:44:31.0483 4888        VgaSave - ok

16:44:31.0514 4888        vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

16:44:31.0545 4888        vhdmp - ok

16:44:31.0577 4888        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

16:44:31.0608 4888        viaide - ok

16:44:31.0639 4888        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

16:44:31.0655 4888        volmgr - ok

16:44:31.0701 4888        volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

16:44:31.0733 4888        volmgrx - ok

16:44:31.0779 4888        volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

16:44:31.0811 4888        volsnap - ok

16:44:31.0842 4888        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:44:31.0873 4888        vsmraid - ok

16:44:31.0983 4888        VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

16:44:32.0092 4888        VSS - ok

16:44:32.0202 4888        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

16:44:32.0217 4888        vwifibus - ok

16:44:32.0233 4888        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

16:44:32.0248 4888        vwififlt - ok

16:44:32.0264 4888        vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

16:44:32.0295 4888        vwifimp - ok

16:44:32.0326 4888        W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

16:44:32.0389 4888        W32Time - ok

16:44:32.0404 4888        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:44:32.0436 4888        WacomPen - ok

16:44:32.0498 4888        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:44:32.0560 4888        WANARP - ok

16:44:32.0560 4888        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:44:32.0607 4888        Wanarpv6 - ok

16:44:32.0716 4888        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

16:44:32.0794 4888        wbengine - ok

16:44:32.0888 4888        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

16:44:32.0935 4888        WbioSrvc - ok

16:44:32.0997 4888        wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

16:44:33.0060 4888        wcncsvc - ok

16:44:33.0091 4888        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

16:44:33.0122 4888        WcsPlugInService - ok

16:44:33.0153 4888        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:44:33.0169 4888        Wd - ok

16:44:33.0216 4888        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:44:33.0278 4888        Wdf01000 - ok

16:44:33.0294 4888        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:44:33.0372 4888        WdiServiceHost - ok

16:44:33.0372 4888        WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:44:33.0403 4888        WdiSystemHost - ok

16:44:33.0434 4888        wdkmd           (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys

16:44:33.0434 4888        wdkmd - ok

16:44:33.0481 4888        WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

16:44:33.0543 4888        WebClient - ok

16:44:33.0574 4888        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

16:44:33.0637 4888        Wecsvc - ok

16:44:33.0652 4888        wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

16:44:33.0715 4888        wercplsupport - ok

16:44:33.0730 4888        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

16:44:33.0793 4888        WerSvc - ok

16:44:33.0840 4888        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:44:33.0871 4888        WfpLwf - ok

16:44:33.0918 4888        WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

16:44:33.0933 4888        WimFltr - ok

16:44:33.0964 4888        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:44:33.0980 4888        WIMMount - ok

16:44:34.0011 4888        WinDefend - ok

16:44:34.0011 4888        WinHttpAutoProxySvc - ok

16:44:34.0074 4888        Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

16:44:34.0136 4888        Winmgmt - ok

16:44:34.0261 4888        WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

16:44:34.0370 4888        WinRM - ok

16:44:34.0464 4888        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

16:44:34.0510 4888        WinUsb - ok

16:44:34.0588 4888        Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

16:44:34.0635 4888        Wlansvc - ok

16:44:34.0744 4888        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

16:44:34.0760 4888        wlcrasvc - ok

16:44:34.0932 4888        wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

16:44:34.0994 4888        wlidsvc - ok

16:44:35.0056 4888        WMCoreService - ok

16:44:35.0166 4888        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

16:44:35.0212 4888        WmiAcpi - ok

16:44:35.0275 4888        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

16:44:35.0322 4888        wmiApSrv - ok

16:44:35.0353 4888        WMPNetworkSvc - ok

16:44:35.0384 4888        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

16:44:35.0415 4888        WPCSvc - ok

16:44:35.0462 4888        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

16:44:35.0493 4888        WPDBusEnum - ok

16:44:35.0509 4888        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:44:35.0571 4888        ws2ifsl - ok

16:44:35.0602 4888        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

16:44:35.0649 4888        wscsvc - ok

16:44:35.0649 4888        WSearch - ok

16:44:35.0805 4888        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

16:44:35.0930 4888        wuauserv - ok

16:44:36.0039 4888        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

16:44:36.0102 4888        WudfPf - ok

16:44:36.0133 4888        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:44:36.0195 4888        WUDFRd - ok

16:44:36.0242 4888        wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

16:44:36.0289 4888        wudfsvc - ok

16:44:36.0320 4888        WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

16:44:36.0382 4888        WwanSvc - ok

16:44:36.0445 4888        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

16:44:36.0726 4888        \Device\Harddisk0\DR0 ( TDSS File System ) - warning

16:44:36.0726 4888        \Device\Harddisk0\DR0 - detected TDSS File System (1)

16:44:36.0741 4888        Boot (0x1200)   (c27b706087c4eea52deea50c6cd520ab) \Device\Harddisk0\DR0\Partition0

16:44:36.0741 4888        \Device\Harddisk0\DR0\Partition0 - ok

16:44:36.0772 4888        Boot (0x1200)   (08445ab26373f39b7227cc49dfb0e625) \Device\Harddisk0\DR0\Partition1

16:44:36.0772 4888        \Device\Harddisk0\DR0\Partition1 - ok

16:44:36.0772 4888        ============================================================

16:44:36.0772 4888        Scan finished

16:44:36.0772 4888        ============================================================

16:44:36.0788 1840        Detected object count: 3

16:44:36.0788 1840        Actual detected object count: 3

16:45:03.0059 1840        IJPLMSVC ( UnsignedFile.Multi.Generic ) - skipped by user

16:45:03.0059 1840        IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:45:03.0074 1840        NvtlService ( UnsignedFile.Multi.Generic ) - skipped by user

16:45:03.0074 1840        NvtlService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:45:03.0074 1840        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

16:45:03.0074 1840        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Zitat:

\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

Das TDSS File System bitte mit dem TDSS-Killer löschen lassen, starte Windows danach neu und mach ein neues Log mit diesem Tool. Poste es wieder mit CODE-Tags umschlossen.

Code:

 19:55:48.0742 5588        TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16

19:55:49.0522 5588        ============================================================

19:55:49.0522 5588        Current date / time: 2012/06/10 19:55:49.0522

19:55:49.0522 5588        SystemInfo:

19:55:49.0522 5588        

19:55:49.0522 5588        OS Version: 6.1.7601 ServicePack: 1.0

19:55:49.0522 5588        Product type: Workstation

19:55:49.0538 5588        ComputerName: XXX-PC

19:55:49.0538 5588        UserName: XXX

19:55:49.0538 5588        Windows directory: C:\Windows

19:55:49.0538 5588        System windows directory: C:\Windows

19:55:49.0538 5588        Running under WOW64

19:55:49.0538 5588        Processor architecture: Intel x64

19:55:49.0538 5588        Number of processors: 4

19:55:49.0538 5588        Page size: 0x1000

19:55:49.0538 5588        Boot type: Normal boot

19:55:49.0538 5588        ============================================================

19:55:51.0254 5588        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:55:51.0269 5588        ============================================================

19:55:51.0269 5588        \Device\Harddisk0\DR0:

19:55:51.0269 5588        MBR partitions:

19:55:51.0269 5588        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000

19:55:51.0269 5588        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625800

19:55:51.0269 5588        ============================================================

19:55:51.0285 5588        C: <-> \Device\Harddisk0\DR0\Partition1

19:55:51.0285 5588        ============================================================

19:55:51.0285 5588        Initialize success

19:55:51.0285 5588        ============================================================

19:56:00.0863 3532        ============================================================

19:56:00.0863 3532        Scan started

19:56:00.0863 3532        Mode: Manual; SigCheck; TDLFS; 

19:56:00.0863 3532        ============================================================

19:56:01.0441 3532        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

19:56:01.0565 3532        1394ohci - ok

19:56:01.0597 3532        Acceler         (7a505465bbb1eb8b5ad4d76e8749383b) C:\Windows\system32\DRIVERS\Accelern.sys

19:56:01.0643 3532        Acceler - ok

19:56:01.0675 3532        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

19:56:01.0706 3532        ACPI - ok

19:56:01.0737 3532        AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

19:56:01.0831 3532        AcpiPmi - ok

19:56:02.0018 3532        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:56:02.0033 3532        AdobeARMservice - ok

19:56:02.0158 3532        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

19:56:02.0189 3532        AdobeFlashPlayerUpdateSvc - ok

19:56:02.0236 3532        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

19:56:02.0283 3532        adp94xx - ok

19:56:02.0330 3532        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

19:56:02.0361 3532        adpahci - ok

19:56:02.0408 3532        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

19:56:02.0439 3532        adpu320 - ok

19:56:02.0470 3532        AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

19:56:02.0626 3532        AeLookupSvc - ok

19:56:02.0689 3532        AERTFilters     (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

19:56:02.0704 3532        AERTFilters - ok

19:56:02.0782 3532        AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

19:56:02.0876 3532        AFD - ok

19:56:02.0907 3532        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

19:56:02.0923 3532        agp440 - ok

19:56:02.0954 3532        ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

19:56:03.0032 3532        ALG - ok

19:56:03.0063 3532        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

19:56:03.0079 3532        aliide - ok

19:56:03.0094 3532        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

19:56:03.0110 3532        amdide - ok

19:56:03.0141 3532        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

19:56:03.0219 3532        AmdK8 - ok

19:56:03.0219 3532        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

19:56:03.0281 3532        AmdPPM - ok

19:56:03.0328 3532        amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

19:56:03.0344 3532        amdsata - ok

19:56:03.0391 3532        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

19:56:03.0422 3532        amdsbs - ok

19:56:03.0422 3532        amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

19:56:03.0437 3532        amdxata - ok

19:56:03.0515 3532        AnyDVD          (2c4a05fcef72ef614dcd11d0872498c9) C:\Windows\system32\Drivers\AnyDVD.sys

19:56:03.0531 3532        AnyDVD - ok

19:56:03.0578 3532        AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

19:56:03.0781 3532        AppID - ok

19:56:03.0812 3532        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

19:56:03.0890 3532        AppIDSvc - ok

19:56:03.0921 3532        Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

19:56:03.0999 3532        Appinfo - ok

19:56:04.0108 3532        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:56:04.0124 3532        Apple Mobile Device - ok

19:56:04.0155 3532        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

19:56:04.0171 3532        arc - ok

19:56:04.0202 3532        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

19:56:04.0202 3532        arcsas - ok

19:56:04.0233 3532        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

19:56:04.0311 3532        AsyncMac - ok

19:56:04.0358 3532        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

19:56:04.0373 3532        atapi - ok

19:56:04.0451 3532        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

19:56:04.0561 3532        AudioEndpointBuilder - ok

19:56:04.0561 3532        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

19:56:04.0607 3532        AudioSrv - ok

19:56:04.0919 3532        AVGIDSAgent     (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

19:56:05.0060 3532        AVGIDSAgent - ok

19:56:05.0200 3532        AVGIDSDriver    (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

19:56:05.0216 3532        AVGIDSDriver - ok

19:56:05.0247 3532        AVGIDSEH        (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

19:56:05.0263 3532        AVGIDSEH - ok

19:56:05.0278 3532        AVGIDSFilter    (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

19:56:05.0294 3532        AVGIDSFilter - ok

19:56:05.0341 3532        Avgldx64        (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

19:56:05.0356 3532        Avgldx64 - ok

19:56:05.0387 3532        Avgmfx64        (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

19:56:05.0403 3532        Avgmfx64 - ok

19:56:05.0434 3532        Avgrkx64        (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

19:56:05.0434 3532        Avgrkx64 - ok

19:56:05.0481 3532        Avgtdia         (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

19:56:05.0512 3532        Avgtdia - ok

19:56:05.0621 3532        avgwd           (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

19:56:05.0653 3532        avgwd - ok

19:56:05.0699 3532        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

19:56:05.0809 3532        AxInstSV - ok

19:56:05.0855 3532        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

19:56:05.0933 3532        b06bdrv - ok

19:56:05.0980 3532        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

19:56:06.0058 3532        b57nd60a - ok

19:56:06.0152 3532        BBSvc           (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

19:56:06.0199 3532        BBSvc - ok

19:56:06.0245 3532        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

19:56:06.0308 3532        BDESVC - ok

19:56:06.0323 3532        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

19:56:06.0401 3532        Beep - ok

19:56:06.0495 3532        BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

19:56:06.0573 3532        BFE - ok

19:56:06.0635 3532        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

19:56:06.0760 3532        BITS - ok

19:56:06.0807 3532        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

19:56:06.0854 3532        blbdrive - ok

19:56:06.0963 3532        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

19:56:06.0994 3532        Bonjour Service - ok

19:56:07.0057 3532        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

19:56:07.0088 3532        bowser - ok

19:56:07.0103 3532        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:56:07.0166 3532        BrFiltLo - ok

19:56:07.0197 3532        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:56:07.0213 3532        BrFiltUp - ok

19:56:07.0244 3532        Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

19:56:07.0322 3532        Browser - ok

19:56:07.0369 3532        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

19:56:07.0447 3532        Brserid - ok

19:56:07.0462 3532        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

19:56:07.0509 3532        BrSerWdm - ok

19:56:07.0509 3532        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:56:07.0556 3532        BrUsbMdm - ok

19:56:07.0556 3532        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

19:56:07.0571 3532        BrUsbSer - ok

19:56:07.0634 3532        BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

19:56:07.0712 3532        BthEnum - ok

19:56:07.0727 3532        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

19:56:07.0774 3532        BTHMODEM - ok

19:56:07.0821 3532        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

19:56:07.0868 3532        BthPan - ok

19:56:07.0946 3532        BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

19:56:08.0008 3532        BTHPORT - ok

19:56:08.0055 3532        bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

19:56:08.0102 3532        bthserv - ok

19:56:08.0117 3532        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

19:56:08.0164 3532        BTHUSB - ok

19:56:08.0211 3532        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

19:56:08.0289 3532        cdfs - ok

19:56:08.0336 3532        cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

19:56:08.0367 3532        cdrom - ok

19:56:08.0398 3532        CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

19:56:08.0476 3532        CertPropSvc - ok

19:56:08.0523 3532        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

19:56:08.0539 3532        circlass - ok

19:56:08.0585 3532        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

19:56:08.0617 3532        CLFS - ok

19:56:08.0695 3532        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:56:08.0710 3532        clr_optimization_v2.0.50727_32 - ok

19:56:08.0757 3532        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:56:08.0788 3532        clr_optimization_v2.0.50727_64 - ok

19:56:08.0866 3532        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:56:08.0929 3532        clr_optimization_v4.0.30319_32 - ok

19:56:08.0960 3532        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:56:08.0991 3532        clr_optimization_v4.0.30319_64 - ok

19:56:09.0007 3532        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

19:56:09.0053 3532        CmBatt - ok

19:56:09.0100 3532        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

19:56:09.0100 3532        cmdide - ok

19:56:09.0209 3532        CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

19:56:09.0241 3532        CNG - ok

19:56:09.0319 3532        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

19:56:09.0334 3532        Compbatt - ok

19:56:09.0397 3532        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

19:56:09.0459 3532        CompositeBus - ok

19:56:09.0475 3532        COMSysApp - ok

19:56:09.0506 3532        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

19:56:09.0537 3532        crcdisk - ok

19:56:09.0709 3532        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

19:56:09.0802 3532        CryptSvc - ok

19:56:10.0083 3532        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

19:56:10.0161 3532        DcomLaunch - ok

19:56:10.0239 3532        defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

19:56:10.0333 3532        defragsvc - ok

19:56:10.0379 3532        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

19:56:10.0473 3532        DfsC - ok

19:56:10.0535 3532        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

19:56:10.0613 3532        Dhcp - ok

19:56:10.0645 3532        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

19:56:10.0691 3532        discache - ok

19:56:10.0723 3532        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

19:56:10.0723 3532        Disk - ok

19:56:10.0769 3532        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

19:56:10.0832 3532        Dnscache - ok

19:56:10.0879 3532        dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

19:56:10.0957 3532        dot3svc - ok

19:56:11.0019 3532        DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

19:56:11.0081 3532        DPS - ok

19:56:11.0113 3532        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

19:56:11.0159 3532        drmkaud - ok

19:56:11.0253 3532        DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

19:56:11.0284 3532        DXGKrnl - ok

19:56:11.0315 3532        EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

19:56:11.0362 3532        EapHost - ok

19:56:11.0627 3532        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

19:56:11.0705 3532        ebdrv - ok

19:56:11.0815 3532        EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

19:56:11.0893 3532        EFS - ok

19:56:12.0501 3532        ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

19:56:12.0563 3532        ehRecvr - ok

19:56:12.0626 3532        ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

19:56:12.0719 3532        ehSched - ok

19:56:12.0875 3532        ElbyCDIO        (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys

19:56:12.0891 3532        ElbyCDIO - ok

19:56:13.0031 3532        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

19:56:13.0078 3532        elxstor - ok

19:56:13.0109 3532        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

19:56:13.0156 3532        ErrDev - ok

19:56:13.0297 3532        EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

19:56:13.0359 3532        EventSystem - ok

19:56:13.0655 3532        EvtEng          (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

19:56:13.0687 3532        EvtEng - ok

19:56:13.0999 3532        ewusbnet - ok

19:56:14.0045 3532        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

19:56:14.0092 3532        exfat - ok

19:56:14.0186 3532        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

19:56:14.0248 3532        fastfat - ok

19:56:14.0342 3532        Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

19:56:14.0389 3532        Fax - ok

19:56:14.0420 3532        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

19:56:14.0451 3532        fdc - ok

19:56:14.0482 3532        fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

19:56:14.0529 3532        fdPHost - ok

19:56:14.0607 3532        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

19:56:14.0669 3532        FDResPub - ok

19:56:14.0701 3532        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

19:56:14.0716 3532        FileInfo - ok

19:56:14.0732 3532        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

19:56:14.0794 3532        Filetrace - ok

19:56:14.0825 3532        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

19:56:14.0857 3532        flpydisk - ok

19:56:14.0903 3532        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

19:56:14.0935 3532        FltMgr - ok

19:56:14.0997 3532        FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

19:56:15.0075 3532        FontCache - ok

19:56:15.0153 3532        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:56:15.0153 3532        FontCache3.0.0.0 - ok

19:56:15.0200 3532        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

19:56:15.0215 3532        FsDepends - ok

19:56:15.0278 3532        fssfltr         (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys

19:56:15.0278 3532        fssfltr - ok

19:56:15.0559 3532        fsssvc          (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

19:56:15.0715 3532        fsssvc - ok

19:56:15.0917 3532        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

19:56:15.0933 3532        Fs_Rec - ok

19:56:16.0011 3532        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

19:56:16.0042 3532        fvevol - ok

19:56:16.0089 3532        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:56:16.0105 3532        gagp30kx - ok

19:56:16.0136 3532        GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:56:16.0151 3532        GEARAspiWDM - ok

19:56:16.0245 3532        gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

19:56:16.0339 3532        gpsvc - ok

19:56:16.0448 3532        gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:56:16.0479 3532        gupdate - ok

19:56:16.0495 3532        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:56:16.0510 3532        gupdatem - ok

19:56:16.0557 3532        gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

19:56:16.0588 3532        gusvc - ok

19:56:16.0619 3532        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

19:56:16.0682 3532        hcw85cir - ok

19:56:16.0729 3532        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

19:56:16.0791 3532        HdAudAddService - ok

19:56:16.0807 3532        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

19:56:16.0853 3532        HDAudBus - ok

19:56:16.0853 3532        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

19:56:16.0916 3532        HidBatt - ok

19:56:17.0025 3532        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

19:56:17.0072 3532        HidBth - ok

19:56:17.0119 3532        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

19:56:17.0165 3532        HidIr - ok

19:56:17.0197 3532        hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

19:56:17.0243 3532        hidserv - ok

19:56:17.0275 3532        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

19:56:17.0290 3532        HidUsb - ok

19:56:17.0337 3532        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

19:56:17.0431 3532        hkmsvc - ok

19:56:17.0727 3532        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

19:56:17.0789 3532        HomeGroupListener - ok

19:56:17.0821 3532        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

19:56:17.0883 3532        HomeGroupProvider - ok

19:56:17.0961 3532        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

19:56:17.0992 3532        HpSAMD - ok

19:56:18.0304 3532        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

19:56:18.0413 3532        HTTP - ok

19:56:18.0476 3532        hwdatacard - ok

19:56:18.0569 3532        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

19:56:18.0569 3532        hwpolicy - ok

19:56:18.0601 3532        hwusbdev - ok

19:56:18.0725 3532        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

19:56:18.0741 3532        i8042prt - ok

19:56:18.0788 3532        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

19:56:18.0819 3532        iaStor - ok

19:56:18.0881 3532        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

19:56:18.0897 3532        IAStorDataMgrSvc - ok

19:56:18.0944 3532        iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

19:56:18.0975 3532        iaStorV - ok

19:56:19.0318 3532        idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:56:19.0349 3532        idsvc - ok

19:56:20.0535 3532        igfx            (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys

19:56:20.0878 3532        igfx - ok

19:56:21.0081 3532        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

19:56:21.0112 3532        iirsp - ok

19:56:21.0237 3532        IJPLMSVC        (51516252dbbfed36f70b341dba263167) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

19:56:21.0268 3532        IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning

19:56:21.0268 3532        IJPLMSVC - detected UnsignedFile.Multi.Generic (1)

19:56:21.0409 3532        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

19:56:21.0518 3532        IKEEXT - ok

19:56:21.0580 3532        Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

19:56:21.0658 3532        Impcd - ok

19:56:21.0986 3532        IntcAzAudAddService (f61d360072b67f5667765a2534b672d6) C:\Windows\system32\drivers\RTKVHD64.sys

19:56:22.0033 3532        IntcAzAudAddService - ok

19:56:22.0235 3532        IntcDAud        (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys

19:56:22.0313 3532        IntcDAud - ok

19:56:22.0329 3532        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

19:56:22.0345 3532        intelide - ok

19:56:22.0376 3532        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

19:56:22.0423 3532        intelppm - ok

19:56:22.0469 3532        IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

19:56:22.0532 3532        IPBusEnum - ok

19:56:22.0563 3532        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:56:22.0625 3532        IpFilterDriver - ok

19:56:22.0719 3532        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

19:56:22.0797 3532        iphlpsvc - ok

19:56:22.0813 3532        IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

19:56:22.0828 3532        IPMIDRV - ok

19:56:22.0844 3532        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

19:56:22.0922 3532        IPNAT - ok

19:56:23.0047 3532        iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

19:56:23.0093 3532        iPod Service - ok

19:56:23.0125 3532        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

19:56:23.0203 3532        IRENUM - ok

19:56:23.0234 3532        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

19:56:23.0249 3532        isapnp - ok

19:56:23.0296 3532        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

19:56:23.0327 3532        iScsiPrt - ok

19:56:23.0374 3532        JMCR            (3926c8c55a2cd2c94888be39b4beb629) C:\Windows\system32\DRIVERS\jmcr.sys

19:56:23.0390 3532        JMCR - ok

19:56:23.0421 3532        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

19:56:23.0437 3532        kbdclass - ok

19:56:23.0468 3532        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

19:56:23.0483 3532        kbdhid - ok

19:56:23.0515 3532        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:56:23.0530 3532        KeyIso - ok

19:56:23.0546 3532        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

19:56:23.0561 3532        KSecDD - ok

19:56:23.0577 3532        KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

19:56:23.0608 3532        KSecPkg - ok

19:56:23.0624 3532        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

19:56:23.0686 3532        ksthunk - ok

19:56:23.0764 3532        KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

19:56:23.0873 3532        KtmRm - ok

19:56:23.0967 3532        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

19:56:24.0061 3532        LanmanServer - ok

19:56:24.0107 3532        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

19:56:24.0185 3532        LanmanWorkstation - ok

19:56:24.0295 3532        LBTServ         (4adc135f525d38a498f83b089228cc2d) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

19:56:24.0326 3532        LBTServ - ok

19:56:24.0357 3532        LHidFilt        (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys

19:56:24.0373 3532        LHidFilt - ok

19:56:24.0388 3532        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

19:56:24.0435 3532        lltdio - ok

19:56:24.0466 3532        lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

19:56:24.0560 3532        lltdsvc - ok

19:56:24.0607 3532        lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

19:56:24.0653 3532        lmhosts - ok

19:56:24.0669 3532        LMouFilt        (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys

19:56:24.0685 3532        LMouFilt - ok

19:56:24.0716 3532        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:56:24.0731 3532        LSI_FC - ok

19:56:24.0747 3532        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:56:24.0747 3532        LSI_SAS - ok

19:56:24.0763 3532        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:56:24.0778 3532        LSI_SAS2 - ok

19:56:24.0794 3532        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:56:24.0809 3532        LSI_SCSI - ok

19:56:24.0841 3532        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

19:56:24.0887 3532        luafv - ok

19:56:24.0934 3532        MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

19:56:24.0950 3532        MBAMProtector - ok

19:56:25.0075 3532        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

19:56:25.0121 3532        MBAMService - ok

19:56:25.0153 3532        Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

19:56:25.0199 3532        Mcx2Svc - ok

19:56:25.0215 3532        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

19:56:25.0231 3532        megasas - ok

19:56:25.0277 3532        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

19:56:25.0309 3532        MegaSR - ok

19:56:25.0340 3532        MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:56:25.0371 3532        MMCSS - ok

19:56:25.0387 3532        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

19:56:25.0418 3532        Modem - ok

19:56:25.0433 3532        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

19:56:25.0465 3532        monitor - ok

19:56:25.0511 3532        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

19:56:25.0527 3532        mouclass - ok

19:56:25.0558 3532        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

19:56:25.0574 3532        mouhid - ok

19:56:25.0605 3532        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

19:56:25.0621 3532        mountmgr - ok

19:56:25.0652 3532        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

19:56:25.0683 3532        mpio - ok

19:56:25.0699 3532        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

19:56:25.0745 3532        mpsdrv - ok

19:56:25.0886 3532        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

19:56:25.0948 3532        MpsSvc - ok

19:56:25.0995 3532        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

19:56:26.0042 3532        MRxDAV - ok

19:56:26.0135 3532        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:56:26.0198 3532        mrxsmb - ok

19:56:26.0385 3532        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:56:26.0447 3532        mrxsmb10 - ok

19:56:26.0588 3532        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:56:26.0619 3532        mrxsmb20 - ok

19:56:26.0666 3532        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

19:56:26.0666 3532        msahci - ok

19:56:26.0697 3532        msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

19:56:26.0728 3532        msdsm - ok

19:56:26.0744 3532        MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

19:56:26.0806 3532        MSDTC - ok

19:56:26.0837 3532        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

19:56:26.0900 3532        Msfs - ok

19:56:26.0915 3532        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

19:56:26.0993 3532        mshidkmdf - ok

19:56:27.0025 3532        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

19:56:27.0040 3532        msisadrv - ok

19:56:27.0071 3532        MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

19:56:27.0134 3532        MSiSCSI - ok

19:56:27.0134 3532        msiserver - ok

19:56:27.0165 3532        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

19:56:27.0227 3532        MSKSSRV - ok

19:56:27.0243 3532        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

19:56:27.0290 3532        MSPCLOCK - ok

19:56:27.0305 3532        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

19:56:27.0352 3532        MSPQM - ok

19:56:27.0415 3532        MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

19:56:27.0446 3532        MsRPC - ok

19:56:27.0477 3532        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

19:56:27.0477 3532        mssmbios - ok

19:56:27.0493 3532        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

19:56:27.0539 3532        MSTEE - ok

19:56:27.0602 3532        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

19:56:27.0617 3532        MTConfig - ok

19:56:27.0633 3532        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

19:56:27.0633 3532        Mup - ok

19:56:27.0727 3532        MyWiFiDHCPDNS   (a9bc2302fbdf52c8af4e2fc966288d21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

19:56:27.0758 3532        MyWiFiDHCPDNS - ok

19:56:27.0820 3532        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

19:56:27.0914 3532        napagent - ok

19:56:27.0961 3532        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

19:56:28.0023 3532        NativeWifiP - ok

19:56:28.0179 3532        NAUpdate        (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe

19:56:28.0210 3532        NAUpdate - ok

19:56:28.0273 3532        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

19:56:28.0335 3532        NDIS - ok

19:56:28.0351 3532        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

19:56:28.0382 3532        NdisCap - ok

19:56:28.0397 3532        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

19:56:28.0460 3532        NdisTapi - ok

19:56:28.0507 3532        Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

19:56:28.0569 3532        Ndisuio - ok

19:56:28.0616 3532        NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

19:56:28.0694 3532        NdisWan - ok

19:56:28.0741 3532        NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

19:56:28.0803 3532        NDProxy - ok

19:56:28.0819 3532        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

19:56:28.0865 3532        NetBIOS - ok

19:56:28.0912 3532        NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

19:56:28.0990 3532        NetBT - ok

19:56:29.0037 3532        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:56:29.0037 3532        Netlogon - ok

19:56:29.0099 3532        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

19:56:29.0193 3532        Netman - ok

19:56:29.0240 3532        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

19:56:29.0302 3532        netprofm - ok

19:56:29.0365 3532        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:56:29.0380 3532        NetTcpPortSharing - ok

19:56:29.0833 3532        NETw5s64        (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys

19:56:30.0082 3532        NETw5s64 - ok

19:56:30.0191 3532        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

19:56:30.0223 3532        nfrd960 - ok

19:56:30.0269 3532        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

19:56:30.0363 3532        NlaSvc - ok

19:56:30.0441 3532        nosGetPlusHelper (431ada51e9d032f533548688ce5a2a24) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll

19:56:30.0457 3532        nosGetPlusHelper - ok

19:56:30.0472 3532        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

19:56:30.0519 3532        Npfs - ok

19:56:30.0535 3532        nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

19:56:30.0597 3532        nsi - ok

19:56:30.0644 3532        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

19:56:30.0737 3532        nsiproxy - ok

19:56:30.0862 3532        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

19:56:30.0940 3532        Ntfs - ok

19:56:31.0018 3532        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

19:56:31.0065 3532        Null - ok

19:56:31.0112 3532        nusb3hub        (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys

19:56:31.0112 3532        nusb3hub - ok

19:56:31.0143 3532        nusb3xhc        (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys

19:56:31.0159 3532        nusb3xhc - ok

19:56:31.0190 3532        NVHDA           (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys

19:56:31.0221 3532        NVHDA - ok

19:56:31.0939 3532        nvlddmkm        (536d174cb5cd021906e6035f40993493) C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:56:32.0126 3532        nvlddmkm - ok

19:56:32.0204 3532        nvpciflt        (1ca55b50dbf7559ecc4f0f036edc29ec) C:\Windows\system32\DRIVERS\nvpciflt.sys

19:56:32.0204 3532        nvpciflt - ok

19:56:32.0251 3532        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

19:56:32.0266 3532        nvraid - ok

19:56:32.0297 3532        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

19:56:32.0329 3532        nvstor - ok

19:56:32.0360 3532        nvsvc           (2c800281a92d5ab221b54df2d8b1a27d) C:\Windows\system32\nvvsvc.exe

19:56:32.0391 3532        nvsvc - ok

19:56:32.0438 3532        NvtlService     (2664f84dbb5904fef141b8d914a17c39) C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe

19:56:32.0469 3532        NvtlService ( UnsignedFile.Multi.Generic ) - warning

19:56:32.0469 3532        NvtlService - detected UnsignedFile.Multi.Generic (1)

19:56:32.0516 3532        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

19:56:32.0531 3532        nv_agp - ok

19:56:32.0625 3532        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

19:56:32.0672 3532        ohci1394 - ok

19:56:32.0703 3532        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:56:32.0765 3532        p2pimsvc - ok

19:56:32.0812 3532        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

19:56:32.0843 3532        p2psvc - ok

19:56:32.0875 3532        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

19:56:32.0890 3532        Parport - ok

19:56:32.0921 3532        partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

19:56:32.0937 3532        partmgr - ok

19:56:32.0953 3532        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

19:56:32.0999 3532        PcaSvc - ok

19:56:33.0046 3532        pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

19:56:33.0077 3532        pci - ok

19:56:33.0109 3532        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

19:56:33.0109 3532        pciide - ok

19:56:33.0140 3532        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

19:56:33.0171 3532        pcmcia - ok

19:56:33.0187 3532        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

19:56:33.0202 3532        pcw - ok

19:56:33.0249 3532        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

19:56:33.0343 3532        PEAUTH - ok

19:56:33.0452 3532        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

19:56:33.0483 3532        PerfHost - ok

19:56:33.0608 3532        pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

19:56:33.0779 3532        pla - ok

19:56:33.0842 3532        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

19:56:33.0889 3532        PlugPlay - ok

19:56:33.0920 3532        PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

19:56:33.0951 3532        PNRPAutoReg - ok

19:56:33.0982 3532        PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:56:34.0013 3532        PNRPsvc - ok

19:56:34.0045 3532        PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

19:56:34.0138 3532        PolicyAgent - ok

19:56:34.0169 3532        Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

19:56:34.0247 3532        Power - ok

19:56:34.0325 3532        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

19:56:34.0388 3532        PptpMiniport - ok

19:56:34.0435 3532        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

19:56:34.0466 3532        Processor - ok

19:56:34.0544 3532        ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

19:56:34.0622 3532        ProfSvc - ok

19:56:34.0669 3532        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:56:34.0700 3532        ProtectedStorage - ok

19:56:34.0747 3532        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

19:56:34.0809 3532        Psched - ok

19:56:34.0840 3532        qicflt          (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys

19:56:34.0856 3532        qicflt - ok

19:56:34.0965 3532        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

19:56:35.0043 3532        ql2300 - ok

19:56:35.0152 3532        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

19:56:35.0183 3532        ql40xx - ok

19:56:35.0230 3532        QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

19:56:35.0293 3532        QWAVE - ok

19:56:35.0308 3532        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

19:56:35.0355 3532        QWAVEdrv - ok

19:56:35.0371 3532        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

19:56:35.0433 3532        RasAcd - ok

19:56:35.0464 3532        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:56:35.0495 3532        RasAgileVpn - ok

19:56:35.0511 3532        RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

19:56:35.0589 3532        RasAuto - ok

19:56:35.0651 3532        Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:56:35.0714 3532        Rasl2tp - ok

19:56:35.0792 3532        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

19:56:35.0870 3532        RasMan - ok

19:56:35.0885 3532        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

19:56:35.0963 3532        RasPppoe - ok

19:56:35.0995 3532        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

19:56:36.0057 3532        RasSstp - ok

19:56:36.0104 3532        rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

19:56:36.0182 3532        rdbss - ok

19:56:36.0213 3532        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

19:56:36.0244 3532        rdpbus - ok

19:56:36.0244 3532        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:56:36.0322 3532        RDPCDD - ok

19:56:36.0353 3532        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

19:56:36.0416 3532        RDPENCDD - ok

19:56:36.0447 3532        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

19:56:36.0478 3532        RDPREFMP - ok

19:56:36.0541 3532        RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

19:56:36.0587 3532        RDPWD - ok

19:56:36.0650 3532        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

19:56:36.0681 3532        rdyboost - ok

19:56:36.0806 3532        RegSrvc         (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

19:56:36.0931 3532        RegSrvc - ok

19:56:36.0977 3532        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

19:56:37.0055 3532        RemoteAccess - ok

19:56:37.0087 3532        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

19:56:37.0149 3532        RemoteRegistry - ok

19:56:37.0227 3532        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

19:56:37.0274 3532        RFCOMM - ok

19:56:37.0305 3532        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

19:56:37.0383 3532        RpcEptMapper - ok

19:56:37.0383 3532        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

19:56:37.0414 3532        RpcLocator - ok

19:56:37.0461 3532        RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

19:56:37.0508 3532        RpcSs - ok

19:56:37.0539 3532        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

19:56:37.0586 3532        rspndr - ok

19:56:37.0679 3532        RTL8167         (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys

19:56:37.0695 3532        RTL8167 - ok

19:56:37.0742 3532        SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:56:37.0757 3532        SamSs - ok

19:56:37.0773 3532        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

19:56:37.0789 3532        sbp2port - ok

19:56:37.0835 3532        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

19:56:37.0913 3532        SCardSvr - ok

19:56:37.0945 3532        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

19:56:38.0007 3532        scfilter - ok

19:56:38.0101 3532        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

19:56:38.0179 3532        Schedule - ok

19:56:38.0210 3532        SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

19:56:38.0241 3532        SCPolicySvc - ok

19:56:38.0288 3532        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

19:56:38.0350 3532        SDRSVC - ok

19:56:38.0475 3532        SeaPort         (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

19:56:38.0506 3532        SeaPort - ok

19:56:38.0553 3532        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

19:56:38.0615 3532        secdrv - ok

19:56:38.0662 3532        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

19:56:38.0725 3532        seclogon - ok

19:56:38.0756 3532        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

19:56:38.0834 3532        SENS - ok

19:56:38.0865 3532        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

19:56:38.0896 3532        SensrSvc - ok

19:56:38.0912 3532        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

19:56:38.0927 3532        Serenum - ok

19:56:38.0943 3532        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

19:56:38.0959 3532        Serial - ok

19:56:38.0990 3532        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

19:56:39.0021 3532        sermouse - ok

19:56:39.0083 3532        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

19:56:39.0146 3532        SessionEnv - ok

19:56:39.0177 3532        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

19:56:39.0224 3532        sffdisk - ok

19:56:39.0239 3532        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

19:56:39.0271 3532        sffp_mmc - ok

19:56:39.0302 3532        sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

19:56:39.0349 3532        sffp_sd - ok

19:56:39.0380 3532        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

19:56:39.0395 3532        sfloppy - ok

19:56:39.0442 3532        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

19:56:39.0536 3532        SharedAccess - ok

19:56:39.0583 3532        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

19:56:39.0676 3532        ShellHWDetection - ok

19:56:39.0723 3532        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:56:39.0739 3532        SiSRaid2 - ok

19:56:39.0754 3532        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

19:56:39.0770 3532        SiSRaid4 - ok

19:56:39.0801 3532        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

19:56:39.0848 3532        Smb - ok

19:56:39.0879 3532        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

19:56:39.0910 3532        SNMPTRAP - ok

19:56:39.0926 3532        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

19:56:39.0941 3532        spldr - ok

19:56:39.0988 3532        Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

19:56:40.0051 3532        Spooler - ok

19:56:40.0253 3532        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

19:56:40.0378 3532        sppsvc - ok

19:56:40.0472 3532        sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

19:56:40.0534 3532        sppuinotify - ok

19:56:40.0659 3532        srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

19:56:40.0737 3532        srv - ok

19:56:40.0799 3532        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

19:56:40.0831 3532        srv2 - ok

19:56:40.0862 3532        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

19:56:40.0893 3532        srvnet - ok

19:56:40.0940 3532        SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

19:56:41.0018 3532        SSDPSRV - ok

19:56:41.0033 3532        SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

19:56:41.0080 3532        SstpSvc - ok

19:56:41.0096 3532        stdcfltn        (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys

19:56:41.0189 3532        stdcfltn - ok

19:56:41.0283 3532        Stereo Service  (66f60d8a26b665ec9d8d2f07addef22d) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

19:56:41.0314 3532        Stereo Service - ok

19:56:41.0345 3532        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

19:56:41.0361 3532        stexstor - ok

19:56:41.0392 3532        StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys

19:56:41.0439 3532        StillCam - ok

19:56:41.0501 3532        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

19:56:41.0564 3532        stisvc - ok

19:56:41.0657 3532        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

19:56:41.0673 3532        swenum - ok

19:56:41.0720 3532        swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

19:56:41.0813 3532        swprv - ok

19:56:41.0860 3532        SynTP           (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys

19:56:41.0891 3532        SynTP - ok

19:56:42.0016 3532        SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

19:56:42.0125 3532        SysMain - ok

19:56:42.0250 3532        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

19:56:42.0281 3532        TabletInputService - ok

19:56:42.0328 3532        TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

19:56:42.0406 3532        TapiSrv - ok

19:56:42.0437 3532        TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

19:56:42.0484 3532        TBS - ok

19:56:42.0687 3532        Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

19:56:42.0827 3532        Tcpip - ok

19:56:43.0015 3532        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

19:56:43.0061 3532        TCPIP6 - ok

19:56:43.0155 3532        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

19:56:43.0217 3532        tcpipreg - ok

19:56:43.0249 3532        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

19:56:43.0264 3532        TDPIPE - ok

19:56:43.0295 3532        TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

19:56:43.0327 3532        TDTCP - ok

19:56:43.0373 3532        tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

19:56:43.0451 3532        tdx - ok

19:56:43.0483 3532        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

19:56:43.0498 3532        TermDD - ok

19:56:43.0561 3532        TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

19:56:43.0717 3532        TermService - ok

19:56:43.0732 3532        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

19:56:43.0748 3532        Themes - ok

19:56:43.0763 3532        THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:56:43.0795 3532        THREADORDER - ok

19:56:43.0826 3532        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

19:56:43.0873 3532        TrkWks - ok

19:56:43.0919 3532        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

19:56:43.0997 3532        TrustedInstaller - ok

19:56:44.0044 3532        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:56:44.0075 3532        tssecsrv - ok

19:56:44.0107 3532        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

19:56:44.0138 3532        TsUsbFlt - ok

19:56:44.0200 3532        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

19:56:44.0278 3532        tunnel - ok

19:56:44.0325 3532        TurboB          (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys

19:56:44.0341 3532        TurboB - ok

19:56:44.0403 3532        TurboBoost      (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

19:56:44.0419 3532        TurboBoost - ok

19:56:44.0450 3532        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

19:56:44.0465 3532        uagp35 - ok

19:56:44.0512 3532        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

19:56:44.0606 3532        udfs - ok

19:56:44.0637 3532        UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

19:56:44.0653 3532        UI0Detect - ok

19:56:44.0699 3532        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

19:56:44.0699 3532        uliagpkx - ok

19:56:44.0746 3532        umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

19:56:44.0777 3532        umbus - ok

19:56:44.0809 3532        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

19:56:44.0840 3532        UmPass - ok

19:56:44.0887 3532        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

19:56:44.0980 3532        upnphost - ok

19:56:45.0027 3532        USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

19:56:45.0074 3532        USBAAPL64 - ok

19:56:45.0121 3532        usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

19:56:45.0183 3532        usbccgp - ok

19:56:45.0230 3532        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

19:56:45.0245 3532        usbcir - ok

19:56:45.0292 3532        usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

19:56:45.0323 3532        usbehci - ok

19:56:45.0370 3532        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

19:56:45.0417 3532        usbhub - ok

19:56:45.0448 3532        usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

19:56:45.0479 3532        usbohci - ok

19:56:45.0526 3532        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

19:56:45.0573 3532        usbprint - ok

19:56:45.0651 3532        usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

19:56:45.0682 3532        usbscan - ok

19:56:45.0698 3532        USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:56:45.0760 3532        USBSTOR - ok

19:56:45.0807 3532        usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

19:56:45.0838 3532        usbuhci - ok

19:56:45.0885 3532        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

19:56:45.0916 3532        usbvideo - ok

19:56:45.0947 3532        UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

19:56:46.0025 3532        UxSms - ok

19:56:46.0057 3532        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:56:46.0072 3532        VaultSvc - ok

19:56:46.0103 3532        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

19:56:46.0119 3532        vdrvroot - ok

19:56:46.0166 3532        vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

19:56:46.0275 3532        vds - ok

19:56:46.0322 3532        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

19:56:46.0337 3532        vga - ok

19:56:46.0353 3532        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

19:56:46.0415 3532        VgaSave - ok

19:56:46.0462 3532        vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

19:56:46.0493 3532        vhdmp - ok

19:56:46.0525 3532        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

19:56:46.0556 3532        viaide - ok

19:56:46.0587 3532        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

19:56:46.0603 3532        volmgr - ok

19:56:46.0712 3532        volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

19:56:46.0759 3532        volmgrx - ok

19:56:46.0790 3532        volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

19:56:46.0821 3532        volsnap - ok

19:56:46.0852 3532        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

19:56:46.0883 3532        vsmraid - ok

19:56:47.0008 3532        VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

19:56:47.0133 3532        VSS - ok

19:56:47.0258 3532        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

19:56:47.0273 3532        vwifibus - ok

19:56:47.0320 3532        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

19:56:47.0351 3532        vwififlt - ok

19:56:47.0367 3532        vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

19:56:47.0383 3532        vwifimp - ok

19:56:47.0429 3532        W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

19:56:47.0492 3532        W32Time - ok

19:56:47.0507 3532        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

19:56:47.0539 3532        WacomPen - ok

19:56:47.0648 3532        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:56:47.0726 3532        WANARP - ok

19:56:47.0741 3532        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:56:47.0773 3532        Wanarpv6 - ok

19:56:47.0882 3532        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

19:56:47.0975 3532        wbengine - ok

19:56:48.0069 3532        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

19:56:48.0116 3532        WbioSrvc - ok

19:56:48.0163 3532        wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

19:56:48.0225 3532        wcncsvc - ok

19:56:48.0256 3532        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

19:56:48.0272 3532        WcsPlugInService - ok

19:56:48.0319 3532        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

19:56:48.0334 3532        Wd - ok

19:56:48.0381 3532        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

19:56:48.0428 3532        Wdf01000 - ok

19:56:48.0459 3532        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:56:48.0553 3532        WdiServiceHost - ok

19:56:48.0553 3532        WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:56:48.0584 3532        WdiSystemHost - ok

19:56:48.0662 3532        wdkmd           (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys

19:56:48.0677 3532        wdkmd - ok

19:56:48.0724 3532        WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

19:56:48.0787 3532        WebClient - ok

19:56:48.0818 3532        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

19:56:48.0896 3532        Wecsvc - ok

19:56:48.0911 3532        wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

19:56:48.0974 3532        wercplsupport - ok

19:56:48.0989 3532        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

19:56:49.0052 3532        WerSvc - ok

19:56:49.0099 3532        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

19:56:49.0145 3532        WfpLwf - ok

19:56:49.0192 3532        WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

19:56:49.0223 3532        WimFltr - ok

19:56:49.0239 3532        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

19:56:49.0255 3532        WIMMount - ok

19:56:49.0286 3532        WinDefend - ok

19:56:49.0286 3532        WinHttpAutoProxySvc - ok

19:56:49.0348 3532        Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

19:56:49.0411 3532        Winmgmt - ok

19:56:49.0567 3532        WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

19:56:49.0738 3532        WinRM - ok

19:56:49.0847 3532        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

19:56:49.0894 3532        WinUsb - ok

19:56:49.0972 3532        Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

19:56:50.0019 3532        Wlansvc - ok

19:56:50.0113 3532        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

19:56:50.0128 3532        wlcrasvc - ok

19:56:50.0300 3532        wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

19:56:50.0409 3532        wlidsvc - ok

19:56:50.0456 3532        WMCoreService - ok

19:56:50.0565 3532        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

19:56:50.0612 3532        WmiAcpi - ok

19:56:50.0674 3532        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

19:56:50.0737 3532        wmiApSrv - ok

19:56:50.0799 3532        WMPNetworkSvc - ok

19:56:50.0830 3532        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

19:56:50.0861 3532        WPCSvc - ok

19:56:50.0893 3532        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

19:56:50.0924 3532        WPDBusEnum - ok

19:56:50.0955 3532        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

19:56:51.0033 3532        ws2ifsl - ok

19:56:51.0049 3532        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

19:56:51.0095 3532        wscsvc - ok

19:56:51.0095 3532        WSearch - ok

19:56:51.0251 3532        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

19:56:51.0376 3532        wuauserv - ok

19:56:51.0485 3532        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

19:56:51.0532 3532        WudfPf - ok

19:56:51.0641 3532        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:56:51.0719 3532        WUDFRd - ok

19:56:51.0766 3532        wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

19:56:51.0813 3532        wudfsvc - ok

19:56:51.0844 3532        WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

19:56:51.0907 3532        WwanSvc - ok

19:56:51.0953 3532        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

19:56:52.0359 3532        \Device\Harddisk0\DR0 - ok

19:56:52.0375 3532        Boot (0x1200)   (c27b706087c4eea52deea50c6cd520ab) \Device\Harddisk0\DR0\Partition0

19:56:52.0375 3532        \Device\Harddisk0\DR0\Partition0 - ok

19:56:52.0406 3532        Boot (0x1200)   (08445ab26373f39b7227cc49dfb0e625) \Device\Harddisk0\DR0\Partition1

19:56:52.0406 3532        \Device\Harddisk0\DR0\Partition1 - ok

19:56:52.0406 3532        ============================================================

19:56:52.0406 3532        Scan finished

19:56:52.0406 3532        ============================================================

19:56:52.0421 3524        Detected object count: 2

19:56:52.0421 3524        Actual detected object count: 2

19:58:26.0811 3524        IJPLMSVC ( UnsignedFile.Multi.Generic ) - skipped by user

19:58:26.0811 3524        IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:58:26.0811 3524        NvtlService ( UnsignedFile.Multi.Generic ) - skipped by user

19:58:26.0811 3524        NvtlService ( UnsignedFile.Multi.Generic ) - User select action: Skip